r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Fri, 02 Dec 2022 13:50:05 GMT
Date: Fri, 02 Dec 2022 13:05:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6177
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:01 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8055
Expires: Fri, 02 Dec 2022 15:19:16 GMT
Date: Fri, 02 Dec 2022 13:05:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 12:19:56 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2705
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ANULuujFhCsUMKfDokaJCN1q4UXZUNuc6aoiQePJDXRyRPaObOSIZNxnNBWTKUm45cPMFZ+rKvU=
x-amz-request-id: NPBJSKHZ5D11RGWX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 12:46:07 GMT
age: 1134
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 12:08:57 GMT
cache-control: public,max-age=3600
age: 3365
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.com/search/label/giri%C5%9Fimcilik%20e%C4%9Fitimi
172.217.21.161301 Moved Permanently 223 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/giri%C5%9Fimcilik%20e%C4%9Fitimi
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0cecd1c617154365ec892bf55344a6c4
367f2f1dd744fd2cf56bde0576600b6c1085f706
3974e4b88ab9afdf4ba3ff0ab8d7b9724d68529ce8c6dfa532cf435f145bec2e
Analyzer Verdict Alert fortinet Malware
GET /search/label/giri%C5%9Fimcilik%20e%C4%9Fitimi HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/giri%C5%9Fimcilik%20e%C4%9Fitimi
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 02 Dec 2022 13:05:02 GMT
Expires: Fri, 02 Dec 2022 13:05:02 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 223
Server: GSE
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9bd806cca07dea834ae8e19fe9681b03
2177d482712d52a37e8c40a647b18ca18cceb3e1
bc838e9f2fb696c917c7132e05d99914472c6b06336202b072902ade707a6ffd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6172
Cache-Control: max-age=164684
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:02 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:49:46 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.25.203101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.25.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hVXm8FUBc81ysAlCxQhgAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l1vMxWelHhjSGZJmG6aX7td1V+s=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9bd806cca07dea834ae8e19fe9681b03
2177d482712d52a37e8c40a647b18ca18cceb3e1
bc838e9f2fb696c917c7132e05d99914472c6b06336202b072902ade707a6ffd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 90b4caf4c10d4aedbbf15a03650df1f8
f2da7656691c4bc1238df9c60f4439dde08541dc
2c67636d085bb985e6cc0a524aeb26d2a8d1f574d538e394349d2196587e1219
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6132
Cache-Control: max-age=157115
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Etag: "6389a2c6-116"
Expires: Sun, 04 Dec 2022 08:43:38 GMT
Last-Modified: Fri, 02 Dec 2022 07:01:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-20442478-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash fb5b4be3ca32b7bd96cc9483878a9580
1ec6570de36d82147017c1744c8a831988dfb0b5
0fe645b21e8ab20be7233492adff196bf72651e4dd191eec7b2ffce7fe0417ea
GET /gtag/js?id=UA-20442478-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Fri, 02 Dec 2022 13:05:03 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-19531429-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 069f07c6bbead78fe164c6e56adbbf05
f9542ce2c3df8489053798c39e1564349199f05d
183b500e55c60066cc955cc1e7707d412918ca7e94a6c09d38e1effe8b9fe854
GET /gtag/js?id=UA-19531429-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Fri, 02 Dec 2022 13:05:03 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 90b4caf4c10d4aedbbf15a03650df1f8
f2da7656691c4bc1238df9c60f4439dde08541dc
2c67636d085bb985e6cc0a524aeb26d2a8d1f574d538e394349d2196587e1219
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6132
Cache-Control: max-age=157115
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Etag: "6389a2c6-116"
Expires: Sun, 04 Dec 2022 08:43:38 GMT
Last-Modified: Fri, 02 Dec 2022 07:01:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 04:46:35 GMT
