dusunmekvepaylasmak.blogspot.com/search/label/telkari%20ustal%C4%B1%C4%9F%C4%B1%20nedir
142.250.74.161301 Moved Permanently 224 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/telkari%20ustal%C4%B1%C4%9F%C4%B1%20nedir
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c8b1e882a1073836f59a0d077b87a373
86bf49a9967959222dac5e55c8e597e6efa7032e
6581fe4bbdfbdaba8456d9a7aea808b8ffda354a95b5df44bf4fa9935ae3b105
Analyzer Verdict Alert fortinet Malware
GET /search/label/telkari%20ustal%C4%B1%C4%9F%C4%B1%20nedir HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/telkari%20ustal%C4%B1%C4%9F%C4%B1%20nedir
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 14 Jan 2023 07:47:06 GMT
Expires: Sat, 14 Jan 2023 07:47:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 224
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cab5b63e128895128726181aff42e42e
d39c36237554fcd41addec0664d7fe7f7d157c06
18e82a5b82eb8f2d8b49df824c336015f19367c5a05467ad139a56db59f88852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E82A5B82EB8F2D8B49DF824C336015F19367C5A05467AD139A56DB59F88852"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4028
Expires: Sat, 14 Jan 2023 08:54:15 GMT
Date: Sat, 14 Jan 2023 07:47:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8414
Expires: Sat, 14 Jan 2023 10:07:21 GMT
Date: Sat, 14 Jan 2023 07:47:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 06:48:53 GMT
content-type: application/json
age: 3494
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f4ecf4f26be1ba09e61135b1b488bf4
f16b8277e00033bc990a8bcce54b693cb3c87d62
3018c2a228f0a894d217e8e8b0b8dd060527f06879cd2f469bac6c8766acbbf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3018C2A228F0A894D217E8E8B0B8DD060527F06879CD2F469BAC6C8766ACBBF8"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10064
Expires: Sat, 14 Jan 2023 10:34:51 GMT
Date: Sat, 14 Jan 2023 07:47:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1rsTGlLCRQHQN3mh7v9CVBQGdvdYozX5GQNyBYcmGjVjmqW1PCLn7ShGk5uHUzHBCf1tz6KO8WQ=
x-amz-request-id: R57B7RQCGXRBKSTK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 06:54:50 GMT
age: 3137
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b23cfe41da645dfdc123983950c234ca
4df65541611724ca62e1aaf364b7ba1e32090aa4
f779873dbc8f5ce9ed3e446639a7681cf7e4365d3bd46224221179e4537f1103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:07 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 07:33:45 GMT
age: 802
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:07 GMT
Last-Modified: Sat, 14 Jan 2023 06:04:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b23cfe41da645dfdc123983950c234ca
4df65541611724ca62e1aaf364b7ba1e32090aa4
f779873dbc8f5ce9ed3e446639a7681cf7e4365d3bd46224221179e4537f1103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.214.64.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.64.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AspBKZrH0zk8qM7eLlq+cQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: elt/ZqLzxGpqP1Ezl5C9yTxeZ7c=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 11a427d6a9f0f4c65e8e31632ee86368
cad926070de0ecb0f4f5900ef272d438b2246aa7
141e465a903a0578da94b009f3813d07b8a881da45cf1bff606a8c34864d8541
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6430
Cache-Control: max-age=161344
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Etag: "63c2181e-117"
Expires: Mon, 16 Jan 2023 04:36:12 GMT
Last-Modified: Sat, 14 Jan 2023 02:49:02 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7f7bcd17310af1b14e2a3878da13a5b6
9d1e7f7ccdfd256ce2d8208ad4008e8342d0b2e4
b184f63c2f7666e38a8599bbb6fcf213573d8dcea5439dfa19f3958650017efa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5910
Cache-Control: max-age=104644
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Etag: "63c13caa-117"
Expires: Sun, 15 Jan 2023 12:51:12 GMT
Last-Modified: Fri, 13 Jan 2023 11:12:42 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6306915ffb64c0f3f258ae8eb513268
7ae9e34fc2144dbcf338d4d4a1ea9e7b343a5aba
0801e6502016f15ed26a3eccd5aac3bbe114c7cd14c9530d4524d3dcc9742a77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rollercoin.com/static/img/public_img/gen2/w160h600.gif
104.26.14.99200 OK 257 kB URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 104.26.14.99:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 257 kB (256868 bytes)
Hash 310de483225f5182ad7e10732d049749
47c20a51575f309719a5cc70fa770c29c3fea19b
5be1e183cfd4a31f6cf1973e887b6baaf9314e424c540f83497105535787b511
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:08 GMT
content-type: image/webp
content-length: 256868
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=323815
content-disposition: inline; filename="w160h600.webp"
etag: W/"4f0e7-18364eefb18"
last-modified: Thu, 22 Sep 2022 11:22:07 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: HIT
age: 8666653
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZNxDFMNsykbRNzm%2FbRk8cYj77DP1NqjfSwFOOgijZHGWYvyR7snz88MkfgMHLwPld6aTdPGe2aB0U%2Fg4ZvCW2gm9pbVh3p9rAsDEur1wiR5PuffIc%2BBiEqJyTP4hK8c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7894c307dd34b4f4-OSL
X-Firefox-Spdy: h2
4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
216.58.207.225200 OK 2.6 kB URL HTTP/2 4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 27fb438b2231a8fb9354d3a94e88d675
3a8767652d71f34a91c17e6bcfa51dd4efbe0a39
60d540d1619ec165029a7d4755b7a269ce4eededfe6a30f9c5b825773af5c064
GET /-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Sun, 15 Jan 2023 07:47:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kopek_memesi_Hidradenitis_s_pp_rativa.jpg";filename*=UTF-8''kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:08 GMT
server: fife
content-length: 2571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 21:00:26 GMT
expires: Thu, 11 Jan 2024 21:00:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 211602
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-19531429-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 57fffbfba69a9bbf5aa5f1212fc4a103
252ae16a4e68cd66a5fa4734b66d76c3509a2854
60ece3161aba41bc87b9e207956d3cb668f7aacb429f2cdfe52aab425c16d11c
GET /gtag/js?id=UA-19531429-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 07:47:08 GMT
expires: Sat, 14 Jan 2023 07:47:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 14 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9ed1720f5007a1b7f6e22d06d928eac0
3e531482edccb59b1913cac947e95dbf2b75c562
6cc500d2156f25b71f93b3ecca3e4f1e70c5c63d68eb535220dcec15596f1011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 09:30:49 GMT
expires: Sun, 07 Jan 2024 09:30:49 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 06 Jan 2023 16:51:46 GMT
content-type: text/css
age: 598579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-20442478-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash c1b48d01db4c5ac864c422a48a5697cb
55b3f43c3217fcd0bd0f475d5d2664fef71a1b0d
9121a227a516c37fa351c8136861e692efbfb8f03b7e4e048be87dcab7c0bf93
GET /gtag/js?id=UA-20442478-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 07:47:08 GMT
expires: Sat, 14 Jan 2023 07:47:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 14 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 11a427d6a9f0f4c65e8e31632ee86368
cad926070de0ecb0f4f5900ef272d438b2246aa7
141e465a903a0578da94b009f3813d07b8a881da45cf1bff606a8c34864d8541
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6430
Cache-Control: max-age=161344
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Etag: "63c2181e-117"
Expires: Mon, 16 Jan 2023 04:36:12 GMT
Last-Modified: Sat, 14 Jan 2023 02:49:02 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1429)
Hash 1cc36f699291ba29dab9ec0f885b281b
d536f8bda7d333c21eae8e3d816d690402adb90c
6b20ce0ec6b6c57b33e8118f8d5d3c501ede61b8589ebab71d411b81d0fae994
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20933
date: Sat, 14 Jan 2023 07:47:08 GMT
expires: Sat, 14 Jan 2023 07:47:08 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4fcbc207c89b8c6c"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg
216.58.207.225200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 101cb2f6a85980b317ea2eb8293f8a8e
65646d427fdfe4e2cfd0663a211b8b9d3b98cb5c
2599d588436b93dbad44b9c1f222caa13b2d7db9fb81b3123b10543cb8a34fc8
GET /-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20a3"
expires: Sun, 15 Jan 2023 07:47:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B_R GAR_P A_K H_KAYES_ NE_ET ERTA_&LEYLA ERTA_.jpg";filename*=UTF-8''B%C4%B0R%20GAR%C4%B0P%20A%C5%9EK%20H%C4%B0KAYES%C4%B0%20NE%C5%9EET%20ERTA%C5%9E%26LEYLA%20ERTA%C5%9E.jpg
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:08 GMT
server: fife
content-length: 2641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
216.58.207.225200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1866a1eda8caaedee6e9021f426d9d21
050f44f27fb2164dd65c28a937a89d9f7aa87fd4
6fbe535d995be032754b848a23901cd0eea3d102e279f3cb3a0c881fa52eb4e7
GET /-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20fb"
expires: Sun, 15 Jan 2023 07:47:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:08 GMT
server: fife
content-length: 2591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-hyhwKaSwiaA/Uc8SgKlZvBI/AAAAAAAAG-I/BZj9KOXzCgQ/w72-h72-p-k-no-nu/abidin_dino_cicekler-peyzaj_tuval_uzerineyagli_boya.png
216.58.207.225200 OK 13 kB URL HTTP/2 1.bp.blogspot.com/-hyhwKaSwiaA/Uc8SgKlZvBI/AAAAAAAAG-I/BZj9KOXzCgQ/w72-h72-p-k-no-nu/abidin_dino_cicekler-peyzaj_tuval_uzerineyagli_boya.png
IP 216.58.207.225:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 67156dd32ee9f43b2180f266136292cb
ad9e4f1f5fbfb6b420d004fc1938c71accd514a8
58b97967d5fa76a13ba1389ae961b36476b03bb9a879ac71c1518df8d7a83546
GET /-hyhwKaSwiaA/Uc8SgKlZvBI/AAAAAAAAG-I/BZj9KOXzCgQ/w72-h72-p-k-no-nu/abidin_dino_cicekler-peyzaj_tuval_uzerineyagli_boya.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="abidin_dino_cicekler-peyzaj_tuval_uzerineyagli_boya.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 12572
x-xss-protection: 0
date: Sat, 14 Jan 2023 07:47:08 GMT
expires: Fri, 13 Jan 2023 14:41:42 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fd"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
216.58.207.225200 OK 11 kB URL HTTP/2 1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
IP 216.58.207.225:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 279edb5b823b4f55f7c83479a93225e3
01356acda7ff0acedb0051e71745fee61d67f62c
3935368604f5e255ee391a2f871167446fce3ed81b1df1fc7474b8e9cd358f17
GET /-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v13776"
expires: Sun, 15 Jan 2023 07:47:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sa_l_kl__ya_am_sa_l_kl__beslenme.png";filename*=UTF-8''sa%C4%9Fl%C4%B1kl%C4%B1_ya%C5%9Fam_sa%C4%9Fl%C4%B1kl%C4%B1_beslenme.png
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:08 GMT
server: fife
content-length: 10679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dusunmekvepaylasmak.blogspot.com/search/label/telkari%20ustal%C4%B1%C4%9F%C4%B1%20nedir
142.250.74.161200 OK 121 kB URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/telkari%20ustal%C4%B1%C4%9F%C4%B1%20nedir
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526)
Size 121 kB (121013 bytes)
Hash 2cb67c329aacd475dea1d33acfc19f3d
4460e5a5df54436683806c86991a7b6bf4a85be7
43acd65ed8013804d43627995d4ff64069fc2323eff2aa5a87c04a972c0913b4
Analyzer Verdict Alert fortinet Malware
GET /search/label/telkari%20ustal%C4%B1%C4%9F%C4%B1%20nedir HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 14 Jan 2023 07:47:07 GMT
date: Sat, 14 Jan 2023 07:47:07 GMT
cache-control: private, max-age=0
last-modified: Wed, 11 Jan 2023 14:43:35 GMT
etag: W/"ee1f36bd9892526c8d03b1a6d5a8cb77db8a2e927358c53660b19e58cc7f8a11"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 121013
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
216.58.207.225200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 216.58.207.225:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6242
x-xss-protection: 0
date: Sat, 14 Jan 2023 07:47:08 GMT
expires: Fri, 13 Jan 2023 14:39:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7d8d"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
216.58.207.225200 OK 5.4 kB URL HTTP/2 3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9b4a4815a20ad6bb3a6dd27fb3600afa
22e844b7367d4fb4bc6ed871e32dd56c4ffd5acf
2dcebf6fe49227b8060f919ae690f566bf41570629399ad29e4cf9cc1827bdaa
GET /-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v9158"
expires: Sun, 15 Jan 2023 07:47:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dort_buyuk_melek.JPG"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:08 GMT
server: fife
content-length: 5409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6306915ffb64c0f3f258ae8eb513268
7ae9e34fc2144dbcf338d4d4a1ea9e7b343a5aba
0801e6502016f15ed26a3eccd5aac3bbe114c7cd14c9530d4524d3dcc9742a77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
216.58.207.225200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4484
x-xss-protection: 0
date: Sat, 14 Jan 2023 07:47:08 GMT
expires: Fri, 13 Jan 2023 14:39:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7fdb"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 32 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:0
File type ASCII text, with very long lines (580)
Hash 54b41376d0746f8b4485b8462182fd11
0d2b15f5b5b60378bdd1d3510ce9e38fd5d18b46
00d7746476cc3bf62c9a618af38278568205d4a2a3f178bf6694bce8ea34eb37
GET /_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 31456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 10:58:40 GMT
expires: Mon, 08 Jan 2024 10:58:40 GMT