expires: Thu, 30 Nov 2023 04:46:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 202708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg
142.250.74.65200 OK 2.8 kB URL HTTP/2 1.bp.blogspot.com/-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d55d42497002238cef58073d9c761b05
4f9d7fb15fec1a928fb214ddc863962ae6f532a1
4bfb10d5a18713cb2911e63b1a36629868f87cea235bf04cffbcaee37508128e
GET /-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20a4"
expires: Sat, 03 Dec 2022 13:05:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4+4+4+egitim-sistemi.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 13:05:03 GMT
server: fife
content-length: 2786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.65200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 198baf3f7d853bc634b438561c189896
63640490c23c9d452cb566e3c8d9cb29cb9bef37
5edbbfadba784c3a27259984b189817862e146c0c550b6854bd6175be846aa41
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4527
x-xss-protection: 0
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
142.250.74.65200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4484
x-xss-protection: 0
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7fdb"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
142.250.74.65200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 142.250.74.65:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6242
x-xss-protection: 0
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7d8d"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
142.250.74.65200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1866a1eda8caaedee6e9021f426d9d21
050f44f27fb2164dd65c28a937a89d9f7aa87fd4
6fbe535d995be032754b848a23901cd0eea3d102e279f3cb3a0c881fa52eb4e7
GET /-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20fb"
expires: Sat, 03 Dec 2022 13:05:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 13:05:03 GMT
server: fife
content-length: 2591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash edc20fc8aa6ad58979b33dae06c69b75
8f84cf73a9524d41576d37cca067bd5440570c17
612154ea86b04286beaa8aa08624410a03ae7a0c72646613cd70de3dfa595f06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4413
Cache-Control: max-age=170478
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Etag: "6389ddb0-117"
Expires: Sun, 04 Dec 2022 12:26:21 GMT
Last-Modified: Fri, 02 Dec 2022 11:12:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
content-type: text/css
age: 227830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg
142.250.74.65200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 101cb2f6a85980b317ea2eb8293f8a8e
65646d427fdfe4e2cfd0663a211b8b9d3b98cb5c
2599d588436b93dbad44b9c1f222caa13b2d7db9fb81b3123b10543cb8a34fc8
GET /-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20a3"
expires: Sat, 03 Dec 2022 13:05:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B_R GAR_P A_K H_KAYES_ NE_ET ERTA_&LEYLA ERTA_.jpg";filename*=UTF-8''B%C4%B0R%20GAR%C4%B0P%20A%C5%9EK%20H%C4%B0KAYES%C4%B0%20NE%C5%9EET%20ERTA%C5%9E%26LEYLA%20ERTA%C5%9E.jpg
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 13:05:03 GMT
server: fife
content-length: 2641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-V334VUTLe-s/WMLbXGabjEI/AAAAAAAAe1E/4Uw7lSmkhWsKM6OhQHtDHSRjGh21kFHlACLcB/w72-h72-p-k-no-nu/100_2319.JPG
142.250.74.65200 OK 3.7 kB URL HTTP/2 4.bp.blogspot.com/-V334VUTLe-s/WMLbXGabjEI/AAAAAAAAe1E/4Uw7lSmkhWsKM6OhQHtDHSRjGh21kFHlACLcB/w72-h72-p-k-no-nu/100_2319.JPG
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash cc9a0a3c61b4e39acdda6f3a8e8e3777
eef8663c4f07e3782fc4b1367b5762c243501dcd
2a7fb2a057aa310e1b7555458fded538acf4ca30208086b2ac95c776015c82e7
GET /-V334VUTLe-s/WMLbXGabjEI/AAAAAAAAe1E/4Uw7lSmkhWsKM6OhQHtDHSRjGh21kFHlACLcB/w72-h72-p-k-no-nu/100_2319.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="100_2319.JPG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3695
x-xss-protection: 0
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7b53"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
104.18.11.207200 OK 10 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (28596)
Hash 8de3cddc8d6e500b8f358e111c4f6e5d
909f0579c8a98c8f9fc23ab98c2937b5c7d0eae9
916d1ab6b7205bdd433993317a4578e5706e67116bc3c80f3075bb03184f8a9b
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:03 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-03-10 20:26:25
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 9f906bfe8a0a96b9156c7a4ed4664168
cdn-cache: HIT
cf-cache-status: HIT
age: 19297092
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7734459e5de3b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 24450ed842495fb2f4ba69e1fac2d4d2
c7e7c8aa0308094c71d663a21bd9e689aeccc952
0dddf87df6f1821f08503310345aa465e0b63a4f130073e734e27e04780c4baa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-19531429-2&l=dataLayer&cx=c
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 41cc41e60c5dd809f0106b34c415eec1
df77d9518469f686fa00ea843aed9a77edb5e744
96291ed7ff3ef250291c227b1bb7b7ea42d647ac47e2b1ec93f226d06e5efa77
GET /gtag/js?id=UA-19531429-2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Fri, 02 Dec 2022 13:05:03 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43640
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rollercoin.com/static/img/public_img/gen2/w160h600.gif
172.67.72.239200 OK 257 kB URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 172.67.72.239:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 257 kB (256868 bytes)
Hash 310de483225f5182ad7e10732d049749
47c20a51575f309719a5cc70fa770c29c3fea19b
5be1e183cfd4a31f6cf1973e887b6baaf9314e424c540f83497105535787b511
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:03 GMT
content-type: image/webp
content-length: 256868
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=323815
content-disposition: inline; filename="w160h600.webp"
etag: W/"4f0e7-18364eefb18"
last-modified: Thu, 22 Sep 2022 11:22:07 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: HIT
age: 4970528
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zfJH%2F8PrtG7nB5i8Y%2FefxjJxV9JvFdHjEvxFXWWP3qkPd9XsWjnKM0IDV%2FDNvviblTjfJ0grwfMrQZhFkmNjKrsPBsek%2BeSIUVvzpML3hWMxUvSOra%2FxNS%2Bp7lnXGZT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7734459f7e5dfac8-OSL
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Fri, 02 Dec 2022 13:05:03 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.com/search/label/giri%C5%9Fimcilik%20e%C4%9Fitimi
172.217.21.161200 OK 121 kB URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/giri%C5%9Fimcilik%20e%C4%9Fitimi
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526)
Size 121 kB (120716 bytes)
Hash e8bbad5f6d635787876d5fc03cf1ef93
4eec70b8668392a6d111c31d6d7755013c272aae
2161299c1236925ec7d26f488f8588e905dee691907c8aa2b66e8fb7ce022216
Analyzer Verdict Alert fortinet Malware
GET /search/label/giri%C5%9Fimcilik%20e%C4%9Fitimi HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 02 Dec 2022 13:05:03 GMT
date: Fri, 02 Dec 2022 13:05:03 GMT
cache-control: private, max-age=0
last-modified: Tue, 29 Nov 2022 20:22:02 GMT
etag: W/"8ca8df289a2001deb99934e54cae67fa14d6127f41db94bab2f53714bb6870c1"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 120716
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (4885)
Hash 11eb89ad80d76d680c0a0628c4460cb5
5fe75875d229b5276d984c842861865b3f806d77
31ca7f6dee16d1d3b2d70ee5c4282783e07c056172988a5a22d192904deead4b
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Dec 2022 13:05:03 GMT
expires: Fri, 02 Dec 2022 13:05:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8483183762752168771
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png
142.250.74.65404 Not Found 1.7 kB URL HTTP/2 4.bp.blogspot.com/-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png
IP 142.250.74.65:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
GET /-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 13:05:04 GMT
server: fife
content-length: 1742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17019
Expires: Fri, 02 Dec 2022 17:48:43 GMT
Date: Fri, 02 Dec 2022 13:05:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17019
Expires: Fri, 02 Dec 2022 17:48:43 GMT
Date: Fri, 02 Dec 2022 13:05:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17019
Expires: Fri, 02 Dec 2022 17:48:43 GMT
Date: Fri, 02 Dec 2022 13:05:04 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 5d0b2895922d98e5e9a9174c4c0e5392