cache-control: public, max-age=31536000
age: 506908
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
216.58.207.225200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 198baf3f7d853bc634b438561c189896
63640490c23c9d452cb566e3c8d9cb29cb9bef37
5edbbfadba784c3a27259984b189817862e146c0c550b6854bd6175be846aa41
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Sun, 15 Jan 2023 07:47:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:08 GMT
server: fife
content-length: 4527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (4885)
Hash be60003e35984c1b1915d4b6583e99f5
b648acb3ff79643a2d0140e030e6d0076fd8b2c9
8ab8fe9f81cb4cfd52b2845d7797685c02b65309062b810454c2f4d4b3670ea0
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 14 Jan 2023 07:47:08 GMT
expires: Sat, 14 Jan 2023 07:47:08 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14058944747396562782
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=438f48cb-871b-4465-8217-eece2ede3b4b
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=438f48cb-871b-4465-8217-eece2ede3b4b
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=438f48cb-871b-4465-8217-eece2ede3b4b HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jan 2023 07:47:08 GMT
last-modified: Sat, 14 Jan 2023 07:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:13 GMT
expires: Sat, 13 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 65635
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 13:33:11 GMT
expires: Sat, 13 Jan 2024 13:33:11 GMT
cache-control: public, max-age=31536000
age: 65637
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 11:05:58 GMT
expires: Mon, 08 Jan 2024 11:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
age: 506470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:45:44 GMT
expires: Thu, 11 Jan 2024 19:45:44 GMT
cache-control: public, max-age=31536000
age: 216084
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 14:34:21 GMT
expires: Fri, 12 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
age: 148367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
2.18.172.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 2.18.172.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116421 bytes)
Hash 50b2be22436f28eeb626c063bd506eba
d4dafc6f2a3d10ac086ea07d19519df93fba8a8a
ddd6e4f7cbc0726429726c7a908ed33c3f94bb0cff47f87d3dcf71e37ea7ad4b
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116421
date: Sat, 14 Jan 2023 07:47:08 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
216.58.207.227200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 15:43:39 GMT
expires: Wed, 10 Jan 2024 15:43:39 GMT
cache-control: public, max-age=31536000
age: 317009
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
142.250.74.66200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with very long lines (5919)
Size 120 kB (119980 bytes)
Hash 3d100f24dd9df5922a1bd118bee9aa0f
b4290cf22bc9bccae5c000f0688182534660b226
9c949ec3cdc941f40ef1634ad85be3d1433f830b954211eed140fe483262b463
GET /pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 14 Jan 2023 07:47:08 GMT
expires: Sat, 14 Jan 2023 07:47:08 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6083132040068949921
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230111/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 14 Jan 2023 00:39:37 GMT
expires: Sat, 28 Jan 2023 00:39:37 GMT
cache-control: public, max-age=1209600
age: 25651
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 14 Jan 2023 06:21:54 GMT
expires: Sat, 14 Jan 2023 08:21:54 GMT
cache-control: public, max-age=7200
age: 5114
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 12238ac88c3ac2456b559dadf3740bfd
2cb4c5acc658c935c968cf7a0cdd03be720fa428
43a2d518757191a74093b15f16d34e4990079a99612ae1ae690473248c88e951
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 43 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
Hash 26985db2462130a697bd83de2ff7ec44
2b7524c9f628801667dca88197cf9a83589b07fa
88d1c31a86e83ea119678dcbae686d6de752c251fd0409bca1e900b351458020
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 16:40:43 GMT
expires: Fri, 12 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 140785
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 21:48:03 GMT
expires: Fri, 12 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 122345
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&go=true
216.58.211.13302 Found 462 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&go=true
IP 216.58.211.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash dd4055e709a5c6b9e211f0549a9a9225
433d7cdbbe8a7e25ed71f4bfdae24a089b1aff32
5f5e5eb5d29f01c557c077df50c797ce05d5c044dd9019b0290d0973d31731b3
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jan 2023 07:47:08 GMT
location: https://www.blogger.com/followers.g?blogID=5726965044016880204&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce--iZEgF5I4NjrNks8xaYJEg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 462
server: GSE
set-cookie: __Host-GAPS=1:da4TkvyVkxdn0vQUB3K7tnOiz_n8_w:nWicGE_UGT1UWIHi;Path=/;Expires=Mon, 13-Jan-2025 07:47:08 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 07:47:09 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 33ca6e594da844a289cd706383bd1b2e
203c8f2f846c1d9332d608f10e4e63f66e16ca35
c156fbccfcecc5d26479232fd23612a913b6c30ba67f608a9a758e6bced6d65e
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:47:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 18 Jan 2023 05:51:02 GMT
ETag: "203c8f2f846c1d9332d608f10e4e63f66e16ca35"
Last-Modified: Sat, 14 Jan 2023 05:51:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7894c30bd86bb4e8-OSL
partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1
216.58.207.226200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 75644e386e4741f2aa66d2a9f1566df4
7005c596263cefd60ec39ed09016be2b78ed6417
f3cce3caa1d85e3a7692fb056ed0bbc7224c8b36b6a96bf9424393650b63cc04
GET /gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 07:47:09 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 07:47:09 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 1
Date: Sat, 14 Jan 2023 07:47:09 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash aa60c680c7a1735cdaea7e7b08e7fa92
fdf5e35c5ccb7f1c8bc43bcbe9fa5d3a9284c613
d0f0833a46c376208ad78cafb1077c56f0c5465386b676fc075b77b13e9aa31f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f96f3b88eebd362c0208a60d27e28068
f244f8dfbc2677fbddcf0024ff7cf343e24205bb
9b3586a498232da2b246b2bd158d7fd75eb9b4ac00ed750bbe670f1b54fe0f2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 07:47:09 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&gjid=409306232&_gid=516505792.1673682413&_u=YEBAAUACQAAAACAAI~&z=1110230147
74.125.131.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&gjid=409306232&_gid=516505792.1673682413&_u=YEBAAUACQAAAACAAI~&z=1110230147
IP 74.125.131.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&gjid=409306232&_gid=516505792.1673682413&_u=YEBAAUACQAAAACAAI~&z=1110230147 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 14 Jan 2023 07:47:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 33ca6e594da844a289cd706383bd1b2e
203c8f2f846c1d9332d608f10e4e63f66e16ca35
c156fbccfcecc5d26479232fd23612a913b6c30ba67f608a9a758e6bced6d65e
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:47:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 18 Jan 2023 05:51:02 GMT
ETag: "203c8f2f846c1d9332d608f10e4e63f66e16ca35"
Last-Modified: Sat, 14 Jan 2023 05:51:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7894c30a3cb6b50c-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3035
Expires: Sat, 14 Jan 2023 08:37:44 GMT
Date: Sat, 14 Jan 2023 07:47:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3035
Expires: Sat, 14 Jan 2023 08:37:44 GMT
Date: Sat, 14 Jan 2023 07:47:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3035
Expires: Sat, 14 Jan 2023 08:37:44 GMT
Date: Sat, 14 Jan 2023 07:47:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 14:03:21 GMT
age: 63828
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3c35722c1c8a0b7a17b5a48a352aa64
4a939794eb33d9fb1b2cc56ca92f683a7d28e407
073d355bfc201c7feb4af2d1fac623fe7803f081c28467fa72b363074b0446a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2ecf6b3-8443-4b47-96b6-2695fa885f0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7437
x-amzn-requestid: 0efc1457-5919-4244-9837-6e75d03ef1d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAd0F0poAMF6PA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7abe-24df70ad7e1811a744a7c9de;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GHOHtSwiU15cNal3kPt8BOKwjvozSDeXZ2zxhuGQcBjN6FYXAdjMDw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 03:59:23 GMT
age: 13666
etag: "4a939794eb33d9fb1b2cc56ca92f683a7d28e407"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:36:45 GMT
age: 36624
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4885191c-7ccc-4801-bef2-6d6bbb61cdb1.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4885191c-7ccc-4801-bef2-6d6bbb61cdb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9c918c3f0569cbf09fdcd8998e2fc00
ad06e348d49e8ae0550d922b50bc2a1d4905457a
8f96e49cf0dbbad59d260d0f991d79eb72ea25dcc0caa5ba4480056bd918d07d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4885191c-7ccc-4801-bef2-6d6bbb61cdb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5371
x-amzn-requestid: fcbafc8b-5b89-49e6-8ebd-157cb3b24a55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qnERXoAMFsZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce43-3eb3b4d84dbf415a3dec1308;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AbaES_6874zaabJY_z0_FOZfJx86Zsv-osNxWqzef8DDNyelo0HRtQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 35888
etag: "ad06e348d49e8ae0550d922b50bc2a1d4905457a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
4.bp.blogspot.com/-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg
216.58.207.225200 OK 5.9 kB URL HTTP/2 4.bp.blogspot.com/-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb8fb3720ec05dd59482cb49e4bffd5c
99b1ea4060e5332b23fdfdc679f61be5af1a7bf7
c44e3c07c1fb842a741c22862afa738e3fbdda05947e9de59267791357f9f09a
GET /-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v8059"
expires: Sun, 15 Jan 2023 07:47:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1930-otto-pilny-esir_k_le-pazari-tablo.jpg";filename*=UTF-8''1930-otto-pilny-esir_k%C3%B6le-pazari-tablo.jpg
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:08 GMT
server: fife
content-length: 2468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64ba27a2f0a3bc61bd325f1fb317b755
c65c58476b66cbb6269ba1d8412d270a0a003ae3
5f7f03752f8a7c8c08d92512ae93b193ea37f59354503c3129d33fd2910f87e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RnAGo4OuBl5UjyOlUOJqu2nlFLHTOe0ETxokWtbI4frbpkNVnIBSew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:41:40 GMT
age: 21929
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 1
Date: Sat, 14 Jan 2023 07:47:09 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69c011429c0b1f8a0c091474b207c240
fe2c5e1854a65d8a2b669fc54aa0c827f07e428b
409f967eeebf5472cb0d2a917b9285e52b21950f672c6c37a19285d3375edc7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&_u=YEBAAUACQAAAACAAI~&z=126039993
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&_u=YEBAAUACQAAAACAAI~&z=126039993
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&_u=YEBAAUACQAAAACAAI~&z=126039993 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 07:47:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ada63762075e5651538a7488c1892793
d443662e6a558c67937b5582c7a53606477d9f57
6d66c972497029fe99022d6ff9b567e67b6b4d4dce33951a34ba7bcd2f79efdf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ada63762075e5651538a7488c1892793
d443662e6a558c67937b5582c7a53606477d9f57
6d66c972497029fe99022d6ff9b567e67b6b4d4dce33951a34ba7bcd2f79efdf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&_u=YEBAAUACQAAAACAAI~&z=126039993
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&_u=YEBAAUACQAAAACAAI~&z=126039993
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1850502407.1673682413&jid=1182564318&_u=YEBAAUACQAAAACAAI~&z=126039993 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 07:47:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js
216.58.211.1200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20230111/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Fri, 13 Jan 2023 18:59:22 GMT
expires: Fri, 27 Jan 2023 18:59:22 GMT
cache-control: public, max-age=1209600
age: 46067
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1506)
Hash 5b7f8f3b88683f1be8c3cd38c6eac34c
40ac969c50aa9e810c739114f36da64b9c0032c6
b058db00e166a46363182af58e3b632f131aa773e6721f14808c400ead7943a8
GET /pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7538
x-xss-protection: 0
date: Fri, 13 Jan 2023 18:59:22 GMT
expires: Fri, 27 Jan 2023 18:59:22 GMT
cache-control: public, max-age=1209600
age: 46067
etag: 18140588555649875417
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 64f463c11abb2123a5dbb1f3b674df03
d15de22880546d26ddc88f59fd2f466e9548bfcb
4a2bcbeae18f90553e8b1c732948e424834b5516574bcfe69eb7fcc291c657b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:09 GMT
Last-Modified: Sat, 14 Jan 2023 06:30:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=o5m4brsnjsyrnnbdz4g0lggu; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Sun, 15-Jan-2023 08:47:10 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Sat, 14 Jan 2023 07:47:10 GMT
Content-Length: 318
z.moatads.com/addthismoatframe568911941483/moatframe.js
2.18.173.140200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=12198
date: Sat, 14 Jan 2023 07:47:10 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 6f3ef0d3925d3a053fbece84d9ac2222
7fd2b73c85d668e91a9ac2a9097f4f1856982b4b
4702ba061c9ccb63798b880f721a469141c683bc36c65d5976bcb1dae6fe2f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5377
Cache-Control: max-age=114562
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:10 GMT
Etag: "63c1657f-139"
Expires: Sun, 15 Jan 2023 15:36:32 GMT
Last-Modified: Fri, 13 Jan 2023 14:06:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEP1dwmPdlv1eB8gZ5URbewASAAA&wp=Y8Jd_QADnQ4KsogRAAdiDRn1P0FnuBq0Y4wcrw
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEP1dwmPdlv1eB8gZ5URbewASAAA&wp=Y8Jd_QADnQ4KsogRAAdiDRn1P0FnuBq0Y4wcrw
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEP1dwmPdlv1eB8gZ5URbewASAAA&wp=Y8Jd_QADnQ4KsogRAAdiDRn1P0FnuBq0Y4wcrw HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 279324
date: Sat, 14 Jan 2023 07:47:09 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: IDE=AHWqTUkab2Q3n7DmcnWtyzr9lD04x9_qm0V_UgAeHyFpeXH12RbTCHADmnCQU0qEi48
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 07:32:36 GMT
expires: Sat, 14 Jan 2023 07:47:36 GMT
cache-control: public, max-age=900
age: 874
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 17f4678db91ea36b5a32886b160defc1
74937bfa38c2e32382d0f040f0388a4f992109f9
9ff9e3678fab5720cd41767a0828a110f383d0e834910e5e66d82aae3ffd0d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5451
Cache-Control: max-age=131183
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Etag: "63c1a623-138"
Expires: Sun, 15 Jan 2023 20:13:34 GMT
Last-Modified: Fri, 13 Jan 2023 18:42:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
ads.eu.criteo.com/delivery/r/afr.php?z=Y8Jd_QADnQ4KsogRAAdiDRn1P0FnuBq0Y4wcrw&u=%7C1zhPwMH0JY7ly6cgX1YM2g7rrw4QXRjjWWMI09b9UpQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtU1-jfNoUW9jnouvbxGoeIZ_Ja6ggFWhv_k_sMMBuzQdgmbb_P9LkEkkz1LgAIsAtMJ2SnB--v4FIORSmE1QXSDQPADetCHUVqfr1QEnpzPsetY4ZGFaAiRuq7VzVou930OqQSrbhj28brLJBZD8NQYopA8b9mMClZENmvah5yZrz0jZiVWcx_LmoJNweirA_NjAYe5FOT1GZf-M3uLIwCcev-wz6qYwPSFpl1rCHTI9-nyBr69d3xc6tF6dzygUJftj2kqnmSsfmZQyQerjxtEfSdMDQrTGEIccJ01VAyqbXARyuQiLFckbQ4hvXtnPdGNn9OwzmWR2M63fxy8pxsEhTYqo08QCjbx83HkjbYC6TkOeMv5mD68W6OhVilJOfNLjsX1mWAIp1o3nSwa2JBEVHa1ri0HtrbNT7dvT8ODo6_Sxc9fnpJpmhCKIn6GOFcOvJRyl_KVUxYZ1fT4C-OTUKYTMU7JaywwEHEETah-TaPuek80XFCu7MxsIKYvywA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDmnX_V3CY466DpGQygWNxJ2ADsme0rFcpfyT93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCe9GgUoErsj6oAwGqBKACT9AAEEhfgUHyDRv6KuEjGaPtndwwjG8xhIPUpoOdveOroqypQ_hhf_ECcxBtvL0yNINFz2zw-KRQJ9sur9eBfmg66h_zOtf4SRVpy_imsoV8pF1FUETdiZhnoU7ArpEMzpxAMMUYVVjopPMocvopodRcULqNOiNkUt-uJeDo3gGN4C_LPehN-0-rFy10i1Q3ydkuSjcn5m3lgMT8lZAd2RmFbzH-DupJ4aDrPvpPXLYJEOuFFRKYEK3aUl75LRqrLy9Ei0qc-aIKSq3tmhJyUYQ6gkb7Rv1hSlDMPPIDe4kZ6NmykNRSVC5qV8tB5h6UWvhAjUxggLON8Np9_Px-jl3qkhcL1HmKKL9GXcnpe5roMvE8LwZz7UQYfvGcItNcgAb67-Ltk6-18FGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1p6NL9CaJglim9gozP_KNktcHHfQ%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.2.65200 OK 46 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y8Jd_QADnQ4KsogRAAdiDRn1P0FnuBq0Y4wcrw&u=%7C1zhPwMH0JY7ly6cgX1YM2g7rrw4QXRjjWWMI09b9UpQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtU1-jfNoUW9jnouvbxGoeIZ_Ja6ggFWhv_k_sMMBuzQdgmbb_P9LkEkkz1LgAIsAtMJ2SnB--v4FIORSmE1QXSDQPADetCHUVqfr1QEnpzPsetY4ZGFaAiRuq7VzVou930OqQSrbhj28brLJBZD8NQYopA8b9mMClZENmvah5yZrz0jZiVWcx_LmoJNweirA_NjAYe5FOT1GZf-M3uLIwCcev-wz6qYwPSFpl1rCHTI9-nyBr69d3xc6tF6dzygUJftj2kqnmSsfmZQyQerjxtEfSdMDQrTGEIccJ01VAyqbXARyuQiLFckbQ4hvXtnPdGNn9OwzmWR2M63fxy8pxsEhTYqo08QCjbx83HkjbYC6TkOeMv5mD68W6OhVilJOfNLjsX1mWAIp1o3nSwa2JBEVHa1ri0HtrbNT7dvT8ODo6_Sxc9fnpJpmhCKIn6GOFcOvJRyl_KVUxYZ1fT4C-OTUKYTMU7JaywwEHEETah-TaPuek80XFCu7MxsIKYvywA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDmnX_V3CY466DpGQygWNxJ2ADsme0rFcpfyT93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCe9GgUoErsj6oAwGqBKACT9AAEEhfgUHyDRv6KuEjGaPtndwwjG8xhIPUpoOdveOroqypQ_hhf_ECcxBtvL0yNINFz2zw-KRQJ9sur9eBfmg66h_zOtf4SRVpy_imsoV8pF1FUETdiZhnoU7ArpEMzpxAMMUYVVjopPMocvopodRcULqNOiNkUt-uJeDo3gGN4C_LPehN-0-rFy10i1Q3ydkuSjcn5m3lgMT8lZAd2RmFbzH-DupJ4aDrPvpPXLYJEOuFFRKYEK3aUl75LRqrLy9Ei0qc-aIKSq3tmhJyUYQ6gkb7Rv1hSlDMPPIDe4kZ6NmykNRSVC5qV8tB5h6UWvhAjUxggLON8Np9_Px-jl3qkhcL1HmKKL9GXcnpe5roMvE8LwZz7UQYfvGcItNcgAb67-Ltk6-18FGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1p6NL9CaJglim9gozP_KNktcHHfQ%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.2.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21484), with CRLF, LF line terminators
Hash 8305b0d05686f83f6d2d911133b2ec75
6a90422fc729c2fc2353ea2f8b2c2e83c45e3942
2efb9e78b464df5e0f5807c03daaddabf89ae3c9de48c0cdca5ae15365fbf8f8
GET /delivery/r/afr.php?z=Y8Jd_QADnQ4KsogRAAdiDRn1P0FnuBq0Y4wcrw&u=%7C1zhPwMH0JY7ly6cgX1YM2g7rrw4QXRjjWWMI09b9UpQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtU1-jfNoUW9jnouvbxGoeIZ_Ja6ggFWhv_k_sMMBuzQdgmbb_P9LkEkkz1LgAIsAtMJ2SnB--v4FIORSmE1QXSDQPADetCHUVqfr1QEnpzPsetY4ZGFaAiRuq7VzVou930OqQSrbhj28brLJBZD8NQYopA8b9mMClZENmvah5yZrz0jZiVWcx_LmoJNweirA_NjAYe5FOT1GZf-M3uLIwCcev-wz6qYwPSFpl1rCHTI9-nyBr69d3xc6tF6dzygUJftj2kqnmSsfmZQyQerjxtEfSdMDQrTGEIccJ01VAyqbXARyuQiLFckbQ4hvXtnPdGNn9OwzmWR2M63fxy8pxsEhTYqo08QCjbx83HkjbYC6TkOeMv5mD68W6OhVilJOfNLjsX1mWAIp1o3nSwa2JBEVHa1ri0HtrbNT7dvT8ODo6_Sxc9fnpJpmhCKIn6GOFcOvJRyl_KVUxYZ1fT4C-OTUKYTMU7JaywwEHEETah-TaPuek80XFCu7MxsIKYvywA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDmnX_V3CY466DpGQygWNxJ2ADsme0rFcpfyT93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCe9GgUoErsj6oAwGqBKACT9AAEEhfgUHyDRv6KuEjGaPtndwwjG8xhIPUpoOdveOroqypQ_hhf_ECcxBtvL0yNINFz2zw-KRQJ9sur9eBfmg66h_zOtf4SRVpy_imsoV8pF1FUETdiZhnoU7ArpEMzpxAMMUYVVjopPMocvopodRcULqNOiNkUt-uJeDo3gGN4C_LPehN-0-rFy10i1Q3ydkuSjcn5m3lgMT8lZAd2RmFbzH-DupJ4aDrPvpPXLYJEOuFFRKYEK3aUl75LRqrLy9Ei0qc-aIKSq3tmhJyUYQ6gkb7Rv1hSlDMPPIDe4kZ6NmykNRSVC5qV8tB5h6UWvhAjUxggLON8Np9_Px-jl3qkhcL1HmKKL9GXcnpe5roMvE8LwZz7UQYfvGcItNcgAb67-Ltk6-18FGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1p6NL9CaJglim9gozP_KNktcHHfQ%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:09 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Ej0nRGYcg5UfBacdmQx1d_AJMve2VaOjlruXIvNoUIiGMOIpy_3Z3hIb3WqQe-a_sMMX1n9ws3xg6EyDJ7DFeRsV-sEdmfY2xLsHnfuSqb2iPVDL8luwwzZ9n5p4UkHnxkcFI8WMaZNJCi_zGb9izbaYr0VNSWH7TjhcAr6z5Fqli6ul-A5A-i7tghNA8LdMcvdhiJagRa4emz8YiFK8K9zU45AApX8yw4oXRO-f8Rxu4Te0jkTd4djp2Ia1Yh_wjuSMFw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 94153893
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a98f91d63f4281dcd31dc2d84424fada
0769ce7cdd4cec9ea03e1fbdf4982ace03973df4
ea5ddfec876a888a05ba1c4f99c0a2ccdab9c422e0fe6b0237ce7412fe852d23
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 14 Jan 2023 07:47:11 GMT
server: ESF
cache-control: private
content-length: 30719
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019
216.58.211.3200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019
IP 216.58.211.3:0
File type ASCII text, with very long lines (2630)
Hash 07d9fc34dd6c802cd322fbf6610fd6e6
2ae9051b3d1d380e364c287f4d40dbd7dc3ac776
1ae14752e0fd53b7eab881df1cfeae4ac5c7279b2a7988e6502c9e33841bfdff
GET /mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4234
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 01:56:00 GMT
expires: Tue, 11 Apr 2023 01:56:00 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
content-type: text/javascript
age: 280271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
83.66.162.128200 OK 4.5 kB URL HTTP/1.1 widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (19781), with no line terminators
Hash d917d10a568917376ce065e84ebc04c0
eb368dc21cb28adcf22ce221b590729598658d2c
4f45f209d3645945394cdb1866967a741b66258f65d42fb7dc0b163a4a1d39ec
GET //content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01 HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1
Date: Sat, 14 Jan 2023 07:47:11 GMT
Expires: Thu, 22 Dec 2022 23:31:43 GMT
Cache-Control: public
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Last-Modified: Wed, 22 Dec 2021 23:31:43 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 4521
www.gstatic.com/mysidia/1930957bda0d0011a2523d8b728a1d6f.js?tag=exit_2019
216.58.211.3200 OK 9.6 kB URL HTTP/2 www.gstatic.com/mysidia/1930957bda0d0011a2523d8b728a1d6f.js?tag=exit_2019
IP 216.58.211.3:0
File type ASCII text, with very long lines (1661)
Hash cbf07ae2982c0054b5297e9bd6b86098
eb0e5d41ba6493b70122e4a06397e89dd6b0ce19
30d95520929f139f5a36addc75d84dfc17dfb42c38677432be9f24d6bf1fd503
GET /mysidia/1930957bda0d0011a2523d8b728a1d6f.js?tag=exit_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 9625
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 01:57:14 GMT
expires: Tue, 11 Apr 2023 01:57:14 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 11 Jan 2023 00:07:05 GMT
content-type: text/javascript
age: 280197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f9985010cc097f967fda10976ea9cb09
237dc890bd25e6674edfd6c95722070847449f5a
54661cfa75a3b52988b49d187a460a66a387b93247837633691aa31eb0d97e86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f11017b16b760a6d7f46e34be189071
3ad1eccc391cbf1ae1bbafbb7849d0b2e2f10d6d
61a1baa07b39df1d28ca49045667ef6c5c3c17fb539d34d70b4e03337e92fdbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
216.58.207.225200 OK 4.6 kB URL HTTP/2 yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 7f0d8c8d9cbb88ed7c0dc10ee1a2b0ae
830e3dfe396cc6bc3a448d0ed13e4f1d25fdef58
0f8e403418f768e45267ca0edb3223d1a3c5e1dec070040b6399c0a89773cbf4
GET /vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4552
x-xss-protection: 0
date: Sat, 14 Jan 2023 07:47:11 GMT
expires: Wed, 11 Jan 2023 12:37:02 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
216.58.207.214200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
date: Sat, 14 Jan 2023 07:47:11 GMT
expires: Sat, 14 Jan 2023 09:47:11 GMT
cache-control: public, max-age=7200
etag: "1668598177"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f9985010cc097f967fda10976ea9cb09
237dc890bd25e6674edfd6c95722070847449f5a
54661cfa75a3b52988b49d187a460a66a387b93247837633691aa31eb0d97e86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f11017b16b760a6d7f46e34be189071
3ad1eccc391cbf1ae1bbafbb7849d0b2e2f10d6d
61a1baa07b39df1d28ca49045667ef6c5c3c17fb539d34d70b4e03337e92fdbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 990923111e9bdf458f09f9c8df7e4158
8ee4ce1cd7d6da1ce3a798483824eb47aacd82f4
8e01d8cb21cf9ecd2b4e07089004d7fb019473c199eb8f51b928ad8be7d6cd55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Last-Modified: Sat, 14 Jan 2023 05:59:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 990923111e9bdf458f09f9c8df7e4158
8ee4ce1cd7d6da1ce3a798483824eb47aacd82f4
8e01d8cb21cf9ecd2b4e07089004d7fb019473c199eb8f51b928ad8be7d6cd55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Last-Modified: Sat, 14 Jan 2023 05:59:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Tue, 09 Jan 2024 07:47:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Tue, 09 Jan 2024 07:47:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 1.2 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
Hash af1f739589e26d97d104a3eb47ab23b9
0a74324be944f099d3bc499699e53b842b650062
cbf5b206ef3b2e699ca324f4468e24fae775068967bafdc0f3f58b1460cbe22f
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Tue, 09 Jan 2024 07:47:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 056c1ad4158a9d606782098d73aee1fa
61b9f43e510bdbc3e8caa4d3231ddb2e67fd9c96
f7ebb0364766aa1beb0a1745272a0d5223d1e1efd41e1645c88b28c2e41a9d4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 51
Cache-Control: max-age=96269
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Etag: "63c132d9-13a"
Expires: Sun, 15 Jan 2023 10:31:40 GMT
Last-Modified: Fri, 13 Jan 2023 10:30:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 056c1ad4158a9d606782098d73aee1fa
61b9f43e510bdbc3e8caa4d3231ddb2e67fd9c96
f7ebb0364766aa1beb0a1745272a0d5223d1e1efd41e1645c88b28c2e41a9d4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 72
Cache-Control: max-age=96290
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Etag: "63c132d9-13a"
Expires: Sun, 15 Jan 2023 10:32:01 GMT
Last-Modified: Fri, 13 Jan 2023 10:30:49 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 056c1ad4158a9d606782098d73aee1fa
61b9f43e510bdbc3e8caa4d3231ddb2e67fd9c96
f7ebb0364766aa1beb0a1745272a0d5223d1e1efd41e1645c88b28c2e41a9d4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 51
Cache-Control: max-age=96269
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:11 GMT
Etag: "63c132d9-13a"
Expires: Sun, 15 Jan 2023 10:31:40 GMT
Last-Modified: Fri, 13 Jan 2023 10:30:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 314
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F1%2F81393-0_1.jpg%3Fcb%3D7b7c56e26af66cc343e970b01c57eaa4&v=3&w=400&s=A5AC6FcBJ2Z65eskMoSOCdUo&b=400
178.250.0.139200 OK 9.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F1%2F81393-0_1.jpg%3Fcb%3D7b7c56e26af66cc343e970b01c57eaa4&v=3&w=400&s=A5AC6FcBJ2Z65eskMoSOCdUo&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x347, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f11990e09af5f7dda68f36a419ae9e9
640cfb96c33dbe1507eec730a7cf37a1226dbe7e
7bfc993c783c25470a1e282daf617f66cc1bebca7210c16af9ceefe54ab961ba
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F1%2F81393-0_1.jpg%3Fcb%3D7b7c56e26af66cc343e970b01c57eaa4&v=3&w=400&s=A5AC6FcBJ2Z65eskMoSOCdUo&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29553042
expires: Fri, 22 Dec 2023 08:57:54 GMT
date: Sat, 14 Jan 2023 07:47:11 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9644