d9057b83082d9ad0ef582e9ce895d1806cb8f9f2
6a95d4cf367c2c902fb8199efd5abaa37d0cf685cc01a1f41c76aac9966d3ab7
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 13:05:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 06 Dec 2022 11:59:02 GMT
ETag: "d9057b83082d9ad0ef582e9ce895d1806cb8f9f2"
Last-Modified: Fri, 02 Dec 2022 11:59:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2125
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773445a0ba25b527-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 55817
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 27889
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17019
Expires: Fri, 02 Dec 2022 17:48:43 GMT
Date: Fri, 02 Dec 2022 13:05:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 54811
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 31 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 8b7cd98004b5a619d5ae2c11f7e4f95f
1f4a7476084e64124984e742593655247f8e8774
4a8f8a092ac4f6cdfb825ee9f028c08ec0154732dfeea23d9beaac3aed75dc4f
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 31306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 08:09:47 GMT
expires: Tue, 28 Nov 2023 08:09:47 GMT
cache-control: public, max-age=31536000
age: 363317
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 12:41:08 GMT
expires: Fri, 02 Dec 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 1436
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:21:56 GMT
age: 85388
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 25456
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 54674
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
142.250.74.34200 OK 119 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with very long lines (6148)
Size 119 kB (119181 bytes)
Hash 308a1468c22f35fba04c883f8d95ac7c
4f522d3dbf2f34a81a21db2ebe670edba7b544a7
fc89c548fc94f66da89c0a5f9897b1ede17798f0bfe7d8f3bc38deaa2c707ab3
GET /pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Dec 2022 13:05:04 GMT
expires: Fri, 02 Dec 2022 13:05:04 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 16447618587505171082
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 3
Date: Fri, 02 Dec 2022 13:05:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
www.google-analytics.com/j/collect?v=1&_v=j98&a=639923034&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fgiri%25C5%259Fimcilik%2520e%25C4%259Fitimi&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%20giri%C5%9Fimcilik%20e%C4%9Fitimi&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1343620823&gjid=1543876846&cid=981399558.1669986302&tid=UA-20442478-1&_gid=1085556422.1669986302&_r=1>m=2oubu0&z=864543690
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=639923034&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fgiri%25C5%259Fimcilik%2520e%25C4%259Fitimi&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%20giri%C5%9Fimcilik%20e%C4%9Fitimi&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1343620823&gjid=1543876846&cid=981399558.1669986302&tid=UA-20442478-1&_gid=1085556422.1669986302&_r=1>m=2oubu0&z=864543690
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=639923034&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fgiri%25C5%259Fimcilik%2520e%25C4%259Fitimi&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%20giri%C5%9Fimcilik%20e%C4%9Fitimi&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1343620823&gjid=1543876846&cid=981399558.1669986302&tid=UA-20442478-1&_gid=1085556422.1669986302&_r=1>m=2oubu0&z=864543690 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
date: Fri, 02 Dec 2022 13:05:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 88543
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:42:14 GMT
expires: Thu, 30 Nov 2023 20:42:14 GMT
cache-control: public, max-age=31536000
age: 145370
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 3
Date: Fri, 02 Dec 2022 13:05:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 149774
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:45:39 GMT
expires: Thu, 30 Nov 2023 19:45:39 GMT
cache-control: public, max-age=31536000
age: 148765