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y8Jd_QAEnCwKso5EAAeccP8QNdrp_D_O8Stz5g&u=%7C1zhPwMH0JY67A2r0XApsYskajSs30XTZB0YPB5IBFP0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17Pbb-FfKVtSwjc0QtvWlOSseyDEuevdHicvLNRHkvcFBJjUYbDdW6VRbLju9ybNy6lwV_imEQ4CfQDT2EoyZnguLbimvcgXRmsdeTgVYldWxhyflpvDTKu0ZhoI6XTHmGllBeM-WSMHmQeMH7Gzd_PDUZPi7JrlE0joE-ixoxQ09MXUECN-8GZnZhaOFadW3Ha2r5MPeBGLEc3HvwSjCq4UJ6Iq_B2kGifSh68sk6jLAa48l5e3YFR5L_S-0JgCPE30vIkUlv5dsoiGDQ_nOcn5TTBsG6ZZuSfM9Av5xuDk9CIu-ZK-knSp4QI-Pc5Gd91XDyuD9iOkr56iMOortlqrILb6FMSrua0t-GsWlvDgOo1ZZVYLPBsKBdEkLVuenFt6IAOzBCFmSMg1v_tUMWe-ZZVatto8ZphAtjGKkAvxaozKw-nfOx6PfU-rWSghBbWD4gMEOVMogepo5j5OaKlRvgxyoxRBU_Bx5JZAYKHTE05w0gcrcEGnQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9Vi4_V3CY6y4EsScygXwuJ6oCMme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCe9GgUoErsj6oAwGqBKYCT9DGpKdx3dxzvvLFxsLrpokm-J7JHL3OJRLrF00KQzPjG8daNq6vRdswRVesHcF1H4WAtAeerMWItq11YCAm36Lw0P5CaVSaxa8DJbotvuhF26o29Pbd2R_Xtz4ytMMdMPEzidQt72ly_dJhNb584XfQ_V_TVDGBp-PUIdQbXH1uQB1KyVYd_mtxpjS056cfIF13Q8BbXV1aLJGeGSBBbedOC_GJ2uPRzQuMx7VM2Qg758UdBA6XVQafkMPvk3cylbu2PvA3s7H0mtHQzdD3uMyhcneZJ21fvpgwDNQPrAd2XiooqjYBbvSK00g5Cry3saNa0i4p_Gce8IGsDsNLUVy03tl_njjtptoAqhkPcvoQOPshe41NmRUG19O9SrmWcT4i7YScgAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3oOdN_ADYsFxv9_FnjGqTi13hChg%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.2.65200 OK 80 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y8Jd_QAEnCwKso5EAAeccP8QNdrp_D_O8Stz5g&u=%7C1zhPwMH0JY67A2r0XApsYskajSs30XTZB0YPB5IBFP0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17Pbb-FfKVtSwjc0QtvWlOSseyDEuevdHicvLNRHkvcFBJjUYbDdW6VRbLju9ybNy6lwV_imEQ4CfQDT2EoyZnguLbimvcgXRmsdeTgVYldWxhyflpvDTKu0ZhoI6XTHmGllBeM-WSMHmQeMH7Gzd_PDUZPi7JrlE0joE-ixoxQ09MXUECN-8GZnZhaOFadW3Ha2r5MPeBGLEc3HvwSjCq4UJ6Iq_B2kGifSh68sk6jLAa48l5e3YFR5L_S-0JgCPE30vIkUlv5dsoiGDQ_nOcn5TTBsG6ZZuSfM9Av5xuDk9CIu-ZK-knSp4QI-Pc5Gd91XDyuD9iOkr56iMOortlqrILb6FMSrua0t-GsWlvDgOo1ZZVYLPBsKBdEkLVuenFt6IAOzBCFmSMg1v_tUMWe-ZZVatto8ZphAtjGKkAvxaozKw-nfOx6PfU-rWSghBbWD4gMEOVMogepo5j5OaKlRvgxyoxRBU_Bx5JZAYKHTE05w0gcrcEGnQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9Vi4_V3CY6y4EsScygXwuJ6oCMme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCe9GgUoErsj6oAwGqBKYCT9DGpKdx3dxzvvLFxsLrpokm-J7JHL3OJRLrF00KQzPjG8daNq6vRdswRVesHcF1H4WAtAeerMWItq11YCAm36Lw0P5CaVSaxa8DJbotvuhF26o29Pbd2R_Xtz4ytMMdMPEzidQt72ly_dJhNb584XfQ_V_TVDGBp-PUIdQbXH1uQB1KyVYd_mtxpjS056cfIF13Q8BbXV1aLJGeGSBBbedOC_GJ2uPRzQuMx7VM2Qg758UdBA6XVQafkMPvk3cylbu2PvA3s7H0mtHQzdD3uMyhcneZJ21fvpgwDNQPrAd2XiooqjYBbvSK00g5Cry3saNa0i4p_Gce8IGsDsNLUVy03tl_njjtptoAqhkPcvoQOPshe41NmRUG19O9SrmWcT4i7YScgAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3oOdN_ADYsFxv9_FnjGqTi13hChg%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.2.65:0
Hash 61e80ac8243575a1e5ad3412d8873246
561b85a688d0fc7d522764d8239604d62ec26bea
2607737c7d8ecdcfeeb266e10f7d0767655455a73e2cecb5c8d95f8f3244634e
GET /delivery/r/afr.php?z=Y8Jd_QAEnCwKso5EAAeccP8QNdrp_D_O8Stz5g&u=%7C1zhPwMH0JY67A2r0XApsYskajSs30XTZB0YPB5IBFP0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17Pbb-FfKVtSwjc0QtvWlOSseyDEuevdHicvLNRHkvcFBJjUYbDdW6VRbLju9ybNy6lwV_imEQ4CfQDT2EoyZnguLbimvcgXRmsdeTgVYldWxhyflpvDTKu0ZhoI6XTHmGllBeM-WSMHmQeMH7Gzd_PDUZPi7JrlE0joE-ixoxQ09MXUECN-8GZnZhaOFadW3Ha2r5MPeBGLEc3HvwSjCq4UJ6Iq_B2kGifSh68sk6jLAa48l5e3YFR5L_S-0JgCPE30vIkUlv5dsoiGDQ_nOcn5TTBsG6ZZuSfM9Av5xuDk9CIu-ZK-knSp4QI-Pc5Gd91XDyuD9iOkr56iMOortlqrILb6FMSrua0t-GsWlvDgOo1ZZVYLPBsKBdEkLVuenFt6IAOzBCFmSMg1v_tUMWe-ZZVatto8ZphAtjGKkAvxaozKw-nfOx6PfU-rWSghBbWD4gMEOVMogepo5j5OaKlRvgxyoxRBU_Bx5JZAYKHTE05w0gcrcEGnQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9Vi4_V3CY6y4EsScygXwuJ6oCMme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCe9GgUoErsj6oAwGqBKYCT9DGpKdx3dxzvvLFxsLrpokm-J7JHL3OJRLrF00KQzPjG8daNq6vRdswRVesHcF1H4WAtAeerMWItq11YCAm36Lw0P5CaVSaxa8DJbotvuhF26o29Pbd2R_Xtz4ytMMdMPEzidQt72ly_dJhNb584XfQ_V_TVDGBp-PUIdQbXH1uQB1KyVYd_mtxpjS056cfIF13Q8BbXV1aLJGeGSBBbedOC_GJ2uPRzQuMx7VM2Qg758UdBA6XVQafkMPvk3cylbu2PvA3s7H0mtHQzdD3uMyhcneZJ21fvpgwDNQPrAd2XiooqjYBbvSK00g5Cry3saNa0i4p_Gce8IGsDsNLUVy03tl_njjtptoAqhkPcvoQOPshe41NmRUG19O9SrmWcT4i7YScgAbdreKcxpuNq4sBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3oOdN_ADYsFxv9_FnjGqTi13hChg%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:09 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JoxPa2Ycg5UfBacdex54s91dr8a_GBVhM63RDDz8ykjoGQYgeb3K9lX5F_wOw62C1OawYFcj5u3ooTA5WJF5kqJ-QNTqqD2sHvAnRYUultBucn4pW_gGGumwO9LJqoOPijLjzrFdL1V17MAg0iwTllgpN2ozqgVsVyaUoOCS99AhYOPF0cpY7WoXXP9iQtZqQyaPwBPxgoSiCFO7POpR1f5ad76fC2FoqELK4jsft_T2dzXGxyFcurODrl3Zz0OqDw0Hfw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 162434220
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 7.7 kB URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
Hash b4ab8042d6671422aa779ecc6a860eb6
f45795cc3174ddd5adadbdd5eabd8defade59b77
cc286aec631d1806ebfb4413fed6e3ad162ec53029395d29154fd6b93a04b7ad
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Tue, 09 Jan 2024 07:47:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3Dfd2708220548fa2c690f6f6629e0e12c&v=3&w=400&s=WUXKGv9rKZhkbh55Wv0GDtP6&b=400
178.250.0.139200 OK 1.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3Dfd2708220548fa2c690f6f6629e0e12c&v=3&w=400&s=WUXKGv9rKZhkbh55Wv0GDtP6&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x184, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e2cf243a29cc66b7885389d89a25d15
91248bbfac4434109f4c6e998632157d05586510
a41f5800fa2d7677d7789bdb3300c3e8d6331286041a561fcbe1027cc70c9a59
GET /img/img?c=3&cq=256&h=400&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F2%2F3%2F234269-0.jpg%3Fcb%3Dfd2708220548fa2c690f6f6629e0e12c&v=3&w=400&s=WUXKGv9rKZhkbh55Wv0GDtP6&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30073955
expires: Thu, 28 Dec 2023 09:39:47 GMT
date: Sat, 14 Jan 2023 07:47:11 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1532
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 2.4 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
Hash c8a9b44c5fd04cb6d0be6a05a86faed6
c05e3d5725c0bebf68d6baa9a6f89d3e6563459b
abec06292b3d577f60724e268fc6af2bc7cf949758ce1f44e405099de2089bcd
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Tue, 09 Jan 2024 07:47:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BD9XcJjH-xr7S2UvxA37Q8AEgMB&wp=Y8Jd_QAEjeMKsqyKAAXq8nq1oCfsGFV4jCb5-A
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BD9XcJjH-xr7S2UvxA37Q8AEgMB&wp=Y8Jd_QAEjeMKsqyKAAXq8nq1oCfsGFV4jCb5-A
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPjTDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BD9XcJjH-xr7S2UvxA37Q8AEgMB&wp=Y8Jd_QAEjeMKsqyKAAXq8nq1oCfsGFV4jCb5-A HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 229139
date: Sat, 14 Jan 2023 07:47:11 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F5%2F5%2F7%2F3557b75957637d6f543d090be193e7b45104aca2_skoter_kapell_3068862.png%3Fcb%3D202302&ups=1&v=3&w=800&s=wQEPxPmFXWSC52KEfRQTsVJa
178.250.0.139200 OK 68 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F5%2F5%2F7%2F3557b75957637d6f543d090be193e7b45104aca2_skoter_kapell_3068862.png%3Fcb%3D202302&ups=1&v=3&w=800&s=wQEPxPmFXWSC52KEfRQTsVJa
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d4261ef0639eeacb5a9f4bbdf68122e2
6642b3019c30f1fb7b3b8b78071271eab3faf63a
60dbb9a2a30794e9f250d8a5a852e51f6fcf1470242b8a3c0903a704e6b78bcd
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F5%2F5%2F7%2F3557b75957637d6f543d090be193e7b45104aca2_skoter_kapell_3068862.png%3Fcb%3D202302&ups=1&v=3&w=800&s=wQEPxPmFXWSC52KEfRQTsVJa HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31103173
expires: Tue, 09 Jan 2024 07:33:25 GMT
date: Sat, 14 Jan 2023 07:47:11 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 67754
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 2.2 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
Hash 7fa83966111756b8e5da983a820874e2
51456a0d48ea2a2df1ef43830ab04f50cb7d6985
538adb375e9d83c1c50f6d4d7277f3fc091ab8f24cbe14d261e18c5db6c964a8
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Tue, 09 Jan 2024 07:47:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
178.250.0.130200 OK 16 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 16372, version 1.0\012- data
Hash e45478d4d6f15dafda1f25d9e0fb5fa1
52cb490cd0ee4442ede034085cda9652b206f91c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
GET /design/googlefont/opensans/opensans-700-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:12 GMT
content-type: text/plain; charset=UTF-8
content-length: 16372
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: "6391f079-3ff4"
expires: Tue, 09 Jan 2024 07:47:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WClwGa88yAV8vZod7AUbk5WTObhjXLRyqbOHOQbtHNQ=s45-c
142.250.74.97200 OK 1.8 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WClwGa88yAV8vZod7AUbk5WTObhjXLRyqbOHOQbtHNQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 1e6b5fab49fecf6c8085ad92d8426490
b3c3a75876deb5c0408ae0a9436387948f709386
e905f49df30582de9ae49a0d4e079fff57b56431d07ca6dc02f34d8da173fff1
GET /a-/AD5-WClwGa88yAV8vZod7AUbk5WTObhjXLRyqbOHOQbtHNQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v8a93"
expires: Sun, 15 Jan 2023 07:47:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:12 GMT
server: fife
content-length: 1847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ELS5tDJwH2wcgyAhk9jTPTiOVISV1Ewwj1o0rRPTaoFxr5SU1WwyWh1gUH-PMl5G0eW96TDQmQQS2vtG0eaFD57w7LAPbsMkD0h09VY3li-ToiSOMypusIIfzVzAKsrhZLU09OinQzUEuonkE7o9123O4UCGJYcxiTaSDzEmwcTrJJ7BQVVoyhhMEADrSG_lieO-P-GfWGyr1grj_JTAVsL7e_tBAv11va7oCYfsXIOotrm2emogvH-UN4B-EuZ_0GxVgNlHszzrdBq0uwKxV7gMitXxbpu_-AkTSpj_8RUBwci0pbT-5psUF3Jeia9HIobk8aulPeLmZo_vQrpPvvDjrBzZd_TzaZMj7vOR94vsQG7UpHkSZK7f8BkgcjP4asPngR6xG2qYKmF6xw-4nujDqnHTpmJwSk2Rf8U3HAIOagSZJjPec5aDaZ28MSrs6IsPYg
178.250.2.148200 OK 1.7 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ELS5tDJwH2wcgyAhk9jTPTiOVISV1Ewwj1o0rRPTaoFxr5SU1WwyWh1gUH-PMl5G0eW96TDQmQQS2vtG0eaFD57w7LAPbsMkD0h09VY3li-ToiSOMypusIIfzVzAKsrhZLU09OinQzUEuonkE7o9123O4UCGJYcxiTaSDzEmwcTrJJ7BQVVoyhhMEADrSG_lieO-P-GfWGyr1grj_JTAVsL7e_tBAv11va7oCYfsXIOotrm2emogvH-UN4B-EuZ_0GxVgNlHszzrdBq0uwKxV7gMitXxbpu_-AkTSpj_8RUBwci0pbT-5psUF3Jeia9HIobk8aulPeLmZo_vQrpPvvDjrBzZd_TzaZMj7vOR94vsQG7UpHkSZK7f8BkgcjP4asPngR6xG2qYKmF6xw-4nujDqnHTpmJwSk2Rf8U3HAIOagSZJjPec5aDaZ28MSrs6IsPYg
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash a506d34726f2a85cdc7537e52e18a28d
4d7dc5f2b56539efea314e890a367ad9872eac67
90ba4b4e5ae98de11808f755d6559723259ab04cd999193a8174b5603b069cf6
GET /delivery/lg.php?cppv=3&cpp=ELS5tDJwH2wcgyAhk9jTPTiOVISV1Ewwj1o0rRPTaoFxr5SU1WwyWh1gUH-PMl5G0eW96TDQmQQS2vtG0eaFD57w7LAPbsMkD0h09VY3li-ToiSOMypusIIfzVzAKsrhZLU09OinQzUEuonkE7o9123O4UCGJYcxiTaSDzEmwcTrJJ7BQVVoyhhMEADrSG_lieO-P-GfWGyr1grj_JTAVsL7e_tBAv11va7oCYfsXIOotrm2emogvH-UN4B-EuZ_0GxVgNlHszzrdBq0uwKxV7gMitXxbpu_-AkTSpj_8RUBwci0pbT-5psUF3Jeia9HIobk8aulPeLmZo_vQrpPvvDjrBzZd_TzaZMj7vOR94vsQG7UpHkSZK7f8BkgcjP4asPngR6xG2qYKmF6xw-4nujDqnHTpmJwSk2Rf8U3HAIOagSZJjPec5aDaZ28MSrs6IsPYg HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3230676
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCmYboAbKKoEVttxyY7pxBeuKeJJF1bEURHwQ1lqpQ=s45-c
142.250.74.97200 OK 2.3 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCmYboAbKKoEVttxyY7pxBeuKeJJF1bEURHwQ1lqpQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 262dff0ca97c173a52768a19c2ad5030
43444ff95c91639c44cab3283d762419a241d3c7
7571fbcaa8e58f59e51a78a7a1158793b9f12189e4d7aa70bb294c70a49e0b82
GET /a-/AD5-WCmYboAbKKoEVttxyY7pxBeuKeJJF1bEURHwQ1lqpQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v628"
expires: Sun, 15 Jan 2023 07:47:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:12 GMT
server: fife
content-length: 2317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCmDfeXt-ddgh0bZ_ZXdZmhg8rt2URcriCA8U6aNeQ=s45-c
142.250.74.97200 OK 677 B URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCmDfeXt-ddgh0bZ_ZXdZmhg8rt2URcriCA8U6aNeQ=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 80127b2ef0ff1a4d1172873896063ca1
89c3255969cda140c45f927fc5f2d0364df9b6e1
9435c16195af2f0b99e230108154228b63661029b39d6857f1aba97ca30e6a59
GET /a-/AD5-WCmDfeXt-ddgh0bZ_ZXdZmhg8rt2URcriCA8U6aNeQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 15 Jan 2023 07:47:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:12 GMT
server: fife
content-length: 677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCnlwz98HN-a13ibpRJvHOA3qSGjByT1t6pgKz-Rd9s=s45-c
142.250.74.97200 OK 2.0 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCnlwz98HN-a13ibpRJvHOA3qSGjByT1t6pgKz-Rd9s=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 3108c071fa3e9c86ed08a49ce88fd7bf
b3795aef5366a4d3bf8a4a14ee3629fbe498f2e6
f1e88372f88a0328d0190a635b5c4db47a121b36aa9d022b22a997b7a1dd6a2d
GET /a-/AD5-WCnlwz98HN-a13ibpRJvHOA3qSGjByT1t6pgKz-Rd9s=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1999
x-xss-protection: 0
date: Sat, 14 Jan 2023 07:47:12 GMT
expires: Fri, 13 Jan 2023 14:39:37 GMT
cache-control: public, max-age=86400, no-transform
etag: "v5498"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCnMyescmC0WjsiRXKgi_Q4cStLDm9nxQsJuvEVW=s45-c
142.250.74.97200 OK 1.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCnMyescmC0WjsiRXKgi_Q4cStLDm9nxQsJuvEVW=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 9d887be29285c9148976b3fb54d6eb65
cbf3dbc2b1d205522b208d674f7a6eb5953b3c62
ca1aa97bae8ed6308ef597331b17b91bfbbc1ae46c493affb667faca8a91990d
GET /a-/AD5-WCnMyescmC0WjsiRXKgi_Q4cStLDm9nxQsJuvEVW=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3c"
expires: Sun, 15 Jan 2023 07:47:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:12 GMT