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 02 Dec 2022 11:45:52 GMT
expires: Fri, 16 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
age: 4752
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.35200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 149774
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
142.250.74.35200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:43:30 GMT
expires: Wed, 29 Nov 2023 15:43:30 GMT
cache-control: public, max-age=31536000
age: 249694
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
2.18.172.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 2.18.172.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116406 bytes)
Hash 722e21e12eaa431752dfae3577fe0619
cdf8ee4381284ad6b6081663ae6ee322998e1b35
998242560562ed6542b378745338b65d06b0001ee9c4c9bb843166524bd4c407
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116406
date: Fri, 02 Dec 2022 13:05:04 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=omoj4vc1cpqus50jucrgh4ok; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Sat, 03-Dec-2022 14:05:02 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Fri, 02 Dec 2022 13:05:02 GMT
Content-Length: 318
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a26afaaadb2a0ed8f3adf3ba46f076b0
fd5066cc90bd627ab0cf7f2463ae71b26f7ebf38
0ef7ce87cf40f2eabf3daab6d1336bfd51f0539f6d174a5f66afdd898acd1d06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 464 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash 3b3854ffc7ec37148939b28239077145
1a362033e0b020680f3369be746b46994381151a
2a37ff9e03859728b9794da0932b972c34d04785835be5f59cab45839ab4c9be
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:04 GMT
location: https://www.blogger.com/followers.g?blogID=5726965044016880204&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-G466Zvl_-beoKz92KWDCDQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 464
server: GSE
set-cookie: __Host-GAPS=1:bmA0I-kT82xkpUEzhiJMTQVtSgCk7g:B5SD75duJZO6YDo0;Path=/;Expires=Sun, 01-Dec-2024 13:05:04 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=83dcfb00-d923-4e6a-9241-2acdd5a93124
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=83dcfb00-d923-4e6a-9241-2acdd5a93124
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=83dcfb00-d923-4e6a-9241-2acdd5a93124 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:04 GMT
last-modified: Fri, 02 Dec 2022 13:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Dec 2022 13:05:04 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 55021
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 73461
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a9bdfccd1df3e323e28d92aea1077409
4625fbbbbb614755a86dabddfaf40e99b3934ba6
8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Dec 2022 13:05:04 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1
216.58.207.226200 OK 252 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 7cea66284d8408950e10eb3bebdaa976
6532e1e2660fe22dbbda0d1f65c59ed544418921
57dcfeb90a5e277e067b6f69feaea3eea8638d61919d20b6c0b066d3141057fe
GET /gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Dec 2022 13:05:04 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
83.66.162.128200 OK 4.5 kB URL HTTP/1.1 widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (19781), with no line terminators
Hash d917d10a568917376ce065e84ebc04c0
eb368dc21cb28adcf22ce221b590729598658d2c
4f45f209d3645945394cdb1866967a741b66258f65d42fb7dc0b163a4a1d39ec
GET //content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01 HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 8295483
Date: Sun, 28 Aug 2022 12:46:44 GMT
Expires: Thu, 22 Dec 2022 23:31:43 GMT
Cache-Control: public
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Last-Modified: Wed, 22 Dec 2021 23:31:43 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 4521
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 59ccaf5f1bf1101f3d43ae777be4f6a9
2740c2403e005eac512a829e64de6a03a65fcbb6
1c6da1c071531cd11b32e943b42798202de1a80882e067773ed4d6147094587f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a9bdfccd1df3e323e28d92aea1077409
4625fbbbbb614755a86dabddfaf40e99b3934ba6
8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=33091