server: fife
content-length: 1163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=tD5yYFE8fc_ROlbSq2Vqcpb5RSxXCR5MXq9Te4JBFwNcivZ3OVwRo3wzE4k9hmqzbAwpB2ZnTRfgKEzoYTEtLdd1YJxXUoHzrqvbkIPEXKPbjhu2QSs4IjYm3-JEq3KSC58UyewAHVhOlPaZLpmItQ8GzxhIwBOOTC9HGNPMd5ZWKrE7ySqRpoFX44kJ-eQq79kXKCGZ-BR7RDi6aXIvaoQ07s-XVs57dYfnS_5E5jZEpa2NDWbu0Vj6uEUNElEVU-n5PYSFMcBeeISDXmOkSdrCUMSkUdfIs6gmnAysrHyU_-2hH0uDVmRpzPagNTOvHWeabFAghFevoGtGiXwe88qQYyMXGjDlKrOYnVAHnSjpqT1npMCpUSzoVXBmiBlmv8S2hbHsUj1suAUWTTWcomZlMlfsCKJ4ZvzSlNYkTyP2-VIBcA7zjlE3-xeg9DUB0zA1SEvlWL2xCcJfcdzveQp3bJMHcdiR0boFsvWkor5D5SZnXyNo62kByg_y0vzYsN7163GNv8Pa_Mlb1byLLFYfqRk&z=Y8Jd_QAEjeMKsqyKAAXq8nq1oCfsGFV4jCb5-A
178.250.0.160200 OK 1.5 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=tD5yYFE8fc_ROlbSq2Vqcpb5RSxXCR5MXq9Te4JBFwNcivZ3OVwRo3wzE4k9hmqzbAwpB2ZnTRfgKEzoYTEtLdd1YJxXUoHzrqvbkIPEXKPbjhu2QSs4IjYm3-JEq3KSC58UyewAHVhOlPaZLpmItQ8GzxhIwBOOTC9HGNPMd5ZWKrE7ySqRpoFX44kJ-eQq79kXKCGZ-BR7RDi6aXIvaoQ07s-XVs57dYfnS_5E5jZEpa2NDWbu0Vj6uEUNElEVU-n5PYSFMcBeeISDXmOkSdrCUMSkUdfIs6gmnAysrHyU_-2hH0uDVmRpzPagNTOvHWeabFAghFevoGtGiXwe88qQYyMXGjDlKrOYnVAHnSjpqT1npMCpUSzoVXBmiBlmv8S2hbHsUj1suAUWTTWcomZlMlfsCKJ4ZvzSlNYkTyP2-VIBcA7zjlE3-xeg9DUB0zA1SEvlWL2xCcJfcdzveQp3bJMHcdiR0boFsvWkor5D5SZnXyNo62kByg_y0vzYsN7163GNv8Pa_Mlb1byLLFYfqRk&z=Y8Jd_QAEjeMKsqyKAAXq8nq1oCfsGFV4jCb5-A
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3f468f6275a882bf1d4ef4189a548db7
e050a901232c1927c7eadaa4dee225ed844ecb7c
6635fdfdd4fecbf7b3e0a19dbd81d13b0e2a2a1247a0c3e814bab03bfe0665a4
GET /delivery/lgn.php?cppv=3&cpp=tD5yYFE8fc_ROlbSq2Vqcpb5RSxXCR5MXq9Te4JBFwNcivZ3OVwRo3wzE4k9hmqzbAwpB2ZnTRfgKEzoYTEtLdd1YJxXUoHzrqvbkIPEXKPbjhu2QSs4IjYm3-JEq3KSC58UyewAHVhOlPaZLpmItQ8GzxhIwBOOTC9HGNPMd5ZWKrE7ySqRpoFX44kJ-eQq79kXKCGZ-BR7RDi6aXIvaoQ07s-XVs57dYfnS_5E5jZEpa2NDWbu0Vj6uEUNElEVU-n5PYSFMcBeeISDXmOkSdrCUMSkUdfIs6gmnAysrHyU_-2hH0uDVmRpzPagNTOvHWeabFAghFevoGtGiXwe88qQYyMXGjDlKrOYnVAHnSjpqT1npMCpUSzoVXBmiBlmv8S2hbHsUj1suAUWTTWcomZlMlfsCKJ4ZvzSlNYkTyP2-VIBcA7zjlE3-xeg9DUB0zA1SEvlWL2xCcJfcdzveQp3bJMHcdiR0boFsvWkor5D5SZnXyNo62kByg_y0vzYsN7163GNv8Pa_Mlb1byLLFYfqRk&z=Y8Jd_QAEjeMKsqyKAAXq8nq1oCfsGFV4jCb5-A HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3035490
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a/default-user=s45-c
142.250.74.97200 OK 316 B URL HTTP/2 lh3.googleusercontent.com/a/default-user=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 9fae1841320a0eaa434a022513f60859
245fac7a1ba86adda5bf5571babef7d5280672a4
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
GET /a/default-user=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 316
x-xss-protection: 0
date: Sat, 14 Jan 2023 03:56:43 GMT
expires: Sun, 08 Jan 2023 15:54:35 GMT
cache-control: public, max-age=86400, no-transform
age: 13829
etag: "v0"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCkds2lu_syKlRcoGvXMubXPxwT-YtQSfMLCCNc=s45-c
142.250.74.97200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCkds2lu_syKlRcoGvXMubXPxwT-YtQSfMLCCNc=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 0a088c12f36ba6120b049dd07078bb3a
6f87b59aa4c66b74ea8afe0ed5ddf0eb1fb87755
fe15ef88c313cbc0d84ffb6569abd2f9c161771669f31f81253cf2e1b655484b
GET /a-/AD5-WCkds2lu_syKlRcoGvXMubXPxwT-YtQSfMLCCNc=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vc"
expires: Sun, 15 Jan 2023 07:47:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:12 GMT
server: fife
content-length: 1503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-700.css
178.250.0.130200 OK 1.7 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-700.css
IP 178.250.0.130:0
Hash bad3cbc9d85a48e4b82666c4fe69e1b7
b6edebc1f1c77c6d1acbc11769ee6a8d319e11fa
e21916a050e62d00176eed49ce99c7f8ba76f03dbaf714df52a62d9e1c293f9a
GET /design/googlefont/opensans/opensans-700.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
etag: W/"6391f079-9fe"
expires: Tue, 09 Jan 2024 07:47:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
178.250.0.130200 OK 17 kB URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
IP 178.250.0.130:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /design/googlefont/opensans/opensans-400-latin.woff2 HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://static.criteo.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:12 GMT
content-type: text/plain; charset=UTF-8
content-length: 16740
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: "6391f077-4164"
expires: Tue, 09 Jan 2024 07:47:12 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCk0J1xUkNHLp5xzZPEFgQNAIxx2Ty5T2lUeigZI7Q=s45-c
142.250.74.97200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCk0J1xUkNHLp5xzZPEFgQNAIxx2Ty5T2lUeigZI7Q=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 255bc65830be9b0f014d8665fe002c63
e704ab559deabc6c0dde88d11f6c165e028f55af
13c92ac2fc5ff3e5ae410912bd51d0f9af766ba12e94996c329cba46c49bf478
GET /a-/AD5-WCk0J1xUkNHLp5xzZPEFgQNAIxx2Ty5T2lUeigZI7Q=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v98d"
expires: Sun, 15 Jan 2023 07:47:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:12 GMT
server: fife
content-length: 2207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQ_V3CY4AUpfjt3_0bTilvABIAAA&wp=Y8Jd_QADhIgKspQOAAqYVQV4aKrdIMfdjtIz-g
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQ_V3CY4AUpfjt3_0bTilvABIAAA&wp=Y8Jd_QADhIgKspQOAAqYVQV4aKrdIMfdjtIz-g
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQ_V3CY4AUpfjt3_0bTilvABIAAA&wp=Y8Jd_QADhIgKspQOAAqYVQV4aKrdIMfdjtIz-g HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 368851
date: Sat, 14 Jan 2023 07:47:11 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=Ej0nRGYcg5UfBacdmQx1d_AJMve2VaOjlruXIvNoUIiGMOIpy_3Z3hIb3WqQe-a_sMMX1n9ws3xg6EyDJ7DFeRsV-sEdmfY2xLsHnfuSqb2iPVDL8luwwzZ9n5p4UkHnxkcFI8WMaZNJCi_zGb9izbaYr0VNSWH7TjhcAr6z5Fqli6ul-A5A-i7tghNA8LdMcvdhiJagRa4emz8YiFK8K9zU45AApX8yw4oXRO-f8Rxu4Te0jkTd4djp2Ia1Yh_wjuSMFw&sds=2&rev=84230&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=Ej0nRGYcg5UfBacdmQx1d_AJMve2VaOjlruXIvNoUIiGMOIpy_3Z3hIb3WqQe-a_sMMX1n9ws3xg6EyDJ7DFeRsV-sEdmfY2xLsHnfuSqb2iPVDL8luwwzZ9n5p4UkHnxkcFI8WMaZNJCi_zGb9izbaYr0VNSWH7TjhcAr6z5Fqli6ul-A5A-i7tghNA8LdMcvdhiJagRa4emz8YiFK8K9zU45AApX8yw4oXRO-f8Rxu4Te0jkTd4djp2Ia1Yh_wjuSMFw&sds=2&rev=84230&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=Ej0nRGYcg5UfBacdmQx1d_AJMve2VaOjlruXIvNoUIiGMOIpy_3Z3hIb3WqQe-a_sMMX1n9ws3xg6EyDJ7DFeRsV-sEdmfY2xLsHnfuSqb2iPVDL8luwwzZ9n5p4UkHnxkcFI8WMaZNJCi_zGb9izbaYr0VNSWH7TjhcAr6z5Fqli6ul-A5A-i7tghNA8LdMcvdhiJagRa4emz8YiFK8K9zU45AApX8yw4oXRO-f8Rxu4Te0jkTd4djp2Ia1Yh_wjuSMFw&sds=2&rev=84230&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
142.250.74.97200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 381e323dcc3c52d299f378cca24308c4
b3c153fe7a7f36ffea3888717dfddbb49d1d6db7
71f66f8405cfb78d7cee560d8f609e451ce1cb453b5b8a337e0045c559a5867f
GET /p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6dad"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:12 GMT
server: fife
content-length: 4723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 67e8fed9092e88476cbeefc66a6cb069
ba8b0844a20242784ffb79ea9a7c367f8986e2e3
a376ed35f3eb2e1fc3e699a5d0748c47ed27a53dcf1565d7e4238a38137795b7
GET /p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v17f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:47:12 GMT
server: fife
content-length: 3831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl359920_cmahoganyred_v617.jpg&v=3&w=400&s=rWKngvpuygsBAnDGNGrrNw9A&b=400
178.250.0.139200 OK 21 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl359920_cmahoganyred_v617.jpg&v=3&w=400&s=rWKngvpuygsBAnDGNGrrNw9A&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 310x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- JPEG 2000 image\012- data
Hash b8713df94ed9431723dea946a87bc28a
484e06b59ece7786500616aef2082cc45cbf0911
faedbc5026e7a03dad811324da7f2bc9fe7ab412d92e475008cdbddff7501573
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl359920_cmahoganyred_v617.jpg&v=3&w=400&s=rWKngvpuygsBAnDGNGrrNw9A&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29414434
expires: Wed, 20 Dec 2023 18:27:47 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20594
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=IAMOSgYHSaVYx45XwbQL9FpN
178.250.0.139200 OK 3.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=IAMOSgYHSaVYx45XwbQL9FpN
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 277x104, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d7a5c76aec6cbaff3effe7fba832f7b4
ab3046d70078b235d53e535f3be76e2e404ebc8b
1204eb619e2c0b5c191c701da71af8261cb4de1c90efca0f92280ab46a66cc66
GET /img/img?h=104&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=596&s=IAMOSgYHSaVYx45XwbQL9FpN HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29962932
expires: Wed, 27 Dec 2023 02:49:25 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2972
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473211_c609ermine_v609.jpg&v=3&w=400&s=C-RezPtuMVX-cytNBw9QMBGY&b=400
178.250.0.139200 OK 5.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473211_c609ermine_v609.jpg&v=3&w=400&s=C-RezPtuMVX-cytNBw9QMBGY&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 389x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3bffc5f912a30ffb33fdba674bcb66e7
6b774e02525aa93ff07b9e2193482c70b5a7c5f0
f32c15d9a3e306e7136d52f72a6f0acb537fe28bf7b90791df3e893ed2b0c41d
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftretorn%2F1300x1700%2Ftre473211_c609ermine_v609.jpg&v=3&w=400&s=C-RezPtuMVX-cytNBw9QMBGY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31221692
expires: Wed, 10 Jan 2024 16:28:45 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5026
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve11564_clightbrown_v301.jpg&v=3&w=400&s=aWP33-8PDa_Hks9axVpqW7JR&b=400
178.250.0.139200 OK 5.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve11564_clightbrown_v301.jpg&v=3&w=400&s=aWP33-8PDa_Hks9axVpqW7JR&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 311x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57232b9d6b5887a72d15af6bda0fbb68
08e66e697ced2ee5e08f58ada898261a42ae95cc
0c03606db540f45d8dfacaa43c9fa7ef66927a72dd50d9da70641d5488496ea4
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsvea%2F1300x1700%2Fsve11564_clightbrown_v301.jpg&v=3&w=400&s=aWP33-8PDa_Hks9axVpqW7JR&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30587664
expires: Wed, 03 Jan 2024 08:21:37 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5390
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Freima%2F1300x1700%2Frei569387_cblack_v9990.jpg&v=3&w=400&s=ON_TnnQamH6w4wpgQ8OhSOS_&b=400
178.250.0.139200 OK 6.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Freima%2F1300x1700%2Frei569387_cblack_v9990.jpg&v=3&w=400&s=ON_TnnQamH6w4wpgQ8OhSOS_&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 318x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fae149eb545af89b7d4384bcb615886a
5ebc96aa6c0e2fdf20176ca0c3b5d6ecb8511cc7
4b6e1c643df5cf2441a7e0d61bd55cd7b29e08fc0f3117679ad41703f7c999e2
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Freima%2F1300x1700%2Frei569387_cblack_v9990.jpg&v=3&w=400&s=ON_TnnQamH6w4wpgQ8OhSOS_&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30603272
expires: Wed, 03 Jan 2024 12:41:45 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6914
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F8848-altitude%2F1300x1700%2F8ae2304_cblack_v008.jpg&v=3&w=400&s=6ZThpwzZ0KoG3uf6IUXxqD2C&b=400
178.250.0.139200 OK 5.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F8848-altitude%2F1300x1700%2F8ae2304_cblack_v008.jpg&v=3&w=400&s=6ZThpwzZ0KoG3uf6IUXxqD2C&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 210x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cc8d0373cb6810a073a2327fa848bb56
9636b464bd562edb6a827606614fa0bc71c53f76
688dceb0afed17af3b69921453b7516d547f49dc261b8abfde8a28a7e0c98504
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2F8848-altitude%2F1300x1700%2F8ae2304_cblack_v008.jpg&v=3&w=400&s=6ZThpwzZ0KoG3uf6IUXxqD2C&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29845869
expires: Mon, 25 Dec 2023 18:18:22 GMT
date: Sat, 14 Jan 2023 07:47:11 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5094
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnoella%2F1300x1700%2Fnoe12241073_cpink.jpg&v=3&w=400&s=7BSnoLBxGpEWYy0xVZHTzx4p&b=400
178.250.0.139200 OK 16 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnoella%2F1300x1700%2Fnoe12241073_cpink.jpg&v=3&w=400&s=7BSnoLBxGpEWYy0xVZHTzx4p&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 258x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9bbf9e81bf22670c5fab72443059eb55
5f9c007896b65627f68cad764fb46eed535eb326
16c27ccb02fc9f7aaf08dd349c76589f4572e36cd67770fe14b65177a8b41315
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnoella%2F1300x1700%2Fnoe12241073_cpink.jpg&v=3&w=400&s=7BSnoLBxGpEWYy0xVZHTzx4p&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29082107
expires: Sat, 16 Dec 2023 22:09:00 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16068
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbw2721_cblack_vblack.jpg&v=3&w=400&s=JLjtltuDBivgXR8cKtGDBdn1&b=400
178.250.0.139200 OK 3.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbw2721_cblack_vblack.jpg&v=3&w=400&s=JLjtltuDBivgXR8cKtGDBdn1&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 218x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e1697ff0bcc765c2dd74e6893a0f3126
1098a2e8701fd6f5f483bd68f7ea901222c79456
89d7153fe548a2b56d9be604af5623933aaa9e0b99a67f13fd50cd2c088a108d
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbruuns-bazaar%2F1300x1700%2Fbbw2721_cblack_vblack.jpg&v=3&w=400&s=JLjtltuDBivgXR8cKtGDBdn1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29011502
expires: Sat, 16 Dec 2023 02:32:14 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3232
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=f-EQUyMNXFwRjU_gTRVQu7SU
178.250.0.139200 OK 128 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=f-EQUyMNXFwRjU_gTRVQu7SU
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 128 kB (128318 bytes)
Hash 9ff2ed9e224d6b96a54afe736c4b0b07
ef6420bcdc5c7b89e892768d26b6156f20896019
3f643c2f2356cf933397bab72e5df5cdec174c7af924d8352390677e56cfbf68
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=f-EQUyMNXFwRjU_gTRVQu7SU HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29964850
expires: Wed, 27 Dec 2023 03:21:23 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 128318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkids-only%2F1300x1700%2Fon15207169_csepiarose_v2840782723.jpg&v=3&w=400&s=BbNAJqknXSmhDZ7To696MBBh&b=400
178.250.0.139200 OK 8.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkids-only%2F1300x1700%2Fon15207169_csepiarose_v2840782723.jpg&v=3&w=400&s=BbNAJqknXSmhDZ7To696MBBh&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 318x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8aa7906066b900567212258fef2c7d69
89db29019d0a1e1548d8090e28fb1b0d60928b64
93fbc985492be59fd96afd0bf64e9687ef2493e14c65c418c06c8e7df90dd05c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkids-only%2F1300x1700%2Fon15207169_csepiarose_v2840782723.jpg&v=3&w=400&s=BbNAJqknXSmhDZ7To696MBBh&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29379717
expires: Wed, 20 Dec 2023 08:49:10 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8722
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_crichdeepburgundy.jpg&v=3&w=400&s=6FK8lll0dn3GSruXVCNn5mSb&b=400
178.250.0.139200 OK 4.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_crichdeepburgundy.jpg&v=3&w=400&s=6FK8lll0dn3GSruXVCNn5mSb&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 208x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c0585a05a94115d214fc9814fc8234e
4768a14fafd653dc13f0756cc383dcc083fb82e1
0d71c198c1852053ad91f73284a51d35b4b93a0e4e68c03aad1cdf17c3bc6aa6
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsuperdry%2F1300x1700%2Fsdw5011411a_crichdeepburgundy.jpg&v=3&w=400&s=6FK8lll0dn3GSruXVCNn5mSb&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30771598
expires: Fri, 05 Jan 2024 11:27:10 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4918
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjack-jones%2F1300x1700%2Fjj12173663_cdarknavy_v175697.jpg&v=3&w=400&s=U5tJL69hx39ZoUwS6yFc_9RE&b=400
178.250.0.139200 OK 6.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjack-jones%2F1300x1700%2Fjj12173663_cdarknavy_v175697.jpg&v=3&w=400&s=U5tJL69hx39ZoUwS6yFc_9RE&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 328x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6efc9f070de7e510d07666d63c4a2f62
1009e16efb36ff94d1ea524f65976bac331ebe88
f30d56925e7ac01b356a582f5c6b15dbae9846c1baa6b9be0a91129c34d65101
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fjack-jones%2F1300x1700%2Fjj12173663_cdarknavy_v175697.jpg&v=3&w=400&s=U5tJL69hx39ZoUwS6yFc_9RE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29210278
expires: Mon, 18 Dec 2023 09:45:11 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6544
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvarley%2F1300x1700%2Fvar00526_cpralineivory.jpg&v=3&w=400&s=EUhhhWP5NhAfGCsOBpXAOkMo&b=400
178.250.0.139200 OK 3.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvarley%2F1300x1700%2Fvar00526_cpralineivory.jpg&v=3&w=400&s=EUhhhWP5NhAfGCsOBpXAOkMo&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 160x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 25233f394eecbafff1cbbc7443d4e761
920fb2cc9e5e81bb94e68c52354326819e123997
42741b335265aa53348d441315e0d0d72679b25107cd87428ca8a547c4bb4418
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvarley%2F1300x1700%2Fvar00526_cpralineivory.jpg&v=3&w=400&s=EUhhhWP5NhAfGCsOBpXAOkMo&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30497484
expires: Tue, 02 Jan 2024 07:18:37 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3788
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fresterods%2F1300x1700%2Fres0702200101_cblack_v9.jpg&v=3&w=400&s=fHbPfhNLszKCMnHVpqW4yyN9&b=400
178.250.0.139200 OK 2.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fresterods%2F1300x1700%2Fres0702200101_cblack_v9.jpg&v=3&w=400&s=fHbPfhNLszKCMnHVpqW4yyN9&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 211x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f7fe76d8456619416c51a47af5db40b
96ab10e68625a5eae2ddf2fd9946ab2e523be26e
dff0c0c2fb08a1f58ae41cc0a4dbbe61d62525126f2fbbd6394b9cb4bd5d7de7
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fresterods%2F1300x1700%2Fres0702200101_cblack_v9.jpg&v=3&w=400&s=fHbPfhNLszKCMnHVpqW4yyN9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31358680
expires: Fri, 12 Jan 2024 06:31:53 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2198
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
178.250.0.139200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x336, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a038be7d3e6d4838b4a63bd8daa28a1e
81f01b450467dfc5a96a6077358e42787edcb977
d9e7a945587d1dc06c2ed3c5734385cc6bf6d8e8de37b21da2530a03c2a76128
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fecco%2F1300x1700%2Fec207083_cblack_v01001.jpg&v=3&w=400&s=245CQ9W0kIX6F-sXz9FpInoa&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31277430
expires: Thu, 11 Jan 2024 07:57:43 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10502
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcalvin-klein-underwear%2F1300x1700%2Fckmnb2379a_c1679485561_vmp1.jpg&v=3&w=400&s=wn0SanovjIh-yQrQFJoGKbDP&b=400
178.250.0.139200 OK 9.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcalvin-klein-underwear%2F1300x1700%2Fckmnb2379a_c1679485561_vmp1.jpg&v=3&w=400&s=wn0SanovjIh-yQrQFJoGKbDP&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x369, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5aeecc270714956998d2d551b417e981
4fcfb2df61ff0794b388da682d3518425c0aef46
d56d4aed31c8935917633e99c78cb1eca8738f603c0f52b1ce95393fae4c22f0
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcalvin-klein-underwear%2F1300x1700%2Fckmnb2379a_c1679485561_vmp1.jpg&v=3&w=400&s=wn0SanovjIh-yQrQFJoGKbDP&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29827375
expires: Mon, 25 Dec 2023 13:10:08 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9282
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fyleml416vog_cvictoryorange_vw701.jpg&v=3&w=400&s=K4M4YicDhB9BoNJgCv8ChRb7&b=400
178.250.0.139200 OK 6.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fyleml416vog_cvictoryorange_vw701.jpg&v=3&w=400&s=K4M4YicDhB9BoNJgCv8ChRb7&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e6d6c9fe9490ca41421448e795d4f3c
02ca9a92c13ed2e211092144c747bb04748b2bee
4a3f2dcf00790a0ec118a2ff332bf29004b40898024b30cc875f7971de3f6073
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flyle-scott%2F1300x1700%2Fyleml416vog_cvictoryorange_vw701.jpg&v=3&w=400&s=K4M4YicDhB9BoNJgCv8ChRb7&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31186326
expires: Wed, 10 Jan 2024 06:39:19 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6380
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fonly-sons%2F1300x1700%2Fos22020572_crosin_v218672.jpg&v=3&w=400&s=eb2_rLH494On9Ju-WmkGkekw&b=400
178.250.0.139200 OK 5.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fonly-sons%2F1300x1700%2Fos22020572_crosin_v218672.jpg&v=3&w=400&s=eb2_rLH494On9Ju-WmkGkekw&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 309x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d5d0044c670ce6b662b3e1efa6f5b548
81651cf844741e5e8630d7a8ea9088ab8e70446b
64fbe92afeb94e34acdbe4bbe36738ceb6fd3bf4c0610126b1ceb9e3591bc1b0
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fonly-sons%2F1300x1700%2Fos22020572_crosin_v218672.jpg&v=3&w=400&s=eb2_rLH494On9Ju-WmkGkekw&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31272153
expires: Thu, 11 Jan 2024 06:29:46 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5176
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Frosemunde%2F1300x1700%2Fros4217_c3949708039.jpg&v=3&w=400&s=t86AmBqoCjmfGkT9mLSkWOXZ&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Frosemunde%2F1300x1700%2Fros4217_c3949708039.jpg&v=3&w=400&s=t86AmBqoCjmfGkT9mLSkWOXZ&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 254x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 04d6bcb0fd1daf504ab58efc41690b76
76ed03b45dcb458c2a063eb2404ce893808ef7da
f36f2460d0dd753e9340a86f6f4656c6a6d1e382efedd0eda8effacaf36a25a3
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Frosemunde%2F1300x1700%2Fros4217_c3949708039.jpg&v=3&w=400&s=t86AmBqoCjmfGkT9mLSkWOXZ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31291255
expires: Thu, 11 Jan 2024 11:48:08 GMT
date: Sat, 14 Jan 2023 07:47:11 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13290
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fellesse%2F1300x1700%2Fell999srk12414_cnavy.jpg&v=3&w=400&s=G1AuOJLxM0D5t2WbWIdycd7E&b=400
178.250.0.139200 OK 7.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fellesse%2F1300x1700%2Fell999srk12414_cnavy.jpg&v=3&w=400&s=G1AuOJLxM0D5t2WbWIdycd7E&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 341x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fbc3bda59ebb8193eb6285df7c64554d
f6b5736fcca7c2fc5c1279e307622390050be644
358dca8ead75f2f5bb82adf0b64b77116377af8f1d5068ca0eaf20ca07a02bbe
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fellesse%2F1300x1700%2Fell999srk12414_cnavy.jpg&v=3&w=400&s=G1AuOJLxM0D5t2WbWIdycd7E&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29547092
expires: Fri, 22 Dec 2023 07:18:44 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7026
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fivy-oak%2F1300x1700%2Fio1122f1046_csummerseablue.jpg&v=3&w=400&s=Hq-fuM2E8kTLJshux6XGlxk0&b=400
178.250.0.139200 OK 3.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fivy-oak%2F1300x1700%2Fio1122f1046_csummerseablue.jpg&v=3&w=400&s=Hq-fuM2E8kTLJshux6XGlxk0&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 205x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1903546683d910d74a12a28d2852c452
d34bc965cedbfd33d0e72193ea7ac68e592f2ff5
a00aaec80c3c92d8caf55f2f7d8b6a2ffc0514558859ca9432b8d5ed4f70dcf3
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fivy-oak%2F1300x1700%2Fio1122f1046_csummerseablue.jpg&v=3&w=400&s=Hq-fuM2E8kTLJshux6XGlxk0&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31401936
expires: Fri, 12 Jan 2024 18:32:48 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3694
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnoa-noa-c%2F1300x1700%2Fnnc1109671_cbordeaux_v01216.jpg&v=3&w=400&s=Mn_txwqd696GaotJbr_KltYC&b=400
178.250.0.139200 OK 6.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnoa-noa-c%2F1300x1700%2Fnnc1109671_cbordeaux_v01216.jpg&v=3&w=400&s=Mn_txwqd696GaotJbr_KltYC&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 316x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e97c6119ef7803241af35f8b7c589a0
ad9d195b0cae54b8f42984669de03903af347e0a
37c096e8564b8b3504f89f8bc3a51f394049a75f93a8081c0abb153410221982
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fnoa-noa-c%2F1300x1700%2Fnnc1109671_cbordeaux_v01216.jpg&v=3&w=400&s=Mn_txwqd696GaotJbr_KltYC&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30676215
expires: Thu, 04 Jan 2024 08:57:28 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6402
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_ccognacleather_v348.jpg&v=3&w=400&s=26XummGe2e8ZIFtLEmZtQvJc&b=400
178.250.0.139200 OK 5.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_ccognacleather_v348.jpg&v=3&w=400&s=26XummGe2e8ZIFtLEmZtQvJc&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 288x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 07afb60e1b848cd26fbe0949778618ad
235ca6864aee5a911e77df1853a42b80a9c7e571
a132a69cb130b5d0b36217894ee59a8896a958200ef33477c842b1b8b730b55e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Ftamaris%2F1300x1700%2Ftam112549829_ccognacleather_v348.jpg&v=3&w=400&s=26XummGe2e8ZIFtLEmZtQvJc&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31275134
expires: Thu, 11 Jan 2024 07:19:27 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5326
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622924_cslate.jpg&v=3&w=400&s=Uj4b_xQz6xfjY8USj6CWYyaS&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622924_cslate.jpg&v=3&w=400&s=Uj4b_xQz6xfjY8USj6CWYyaS&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 308x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f8f05d2a8a0c08112c43b6da9fdc7453
acb2081bbbfb088dd3581ce5873078847a29d232
c6aa49fb347ddfd09ca43bc8f521a7873d8d8f4ee0d9af28582fdcd21518d7e6
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fkari-traa%2F1300x1700%2Fkta622924_cslate.jpg&v=3&w=400&s=Uj4b_xQz6xfjY8USj6CWYyaS&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29025480
expires: Sat, 16 Dec 2023 06:25:12 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14072
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37077717_cpastelpink_v81.jpg&v=3&w=400&s=bj4uETVBY3-2PoyM-txmv90B&b=400
178.250.0.139200 OK 9.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37077717_cpastelpink_v81.jpg&v=3&w=400&s=bj4uETVBY3-2PoyM-txmv90B&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x292, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 051ee0a62b13b1678e7c8c742365938a