date: Fri, 02 Dec 2022 13:05:05 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/photos/public/AIbEiAIAAABDCKXVxr6iiczVFiILdmNhcmRfcGhvdG8qKDc0NmI1YzJhZGE2NjhiNmQxZTk0Yjc3OTA4ZjVlYjA3NzUwZWI3ZGEwAVmBj3xmNyE3qPvBRDnofzypVUVw
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCKXVxr6iiczVFiILdmNhcmRfcGhvdG8qKDc0NmI1YzJhZGE2NjhiNmQxZTk0Yjc3OTA4ZjVlYjA3NzUwZWI3ZGEwAVmBj3xmNyE3qPvBRDnofzypVUVw
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCKXVxr6iiczVFiILdmNhcmRfcGhvdG8qKDc0NmI1YzJhZGE2NjhiNmQxZTk0Yjc3OTA4ZjVlYjA3NzUwZWI3ZGEwAVmBj3xmNyE3qPvBRDnofzypVUVw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu_O4H-or1PgNYjmxeUhp9uQjoigmJ1figmNU6Xsrc4=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-G4f9FVhm8NRmcKNgTe9uXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=V0OXyPlylLsztsVSEuacOZLkKkJ8hevcIYy6bU5tN1CQgMV-YpA5JL74z8wkiX9BHHQrgfYRqFRkSocmKwr5iaxbf3gKpSo-KH_xJWXDXzmLLAmS27rXFiKkz4HY0Cn2UDm7T2YKds-ehACHOE29qk5KA3qKvE0mKhdWaznXtiQ; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/photos/public/AIbEiAIAAABECLHlk_Wx_uLViwEiC3ZjYXJkX3Bob3RvKig3ZjAwOGMwYjRmYThkZjE0MmFlNzcwNmMwNDQ5MTA0NWE5NThiYjUxMAGSxY8WsGFy9CRCpLOYY1fVZuUOWw
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECLHlk_Wx_uLViwEiC3ZjYXJkX3Bob3RvKig3ZjAwOGMwYjRmYThkZjE0MmFlNzcwNmMwNDQ5MTA0NWE5NThiYjUxMAGSxY8WsGFy9CRCpLOYY1fVZuUOWw
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECLHlk_Wx_uLViwEiC3ZjYXJkX3Bob3RvKig3ZjAwOGMwYjRmYThkZjE0MmFlNzcwNmMwNDQ5MTA0NWE5NThiYjUxMAGSxY8WsGFy9CRCpLOYY1fVZuUOWw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8IoAqtK5J_1yWu9FKHPGoPM2AIGeHZoj-fgHcGUDI=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-DHCdRipOfa0OIU8hSaCiCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=rQmZDf16kE7rhzwIhdUTEt6micJzJrdgFt1M4wV97Kp34Fv9Rmm9dH7IjYU60gMeTsYu9EgFZGM4sY791bUiFjTLM69md7eQsg1x4tQocJuiRSy-zAC4mD9PZA6oJvf0QnrpQ6e8lM1EJD4mFiYn1gtBixGsh7Ae3O_G079vuNw; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c
142.250.74.97200 OK 677 B URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 80127b2ef0ff1a4d1172873896063ca1
89c3255969cda140c45f927fc5f2d0364df9b6e1
9435c16195af2f0b99e230108154228b63661029b39d6857f1aba97ca30e6a59
GET /a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 677
x-xss-protection: 0
date: Fri, 02 Dec 2022 12:29:41 GMT
expires: Sat, 03 Dec 2022 12:29:41 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/png
age: 2124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECLC5m52H382_nwEiC3ZjYXJkX3Bob3RvKig5YTAxMDM1MmYwODE2YjRlN2MyNDQ2MjgwZTM2ZTRmY2YyYTU4MmMyMAFhQC5ne8c4X9vYb8i_X7BSNaEjEg
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECLC5m52H382_nwEiC3ZjYXJkX3Bob3RvKig5YTAxMDM1MmYwODE2YjRlN2MyNDQ2MjgwZTM2ZTRmY2YyYTU4MmMyMAFhQC5ne8c4X9vYb8i_X7BSNaEjEg
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECLC5m52H382_nwEiC3ZjYXJkX3Bob3RvKig5YTAxMDM1MmYwODE2YjRlN2MyNDQ2MjgwZTM2ZTRmY2YyYTU4MmMyMAFhQC5ne8c4X9vYb8i_X7BSNaEjEg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8EbafYdEa212Nt8-uihnUGhQaRV4S6EXCceL4Q=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-WdglOy4KSIbuak-y6_3THA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=C9LBQgsgg7HtllNmpbwoU1zcc18mrCPImEnHxDrNk5GfPb0STGVKiSEF432brShn1vIA3y04XSuZSJmRh0FX-FNHYohM075KVk6xTzBHU-OFfS6MliR699flUKfus8NAuRTDPC6tNoC4Ob5fi-vbtXGfKUt2O0xC-hemRAcmNjI; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCOqnssyo7L25HyILdmNhcmRfcGhvdG8qKDlmM2YyMTkwZmM0NWM1MWRlOTE4ZDlmYWIyZTI1Y2E3NzlkZjgyN2QwAeK5TVzFpkMX-zglrO-j2zLnqwZZ
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCOqnssyo7L25HyILdmNhcmRfcGhvdG8qKDlmM2YyMTkwZmM0NWM1MWRlOTE4ZDlmYWIyZTI1Y2E3NzlkZjgyN2QwAeK5TVzFpkMX-zglrO-j2zLnqwZZ
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCOqnssyo7L25HyILdmNhcmRfcGhvdG8qKDlmM2YyMTkwZmM0NWM1MWRlOTE4ZDlmYWIyZTI1Y2E3NzlkZjgyN2QwAeK5TVzFpkMX-zglrO-j2zLnqwZZ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8kGp_xz-hCOczDeNAPr0m02UM2O1WZ8smiI41thQ=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport, script-src 'nonce-tXnmc2JJy8XgU5slg2Orxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=N2JGrYZWFIlCPi0Ijp5j1FsAlCIYZubxBmVe_8ZrGsM-u6pqTANui5YuNFIG6-tScYjY68BpKfD16dYDz1sbvTCffRnBMk7MUHra0TGsYd8MU4zETj6yBGhiggR-CdaKgvnAO9AtVcguCZSZu1QrKDN8rtdZSiMycMEFC_gtoGM; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECOmV2aGwre_WqQEiC3ZjYXJkX3Bob3RvKihjMjgyYWE5NDFlNzBhOTVmYmI2ZGQwZjRhNWNhOGEwZDQ5NmNiNDkzMAFWI9kV5VdZZ6IH-EelhFjjYOmo5w