2ab7600685b60db45c746c2e65f90c8a3661bda4
f64e9f50ee4a8c0b13da5fa0c15224420febd838c5097e3373c3f9a3ea312854
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmango%2F1300x1700%2Fman37077717_cpastelpink_v81.jpg&v=3&w=400&s=bj4uETVBY3-2PoyM-txmv90B&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29517642
expires: Thu, 21 Dec 2023 23:07:55 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9872
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flulus-drawer%2F1300x1700%2Fldrlus1022_cwhite_vwhite.jpg&v=3&w=400&s=jXItBv3Eg6FGo4PhUpiraIiS&b=400
178.250.0.139200 OK 3.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flulus-drawer%2F1300x1700%2Fldrlus1022_cwhite_vwhite.jpg&v=3&w=400&s=jXItBv3Eg6FGo4PhUpiraIiS&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 255x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f99802e2d018fdbedbe417bb83efe162
84fc4326f73a0e92970139d22f17754f9690b494
09036861080a399f0055ea754bbecba5d303c043675f536c0f249d027c296bb6
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flulus-drawer%2F1300x1700%2Fldrlus1022_cwhite_vwhite.jpg&v=3&w=400&s=jXItBv3Eg6FGo4PhUpiraIiS&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29372157
expires: Wed, 20 Dec 2023 06:43:10 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2982
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmatinique%2F1300x1700%2Fme30205162_cdarkbrown_v191101.jpg&v=3&w=400&s=PV67cNaUByE_ELBWluRAQzgD&b=400
178.250.0.139200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmatinique%2F1300x1700%2Fme30205162_cdarkbrown_v191101.jpg&v=3&w=400&s=PV67cNaUByE_ELBWluRAQzgD&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 348x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f494da2f72b15848756ef100e2c0adae
882e1ff1027538bcdc76c64ea26a6ffad1aebe2a
c800a6c76fddc95888611d7a59a5b0a54cd5f4b8c875d160c36e92dd6e77e22c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fmatinique%2F1300x1700%2Fme30205162_cdarkbrown_v191101.jpg&v=3&w=400&s=PV67cNaUByE_ELBWluRAQzgD&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29126107
expires: Sun, 17 Dec 2023 10:22:20 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11994
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Firo%2F1300x1700%2Firowp33livy_ccandypink.jpg&v=3&w=400&s=GCnUyeQc3EO1wPOfn1Y615If&b=400
178.250.0.139200 OK 6.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Firo%2F1300x1700%2Firowp33livy_ccandypink.jpg&v=3&w=400&s=GCnUyeQc3EO1wPOfn1Y615If&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 286x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fb85552414d0c8104c30fdb9fd4aeec5
a0329918aed0493ce19c886e99a981dfc27b3b72
ff54ff4ecf166526f1ad86ff72f15c1bccf9a6bd6e9b728518f56f34c0df79fb
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Firo%2F1300x1700%2Firowp33livy_ccandypink.jpg&v=3&w=400&s=GCnUyeQc3EO1wPOfn1Y615If&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28951862
expires: Fri, 15 Dec 2023 09:58:15 GMT
date: Sat, 14 Jan 2023 07:47:11 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6048
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4751089_cwarmkhaki_v213.jpg&v=3&w=400&s=WfbpuBpBCf6CZyVfFUTtRu4m&b=400
178.250.0.139200 OK 4.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4751089_cwarmkhaki_v213.jpg&v=3&w=400&s=WfbpuBpBCf6CZyVfFUTtRu4m&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45a34d99ea8aeccff8c2784647e75596
ae07578c57a09824122acf9a4bccd7d5b2ea783c
da9304d340869ee8285408760b7aeb01831b4f9ef8b32eff2416beaf12de034e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4751089_cwarmkhaki_v213.jpg&v=3&w=400&s=WfbpuBpBCf6CZyVfFUTtRu4m&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30072781
expires: Thu, 28 Dec 2023 09:20:14 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4922
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ttioTnxNsy-yKT2QHB61fxqL7Wjjcj4yACjt2NLB_pnsZ1Ej5qZmtQyu1oJZip81gTL1pM_URm7ZQxAugym7civUF9MPzcUiUfeCScG2QYHTtJbwBkPyAmNQjJ9XSwjj-dnU29vIqillj59tPXJD1L6yD_MR5iyRBe1ahtgnNlWDJMOQQP35-GYjqhuFl-8tmK94y020ge9aCUSunn7ZsJdUsyznsvn6fetpp7Ho3r-4sRe8cNF7xgRyQsdoi4PpVcT_zSs5-uk2xwJgdbvSpKMY4KFfcHwTsRRzXolaGtlE5EhzJ_61afwdmrIzbnOJCAUMb3XRLHE2z80nUJFeO6bi0vdZ1Pf63RWD15bDA3MK2EKeN_Ope5CdrXKzaHdslbQTrdPNXUMg0R4IQKdMx8lEnkfWcEKJiUaC11e-o0dMkX8_
178.250.2.148200 OK 9.7 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ttioTnxNsy-yKT2QHB61fxqL7Wjjcj4yACjt2NLB_pnsZ1Ej5qZmtQyu1oJZip81gTL1pM_URm7ZQxAugym7civUF9MPzcUiUfeCScG2QYHTtJbwBkPyAmNQjJ9XSwjj-dnU29vIqillj59tPXJD1L6yD_MR5iyRBe1ahtgnNlWDJMOQQP35-GYjqhuFl-8tmK94y020ge9aCUSunn7ZsJdUsyznsvn6fetpp7Ho3r-4sRe8cNF7xgRyQsdoi4PpVcT_zSs5-uk2xwJgdbvSpKMY4KFfcHwTsRRzXolaGtlE5EhzJ_61afwdmrIzbnOJCAUMb3XRLHE2z80nUJFeO6bi0vdZ1Pf63RWD15bDA3MK2EKeN_Ope5CdrXKzaHdslbQTrdPNXUMg0R4IQKdMx8lEnkfWcEKJiUaC11e-o0dMkX8_
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 013af3dc8da8d3530fc5f4980d1d763e
45facc6943e1a8aad9e2fa35b1535f16f9ff642d
ff4e7fe21c814dab3084d8bcdd019c4b485a0260c82ef3d1dbd57ec79fd3f22b
GET /delivery/lg.php?cppv=3&cpp=ttioTnxNsy-yKT2QHB61fxqL7Wjjcj4yACjt2NLB_pnsZ1Ej5qZmtQyu1oJZip81gTL1pM_URm7ZQxAugym7civUF9MPzcUiUfeCScG2QYHTtJbwBkPyAmNQjJ9XSwjj-dnU29vIqillj59tPXJD1L6yD_MR5iyRBe1ahtgnNlWDJMOQQP35-GYjqhuFl-8tmK94y020ge9aCUSunn7ZsJdUsyznsvn6fetpp7Ho3r-4sRe8cNF7xgRyQsdoi4PpVcT_zSs5-uk2xwJgdbvSpKMY4KFfcHwTsRRzXolaGtlE5EhzJ_61afwdmrIzbnOJCAUMb3XRLHE2z80nUJFeO6bi0vdZ1Pf63RWD15bDA3MK2EKeN_Ope5CdrXKzaHdslbQTrdPNXUMg0R4IQKdMx8lEnkfWcEKJiUaC11e-o0dMkX8_ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:12 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2829830
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=fYZFH-vNvgLDwoX5sYkF7zV_
178.250.0.139200 OK 1.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=fYZFH-vNvgLDwoX5sYkF7zV_
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x196, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 01f33a498f65bf4bb751def8c06a1991
dd3dc1f876dbec906a17869724b8d3284beb37cb
9e92587541f93124197e414774716e7099233aef4b4d56f4d888e9bb649b5362
GET /img/img?h=244&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2F72055d4d681b4db89c08acff858f1b81_chanti-logo-s.jpeg&v=3&w=196&s=fYZFH-vNvgLDwoX5sYkF7zV_ HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29034378
expires: Sat, 16 Dec 2023 08:53:31 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1298
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F83245-0_2.jpg%3Fcb%3D5deaf4f83bba8fa4052f054bfde55334&v=3&w=800&s=eNUoPLoiEPD-b6RNFsQq8lQo&b=400
178.250.0.139200 OK 6.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F83245-0_2.jpg%3Fcb%3D5deaf4f83bba8fa4052f054bfde55334&v=3&w=800&s=eNUoPLoiEPD-b6RNFsQq8lQo&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 351x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fbfc04e21c5d1fe2064790f0fbff12b1
46921d74263c27b079934f66e50ec6473b2a3947
e80ab6c8f656c9d2bb207bcf262b2062ccf0184c6b0521d1e98fe9585d40d459
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F3%2F83245-0_2.jpg%3Fcb%3D5deaf4f83bba8fa4052f054bfde55334&v=3&w=800&s=eNUoPLoiEPD-b6RNFsQq8lQo&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30743734
expires: Fri, 05 Jan 2024 03:42:47 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6772
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3Dbdffc4fead2596ebbb1384d588b24e24&v=3&w=800&s=QaaU4ZZXCOl6tg-HCKvelnRP&b=400
178.250.0.139200 OK 6.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3Dbdffc4fead2596ebbb1384d588b24e24&v=3&w=800&s=QaaU4ZZXCOl6tg-HCKvelnRP&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 06ae262a2aa445904a20058747ea0822
d21523eae0cfa9d1d2543813f8065f8609082a7c
f174662e28f2feebd8ccb7bcd80e91be29e5a206726a04eb5923afb3e554a522
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6353-0_1.jpg%3Fcb%3Dbdffc4fead2596ebbb1384d588b24e24&v=3&w=800&s=QaaU4ZZXCOl6tg-HCKvelnRP&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31438673
expires: Sat, 13 Jan 2024 04:45:06 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6586
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F7%2F2%2F7286-0.jpg%3Fcb%3D7a6548012246b3f932a9bb726a59a156&v=3&w=800&s=I4lbhrhdTtJHsVIBmM8ZucCW&b=400
178.250.0.139200 OK 5.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F7%2F2%2F7286-0.jpg%3Fcb%3D7a6548012246b3f932a9bb726a59a156&v=3&w=800&s=I4lbhrhdTtJHsVIBmM8ZucCW&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x223, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0db652e7ef811eedb5443202780f60bf
62e19161bd7f2f47f483225bab4064b2b15941f5
f194b454e0869c4a22aa3b3c13be8be086ad7291af4683c674210bebfb4e7d01
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F7%2F2%2F7286-0.jpg%3Fcb%3D7a6548012246b3f932a9bb726a59a156&v=3&w=800&s=I4lbhrhdTtJHsVIBmM8ZucCW&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28947812
expires: Fri, 15 Dec 2023 08:50:45 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5730
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y8Jd_QADhIgKspQOAAqYVQV4aKrdIMfdjtIz-g&u=%7C1zhPwMH0JY7MMH%2FgTyRnBlN%2BaD148HSD8rwOqkMHJj4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkvJgXknYQIulmG6KjErnf_fHpkkRwE8Mo4X7coJtHAWbJSWlO3xI2w-g0NDZ_ByyKnwjNOMXDsle7hdFPSIj2KtYFt_wCzv00Wn_eD6IkiCdZ8_MMJWxDmUqSn6a1M4RTETdw4kAwrCsRYNGECuKwNZp_fMUR63SsrSTzrUgypYZahDia5o6rnQqdG8d9JFucsD-Ivlq6rKyVZm0ZIrgugoYu1HSaAdlDBDg4mzv_zP-qE4b_klHbv5N7mZzjvgKt6XKOLjWkxQj0KydZrIn04bZnsoGvFnO3cuNpgvffMwXDTx8R2Q9TPJSl5vmCO-l4CuujQkqp62joIM0qdGpDmu8S5n8UyjWZbrMY-R3uHiuREmBg_E8NSYqEPV-xITrUcpRNzPtQyBCL6RDgYML_WlTaVmt6PL2DdibOeIXhda4mD5gZTPzK3moOB1eWLjiAbt5WiqpG786RSh5ZjNa7rZyhR6cI2CWt3zXc_AFdHB5rH2xyOGzsnQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCN_b0_V3CY4iJDo6oygXVsKrYCsme0rFczfHi3YgBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAnvRoFKBK7I-qAMBqgShAk_QlKUyFGPi11DN-IWpYWKZ9zltZ9RR4d90JDYUR2o8EZcdCtp8o2H_ndlGv9DWPBvGVplvHRiOD9VGBgWb92-sa9jjZzqW6tfJuHQVkM7loHNwiuQ2FSP3UjNiy2tW_eId1HNHNnHRJylbwIcG6GMIzGlE8eYnVdetCFfDA1HeRp3OzA3l2-i84R-SWBIWyORNPOlA_DXjXuu3KerpXTQQ2U7LQFeKJzvx4KYOPMPc5gUX-WjunomaFsOv0NrhSphDu2uAHiXQ5ATzbtmyjUSRCC3TwUwd1LDP9rEWm_9BxkcyRGqvIItBjGVhvL84zTEPyYB70zYsSoXyFadsKk-Dvm4nBM_BZwEjjjg_oM_tqKE0HLA-mqcren-9PuzxPbqABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Qjsig3BoTkrRnFg7UwmYrGZ9eSA%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.2.65200 OK 55 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y8Jd_QADhIgKspQOAAqYVQV4aKrdIMfdjtIz-g&u=%7C1zhPwMH0JY7MMH%2FgTyRnBlN%2BaD148HSD8rwOqkMHJj4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkvJgXknYQIulmG6KjErnf_fHpkkRwE8Mo4X7coJtHAWbJSWlO3xI2w-g0NDZ_ByyKnwjNOMXDsle7hdFPSIj2KtYFt_wCzv00Wn_eD6IkiCdZ8_MMJWxDmUqSn6a1M4RTETdw4kAwrCsRYNGECuKwNZp_fMUR63SsrSTzrUgypYZahDia5o6rnQqdG8d9JFucsD-Ivlq6rKyVZm0ZIrgugoYu1HSaAdlDBDg4mzv_zP-qE4b_klHbv5N7mZzjvgKt6XKOLjWkxQj0KydZrIn04bZnsoGvFnO3cuNpgvffMwXDTx8R2Q9TPJSl5vmCO-l4CuujQkqp62joIM0qdGpDmu8S5n8UyjWZbrMY-R3uHiuREmBg_E8NSYqEPV-xITrUcpRNzPtQyBCL6RDgYML_WlTaVmt6PL2DdibOeIXhda4mD5gZTPzK3moOB1eWLjiAbt5WiqpG786RSh5ZjNa7rZyhR6cI2CWt3zXc_AFdHB5rH2xyOGzsnQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCN_b0_V3CY4iJDo6oygXVsKrYCsme0rFczfHi3YgBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAnvRoFKBK7I-qAMBqgShAk_QlKUyFGPi11DN-IWpYWKZ9zltZ9RR4d90JDYUR2o8EZcdCtp8o2H_ndlGv9DWPBvGVplvHRiOD9VGBgWb92-sa9jjZzqW6tfJuHQVkM7loHNwiuQ2FSP3UjNiy2tW_eId1HNHNnHRJylbwIcG6GMIzGlE8eYnVdetCFfDA1HeRp3OzA3l2-i84R-SWBIWyORNPOlA_DXjXuu3KerpXTQQ2U7LQFeKJzvx4KYOPMPc5gUX-WjunomaFsOv0NrhSphDu2uAHiXQ5ATzbtmyjUSRCC3TwUwd1LDP9rEWm_9BxkcyRGqvIItBjGVhvL84zTEPyYB70zYsSoXyFadsKk-Dvm4nBM_BZwEjjjg_oM_tqKE0HLA-mqcren-9PuzxPbqABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Qjsig3BoTkrRnFg7UwmYrGZ9eSA%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.2.65:0
Hash d906abac385eded454b5ba5c43e76998
a13e5df116c3266eb701839cadb124c3f70efdb2
9ab0a013cadd4b6bef4f90fc80707ba2e9f01a5ea99fbcaf7bb902a21095b0ec
GET /delivery/r/afr.php?z=Y8Jd_QADhIgKspQOAAqYVQV4aKrdIMfdjtIz-g&u=%7C1zhPwMH0JY7MMH%2FgTyRnBlN%2BaD148HSD8rwOqkMHJj4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUAuabbKvlotkvJgXknYQIulmG6KjErnf_fHpkkRwE8Mo4X7coJtHAWbJSWlO3xI2w-g0NDZ_ByyKnwjNOMXDsle7hdFPSIj2KtYFt_wCzv00Wn_eD6IkiCdZ8_MMJWxDmUqSn6a1M4RTETdw4kAwrCsRYNGECuKwNZp_fMUR63SsrSTzrUgypYZahDia5o6rnQqdG8d9JFucsD-Ivlq6rKyVZm0ZIrgugoYu1HSaAdlDBDg4mzv_zP-qE4b_klHbv5N7mZzjvgKt6XKOLjWkxQj0KydZrIn04bZnsoGvFnO3cuNpgvffMwXDTx8R2Q9TPJSl5vmCO-l4CuujQkqp62joIM0qdGpDmu8S5n8UyjWZbrMY-R3uHiuREmBg_E8NSYqEPV-xITrUcpRNzPtQyBCL6RDgYML_WlTaVmt6PL2DdibOeIXhda4mD5gZTPzK3moOB1eWLjiAbt5WiqpG786RSh5ZjNa7rZyhR6cI2CWt3zXc_AFdHB5rH2xyOGzsnQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCN_b0_V3CY4iJDo6oygXVsKrYCsme0rFczfHi3YgBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAnvRoFKBK7I-qAMBqgShAk_QlKUyFGPi11DN-IWpYWKZ9zltZ9RR4d90JDYUR2o8EZcdCtp8o2H_ndlGv9DWPBvGVplvHRiOD9VGBgWb92-sa9jjZzqW6tfJuHQVkM7loHNwiuQ2FSP3UjNiy2tW_eId1HNHNnHRJylbwIcG6GMIzGlE8eYnVdetCFfDA1HeRp3OzA3l2-i84R-SWBIWyORNPOlA_DXjXuu3KerpXTQQ2U7LQFeKJzvx4KYOPMPc5gUX-WjunomaFsOv0NrhSphDu2uAHiXQ5ATzbtmyjUSRCC3TwUwd1LDP9rEWm_9BxkcyRGqvIItBjGVhvL84zTEPyYB70zYsSoXyFadsKk-Dvm4nBM_BZwEjjjg_oM_tqKE0HLA-mqcren-9PuzxPbqABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Qjsig3BoTkrRnFg7UwmYrGZ9eSA%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_UOXYGYcg5UfBacd-cvevbv85WKVQHfLMEnZEEQcEdNkCg0yOlCaW49xJ40rA2NociNFKJk5hhqUzxwwHhb6YytQNhdRfp0V2CwVb_gF7vnvQRWRXNkf6bKdq95IC_oj94dvWZBuutzwaxqnpUCJGarnaTqbFPLYoJiNRr9gU6y42h49yNrT9dPGFzrePhu6Q_5tlUoWRoIAhRjOHJWec3iHQCJh7SNyxsTTCf03c-e0PfFza1qqexntH_URrGzi1PcJrw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 137678198