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECOmV2aGwre_WqQEiC3ZjYXJkX3Bob3RvKihjMjgyYWE5NDFlNzBhOTVmYmI2ZGQwZjRhNWNhOGEwZDQ5NmNiNDkzMAFWI9kV5VdZZ6IH-EelhFjjYOmo5w
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECOmV2aGwre_WqQEiC3ZjYXJkX3Bob3RvKihjMjgyYWE5NDFlNzBhOTVmYmI2ZGQwZjRhNWNhOGEwZDQ5NmNiNDkzMAFWI9kV5VdZZ6IH-EelhFjjYOmo5w HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-GZ6ui4n2eZgKAHaogSN5qpYnzJtHPnhlNUdhjyic=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-8AK8QNiKMirFVNwE_g-rwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=IsM8h6MSATZ6y7lXZb3RepNZrZlnIKHySihCcdhiATXYTr8kBAhphXVRSPc2pdyo7OLs5VK-m9DuJeX8kwIGDIzbnRDzLa1X8Ku2VREVtGMVwTsNytzDDl3BQbfSQtuxzcZTT-D925Oeq4kw5CQNzGHCOon4qo2c1uuu1Lcg68o; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a/default-user=s45-c
142.250.74.97200 OK 316 B URL HTTP/2 lh3.googleusercontent.com/a/default-user=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 9fae1841320a0eaa434a022513f60859
245fac7a1ba86adda5bf5571babef7d5280672a4
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
GET /a/default-user=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 316
x-xss-protection: 0
date: Fri, 02 Dec 2022 11:09:54 GMT
expires: Thu, 24 Nov 2022 03:05:41 GMT
cache-control: public, max-age=86400, no-transform
age: 6911
etag: "v0"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCKm23dCqxPHcIyILdmNhcmRfcGhvdG8qKGJlYjJlNTUxNmM2MjUzNWY0YjVmNTJmYmRiOTA4MTc5NTQxOWM1N2IwAS_4IFQO96gyLOwPW9OfqVN5kl8_
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCKm23dCqxPHcIyILdmNhcmRfcGhvdG8qKGJlYjJlNTUxNmM2MjUzNWY0YjVmNTJmYmRiOTA4MTc5NTQxOWM1N2IwAS_4IFQO96gyLOwPW9OfqVN5kl8_
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCKm23dCqxPHcIyILdmNhcmRfcGhvdG8qKGJlYjJlNTUxNmM2MjUzNWY0YjVmNTJmYmRiOTA4MTc5NTQxOWM1N2IwAS_4IFQO96gyLOwPW9OfqVN5kl8_ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu9-gKc5QrMgWdI11h10SDuFYsmcv5y-mPeVdnv3BA=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-QX-mXakdLi3-z8EA8CUtlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=FKtNNVeIaVqFyR_njUffk8kjELha1I9HOf1pv0wyZlK0BHm1f0QB8VQNf5n1K_Ub8aalHWgbnS5FCCUvxM-ptg_-bD6PgizlSxV5ooLM3YNAQYdx2Jpp3bHFFeDcjvTtWPozST0kI5_VieZFaDH6kb_Z64FIIIm4Chj6sY7EvRE; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECOSilZTEqpC6iQEiC3ZjYXJkX3Bob3RvKig5M2YzYzJmYzgyNDVkYzIzZDRmYmFkZTBhYzY4M2U0OTU0M2RmZWFlMAGcNJ4r18SO5E5H5RLgEG4-25hxCQ
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECOSilZTEqpC6iQEiC3ZjYXJkX3Bob3RvKig5M2YzYzJmYzgyNDVkYzIzZDRmYmFkZTBhYzY4M2U0OTU0M2RmZWFlMAGcNJ4r18SO5E5H5RLgEG4-25hxCQ
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECOSilZTEqpC6iQEiC3ZjYXJkX3Bob3RvKig5M2YzYzJmYzgyNDVkYzIzZDRmYmFkZTBhYzY4M2U0OTU0M2RmZWFlMAGcNJ4r18SO5E5H5RLgEG4-25hxCQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu9N13bg85Jdjr18SwZafN9AGCkpf1G2nQYQaadgEg=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-EmGSbMgS0Mi9ixvX3pZLJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=Rdxit7l2ZoJBRcqjsA8JnhFt8xSFVO_uCZoRXilvB2ouT7fTjllt6U2mzO2PJLmD76EqaX_gbrBCYG7nnpw2GBQC6xPjCnlLQM-eNPfq_OgtkhEVyf8pfAO8VKKUmsPiOLqKvbjxfCB300Fs2eS6QWcHe_X4h6TGQBFjA8Ek_bY; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECLHw_sD50bfbmAEiC3ZjYXJkX3Bob3RvKig3NDY3MGQ3NjE0ZjE3ODIyNjQwMTkzNDQ0MTc5Yjk2ZjMwMmRjMTFhMAEL_jXI-C_ZyBc0lugWCi_XNgMFWw
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECLHw_sD50bfbmAEiC3ZjYXJkX3Bob3RvKig3NDY3MGQ3NjE0ZjE3ODIyNjQwMTkzNDQ0MTc5Yjk2ZjMwMmRjMTFhMAEL_jXI-C_ZyBc0lugWCi_XNgMFWw
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECLHw_sD50bfbmAEiC3ZjYXJkX3Bob3RvKig3NDY3MGQ3NjE0ZjE3ODIyNjQwMTkzNDQ0MTc5Yjk2ZjMwMmRjMTFhMAEL_jXI-C_ZyBc0lugWCi_XNgMFWw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8nPGRn7TM1IyrxVm7M69DlE29VZcjszDQ2rKA=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-A508aOhKutbQQEq8UbEt6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=bFLJK6bHLSiFBc_oF7C-QWBJO5L0qvqBu6IP4af9h_zTqNedCUNS-2kGu46JynIrYY46YYbz4YgrWx1oh80T_3L33rMgG9GcBqyuPRgMg24n-dGlXvGttmZ-7tK0y9kTFebOeq8EGdLp4JltlnBAf43dMUxCEP-5MfRsZ72bpm4; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECLrosN7ajLPHjwEiC3ZjYXJkX3Bob3RvKig5ZDY1NTc1ZGZhMjJmODI2YjNlOGU1MmJiMGRjYjFmMGU0NzM2NzRmMAGJ5i_QXgjOq6_my-sSm9fSCgtqvA