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F5%2F85914-0_1.jpg%3Fcb%3Dfb34c12d43cc9badd8e9dffee3a743e5&v=3&w=800&s=ZRe28cfq05jocxxTObnwEIDG&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F5%2F85914-0_1.jpg%3Fcb%3Dfb34c12d43cc9badd8e9dffee3a743e5&v=3&w=800&s=ZRe28cfq05jocxxTObnwEIDG&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x354, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 159f195c6548105f50c8409794210914
5d3310e07a1879746aa7b5ceecf4e1f4be7b30c7
ae00fb1660bc545f8a7f0a459bd714344b8dd91a4d0a79cf9b1958d5a3054bcd
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F5%2F85914-0_1.jpg%3Fcb%3Dfb34c12d43cc9badd8e9dffee3a743e5&v=3&w=800&s=ZRe28cfq05jocxxTObnwEIDG&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29911757
expires: Tue, 26 Dec 2023 12:36:31 GMT
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13894
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=JoxPa2Ycg5UfBacdex54s91dr8a_GBVhM63RDDz8ykjoGQYgeb3K9lX5F_wOw62C1OawYFcj5u3ooTA5WJF5kqJ-QNTqqD2sHvAnRYUultBucn4pW_gGGumwO9LJqoOPijLjzrFdL1V17MAg0iwTllgpN2ozqgVsVyaUoOCS99AhYOPF0cpY7WoXXP9iQtZqQyaPwBPxgoSiCFO7POpR1f5ad76fC2FoqELK4jsft_T2dzXGxyFcurODrl3Zz0OqDw0Hfw&sds=2&rev=84230&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=JoxPa2Ycg5UfBacdex54s91dr8a_GBVhM63RDDz8ykjoGQYgeb3K9lX5F_wOw62C1OawYFcj5u3ooTA5WJF5kqJ-QNTqqD2sHvAnRYUultBucn4pW_gGGumwO9LJqoOPijLjzrFdL1V17MAg0iwTllgpN2ozqgVsVyaUoOCS99AhYOPF0cpY7WoXXP9iQtZqQyaPwBPxgoSiCFO7POpR1f5ad76fC2FoqELK4jsft_T2dzXGxyFcurODrl3Zz0OqDw0Hfw&sds=2&rev=84230&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=JoxPa2Ycg5UfBacdex54s91dr8a_GBVhM63RDDz8ykjoGQYgeb3K9lX5F_wOw62C1OawYFcj5u3ooTA5WJF5kqJ-QNTqqD2sHvAnRYUultBucn4pW_gGGumwO9LJqoOPijLjzrFdL1V17MAg0iwTllgpN2ozqgVsVyaUoOCS99AhYOPF0cpY7WoXXP9iQtZqQyaPwBPxgoSiCFO7POpR1f5ad76fC2FoqELK4jsft_T2dzXGxyFcurODrl3Zz0OqDw0Hfw&sds=2&rev=84230&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
2.18.172.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 2.18.172.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 14 Jan 2023 07:47:13 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=_UOXYGYcg5UfBacd-cvevbv85WKVQHfLMEnZEEQcEdNkCg0yOlCaW49xJ40rA2NociNFKJk5hhqUzxwwHhb6YytQNhdRfp0V2CwVb_gF7vnvQRWRXNkf6bKdq95IC_oj94dvWZBuutzwaxqnpUCJGarnaTqbFPLYoJiNRr9gU6y42h49yNrT9dPGFzrePhu6Q_5tlUoWRoIAhRjOHJWec3iHQCJh7SNyxsTTCf03c-e0PfFza1qqexntH_URrGzi1PcJrw&sds=2&rev=84230&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=_UOXYGYcg5UfBacd-cvevbv85WKVQHfLMEnZEEQcEdNkCg0yOlCaW49xJ40rA2NociNFKJk5hhqUzxwwHhb6YytQNhdRfp0V2CwVb_gF7vnvQRWRXNkf6bKdq95IC_oj94dvWZBuutzwaxqnpUCJGarnaTqbFPLYoJiNRr9gU6y42h49yNrT9dPGFzrePhu6Q_5tlUoWRoIAhRjOHJWec3iHQCJh7SNyxsTTCf03c-e0PfFza1qqexntH_URrGzi1PcJrw&sds=2&rev=84230&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=_UOXYGYcg5UfBacd-cvevbv85WKVQHfLMEnZEEQcEdNkCg0yOlCaW49xJ40rA2NociNFKJk5hhqUzxwwHhb6YytQNhdRfp0V2CwVb_gF7vnvQRWRXNkf6bKdq95IC_oj94dvWZBuutzwaxqnpUCJGarnaTqbFPLYoJiNRr9gU6y42h49yNrT9dPGFzrePhu6Q_5tlUoWRoIAhRjOHJWec3iHQCJh7SNyxsTTCf03c-e0PfFza1qqexntH_URrGzi1PcJrw&sds=2&rev=84230&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:12 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfd4ac087fdbf39fec947643791de166
eaa4dbbea8bb338542033af03196551224b5dd45
c5c261a76b945d195b6438d102fb59ef09b29b9919ceb2a1489968a3f48e98e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6149
Cache-Control: max-age=107408
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:14 GMT
Etag: "63c1468d-1d7"
Expires: Sun, 15 Jan 2023 13:37:22 GMT
Last-Modified: Fri, 13 Jan 2023 11:54:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 06f4391f80ae9f8efdeb0d361a7eb8d2
726231d834da3afc054b4d7a39ed4a8f4770d05a
9efe65a820826cf68a0a1f9c0f1ee94b7f171c16dd86c5ae676f1dd1d37ae099
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7e1f84c8e8c91f54a1f6fb1f684e3a13
etag: "4ad6149615a7a8a4d7521f7ba2c8bdb0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 14 Jan 2023 07:56:20 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: BvQ5H4Cun4796w02Gn640g==
x-fb-debug: UYsntbttFckbZb2lADNHDyyoCLBBWZ9YByuKwr0hUYEv/JMpzcsRQD+rD2G6XU/Uk/RW2PHKRswbABrqmphncA==
priority: u=3,i
content-length: 1684
x-fb-trip-id: 1904183273
date: Sat, 14 Jan 2023 07:47:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfd4ac087fdbf39fec947643791de166
eaa4dbbea8bb338542033af03196551224b5dd45
c5c261a76b945d195b6438d102fb59ef09b29b9919ceb2a1489968a3f48e98e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6149
Cache-Control: max-age=107408
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:47:14 GMT
Etag: "63c1468d-1d7"
Expires: Sun, 15 Jan 2023 13:37:22 GMT
Last-Modified: Fri, 13 Jan 2023 11:54:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
2.18.172.123200 OK 1.3 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
IP 2.18.172.123:0
File type Unicode text, UTF-8 text, with very long lines (3821), with no line terminators
Hash 4adc016f0378d43b1e4d8a48395311fb
de42f6825c8d2ef4989b84479d9731baa195bbaa
70f1c455a93fbc3c54102023dd47c6bcc3ff290302ac6e517cd87b74e4efc205
GET /live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 1250
etag: 727245640--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Sat, 14 Jan 2023 07:47:14 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=63c25ded576d5331&bkl=0&bl=1&pdt=1640&sid=63c25ded576d5331&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Ftelkari%2520ustal%25C4%25B1%25C4%259F%25C4%25B1%2520nedir&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1673682417240&jsl=1&uvs=63c25ded85cdd29d000&skipb=1&callback=addthis.cbs.jsonp__202815437313439760
2.18.172.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63c25ded576d5331&bkl=0&bl=1&pdt=1640&sid=63c25ded576d5331&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Ftelkari%2520ustal%25C4%25B1%25C4%259F%25C4%25B1%2520nedir&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1673682417240&jsl=1&uvs=63c25ded85cdd29d000&skipb=1&callback=addthis.cbs.jsonp__202815437313439760
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash d8a2624a9ce0ea82739aad6669d83450
772168116a310fe51776a57574d0edaf5d55cb92
f2d6e69d46f60fd0fa6760dec4d7c21d98d01263f3eaae81618ac21625bacb8b
GET /live/red_lojson/300lo.json?si=63c25ded576d5331&bkl=0&bl=1&pdt=1640&sid=63c25ded576d5331&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Ftelkari%2520ustal%25C4%25B1%25C4%259F%25C4%25B1%2520nedir&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1673682417240&jsl=1&uvs=63c25ded85cdd29d000&skipb=1&callback=addthis.cbs.jsonp__202815437313439760 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sat, 14 Jan 2023 07:47:14 GMT
X-Firefox-Spdy: h2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
2.18.172.123200 OK 28 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 2.18.172.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash 52bcf6a645211d0d5422a508ff3d0311
9c47c99a0ab39fa9dd11d05440c5b3d25c8d3bf7
aa393590ea92c4e96713996b7df36673dc5afb3c78f85a02393fda179df5cbe4
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28546
date: Sat, 14 Jan 2023 07:47:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
2.18.172.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 2.18.172.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash ac1b5db6377f89a6d7f517c571b8ddba
87205f72f7338d717dd2966119ecb6aae22d5835
9164225c4ffa9eded3fd96fd8403249cf67e2047354fc245fb349216565d00a2
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Sat, 14 Jan 2023 07:47:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 14 Jan 2023 07:47:14 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/images/cvlbx/beachSummer.jpg
2.18.172.123200 OK 88 kB URL HTTP/2 s7.addthis.com/static/images/cvlbx/beachSummer.jpg
IP 2.18.172.123:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x800, components 3\012- data
Hash 2c026aa51bcd25d6b33218d4aa5f6d83
dc4d354fbae246e6f8e4f3d959720d2f006adb33
2e8cb0f4f4f8506bfeb3a39189a6b975e80018e5aa8cd49ed48cb9c4219a8958
GET /static/images/cvlbx/beachSummer.jpg HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/jpeg
content-length: 88467
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-15993"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 14 Jan 2023 07:47:14 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
2.18.172.123200 OK 394 B URL HTTP/2 s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP 2.18.172.123:0
File type ASCII text, with very long lines (564), with no line terminators
Hash 09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Sat, 14 Jan 2023 07:47:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash eb2c9b51e3f24c39d2983f6e3a82ec23
c8100c7a8213b941fd38df2a05e73f5e624f63a6
03adc79b1195bd36ae27f2f0b9b6d21fc05093d557d41e29b4f642b6e1487060
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1267
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 14 Jan 2023 07:47:14 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
2.18.172.123200 OK 127 B URL HTTP/2 s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash c16f2b8f73dfadd8068f3f840cdf7bc5
48f837510b3e187dde91ce56bdd8453830ce64b2
aa41e2ad8da9c442cc1c812d157425bdb3e7e9ff2aec76ee3ac41bbfec720a0e
GET /static/208.92c9dfa16a7b958c8a95.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-70"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 127
date: Sat, 14 Jan 2023 07:47:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/195.461912c47007775093ae.js
2.18.172.123200 OK 298 B URL HTTP/2 s7.addthis.com/static/195.461912c47007775093ae.js
IP 2.18.172.123:0
File type ASCII text, with very long lines (384), with no line terminators
Hash b3a09bfb320e3798865e9543432f891f
1b852bdc37086072c734acec0af4d1971e6ec320
62048a133b36399f6990ddbf705fc3a2cd9a8a9d010e1fb89ed8bdd25d56fca3
GET /static/195.461912c47007775093ae.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-180"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 298
date: Sat, 14 Jan 2023 07:47:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63c25ded85cdd29d&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
2.18.172.123204 No Content 0 B URL HTTP/2 m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63c25ded85cdd29d&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
IP 2.18.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63c25ded85cdd29d&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
expires: Sat, 14 Jan 2023 07:47:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 14 Jan 2023 07:47:14 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=fabe2cd75d156cc3f0cd1d74da2a21a5
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=fabe2cd75d156cc3f0cd1d74da2a21a5
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js?hash=fabe2cd75d156cc3f0cd1d74da2a21a5 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: be7cc4f224a42fc5de96894baf73a99f
etag: "54c81485bff85ff9c82c375b12120d5c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 14 Jan 2024 05:47:54 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: SlwWrw+I0KfK5fF9+6rBVg==
x-fb-debug: qAJoeQTLeVI5HXak4/297+9TSyNHnzgZU3nbSNCyVppz4VN4bnahWphLVlZ8lL1yF8+Pbr3+0BtjKlLcUDisuQ==
priority: u=3,i
content-length: 86952
x-fb-trip-id: 2074150462
date: Sat, 14 Jan 2023 07:47:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.106:0
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jan 2023 07:47:08 GMT
date: Sat, 14 Jan 2023 07:47:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EAo64t93wCs3txwqPiSRw8TATw7uISXo5DBeGaUpIIauJc_8AnjK0B7mJr-hiZ6T3HL4Lu82pVdmOK8addtSmMONWXSAbq7EpHZ84UrTHbDspRYcSCZ_Y3qzKZM8CBHcHKO3ok5LA60q6YTIXxj9xKztKva_f_L6dpSuOq0bYnjcy6LpIhvlh6DOnR8eUt00A0XMhpXQNHhXz6zAP4OeLd4D5__b66diFieb5JP34lsC1WCY97USsj-4mUDxrHfLFbBt-J5cz3c33iqK5mYcWrSatHtdh-UFivWS92BkSH42MnAqQb6iwe1RjksukWlzNN_T98mgS5Qpw-w0OxRFpGeO584-Lun07ZA5zjxCQOtev9s4Iaywx81xVri0DYtkdzZM9Hw_uIGY-FiSUhQvF5a7mpW4HoPOhJzF5XT8nMHNnrlzMexJvAODrdoIjQ1l0Llr-g
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EAo64t93wCs3txwqPiSRw8TATw7uISXo5DBeGaUpIIauJc_8AnjK0B7mJr-hiZ6T3HL4Lu82pVdmOK8addtSmMONWXSAbq7EpHZ84UrTHbDspRYcSCZ_Y3qzKZM8CBHcHKO3ok5LA60q6YTIXxj9xKztKva_f_L6dpSuOq0bYnjcy6LpIhvlh6DOnR8eUt00A0XMhpXQNHhXz6zAP4OeLd4D5__b66diFieb5JP34lsC1WCY97USsj-4mUDxrHfLFbBt-J5cz3c33iqK5mYcWrSatHtdh-UFivWS92BkSH42MnAqQb6iwe1RjksukWlzNN_T98mgS5Qpw-w0OxRFpGeO584-Lun07ZA5zjxCQOtev9s4Iaywx81xVri0DYtkdzZM9Hw_uIGY-FiSUhQvF5a7mpW4HoPOhJzF5XT8nMHNnrlzMexJvAODrdoIjQ1l0Llr-g
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=EAo64t93wCs3txwqPiSRw8TATw7uISXo5DBeGaUpIIauJc_8AnjK0B7mJr-hiZ6T3HL4Lu82pVdmOK8addtSmMONWXSAbq7EpHZ84UrTHbDspRYcSCZ_Y3qzKZM8CBHcHKO3ok5LA60q6YTIXxj9xKztKva_f_L6dpSuOq0bYnjcy6LpIhvlh6DOnR8eUt00A0XMhpXQNHhXz6zAP4OeLd4D5__b66diFieb5JP34lsC1WCY97USsj-4mUDxrHfLFbBt-J5cz3c33iqK5mYcWrSatHtdh-UFivWS92BkSH42MnAqQb6iwe1RjksukWlzNN_T98mgS5Qpw-w0OxRFpGeO584-Lun07ZA5zjxCQOtev9s4Iaywx81xVri0DYtkdzZM9Hw_uIGY-FiSUhQvF5a7mpW4HoPOhJzF5XT8nMHNnrlzMexJvAODrdoIjQ1l0Llr-g HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:12 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2917339
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:47:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-03-10 20:26:25
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 9f906bfe8a0a96b9156c7a4ed4664168
cdn-cache: HIT
cf-cache-status: HIT
age: 22993217
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7894c307cf8fb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/design/googlefont/opensans/opensans-400.css
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/design/googlefont/opensans/opensans-400.css
IP 178.250.0.130:0
GET /design/googlefont/opensans/opensans-400.css HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:47:11 GMT
content-type: text/css
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
etag: W/"6391f077-9fe"
expires: Tue, 09 Jan 2024 07:47:11 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2