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECLrosN7ajLPHjwEiC3ZjYXJkX3Bob3RvKig5ZDY1NTc1ZGZhMjJmODI2YjNlOGU1MmJiMGRjYjFmMGU0NzM2NzRmMAGJ5i_QXgjOq6_my-sSm9fSCgtqvA
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECLrosN7ajLPHjwEiC3ZjYXJkX3Bob3RvKig5ZDY1NTc1ZGZhMjJmODI2YjNlOGU1MmJiMGRjYjFmMGU0NzM2NzRmMAGJ5i_QXgjOq6_my-sSm9fSCgtqvA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 13:05:05 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-S__NmpVOn6BU_NnRLNy504mtGhZe4p0xesVK4uw=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-A_ou0HBPjxxujEOc5GYrHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=s67_96ZZoDxeuIma3EkkPNfKb2ULda6ICgAo0itsTAsuUuVLO-_MzeRVK2lqjY3BYXYyElZJo0vXvE5Whpi8cz-EpfnXnNr_amtQX8_afip-hkPDcTHVD9U2DPK-md7vIkb7lKV86CaESgQ_BV-w8l9WOvGH1mOvwt6UakMzH9M; expires=Sat, 03-Jun-2023 13:05:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da32e4b24f4f95e4e807cff2459f54c3
02db1c6d628b2f51fa0b46fcb79a71178780bc47
4d6ff368a64dc83f4a637fbf44b2256523ca7c43b824022f8f6428de6cfae368
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 12:51:04 GMT
expires: Fri, 02 Dec 2022 13:06:04 GMT
cache-control: public, max-age=900
age: 842
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da32e4b24f4f95e4e807cff2459f54c3
02db1c6d628b2f51fa0b46fcb79a71178780bc47
4d6ff368a64dc83f4a637fbf44b2256523ca7c43b824022f8f6428de6cfae368
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
142.250.74.97200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 381e323dcc3c52d299f378cca24308c4
b3c153fe7a7f36ffea3888717dfddbb49d1d6db7
71f66f8405cfb78d7cee560d8f609e451ce1cb453b5b8a337e0045c559a5867f
GET /p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6dad"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 13:05:06 GMT
server: fife
content-length: 4723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 67e8fed9092e88476cbeefc66a6cb069
ba8b0844a20242784ffb79ea9a7c367f8986e2e3
a376ed35f3eb2e1fc3e699a5d0748c47ed27a53dcf1565d7e4238a38137795b7
GET /p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v17f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 13:05:06 GMT
server: fife
content-length: 3831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 02 Dec 2022 13:05:06 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4ce907feb8d4c0f33ceac02fdec6f13e
317826c74f7421d8755ec63d7e8fb06a5988fb93
27cea660b84d5683c0f0b3eebb5e72e75bd9b2116186dab4d0d8e2229186f84d
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 02 Dec 2022 13:05:06 GMT
server: ESF
cache-control: private
content-length: 31169
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.65200 OK 4.6 kB URL HTTP/2 yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 7f0d8c8d9cbb88ed7c0dc10ee1a2b0ae
830e3dfe396cc6bc3a448d0ed13e4f1d25fdef58
0f8e403418f768e45267ca0edb3223d1a3c5e1dec070040b6399c0a89773cbf4
GET /vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4552
x-xss-protection: 0
date: Fri, 02 Dec 2022 09:45:27 GMT
expires: Wed, 30 Nov 2022 20:15:49 GMT
cache-control: public, max-age=86400, no-transform
age: 11979
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0a7b2c025a2920fe089ddebaf876d45d
f189d6c447af2b5405fd62036e2a42d15fcdccf6
752b233c690105130d22c8d7df624c97b21e9864e7ae140987ecf04d153c0dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
142.250.74.86200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 12:11:18 GMT
expires: Fri, 02 Dec 2022 14:11:18 GMT
cache-control: public, max-age=7200
age: 3228
etag: "1668598177"
content-type: image/webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f4b80b9fdd50e1a97c434f592efe9e5f
9f8ef6f699f6a349edf46c73ed4023d706027201
ed2e81c384d6b31b0e0ed2169df1bb332e92bb8c5885eedb13f7a4270b8abec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f4b80b9fdd50e1a97c434f592efe9e5f
9f8ef6f699f6a349edf46c73ed4023d706027201
ed2e81c384d6b31b0e0ed2169df1bb332e92bb8c5885eedb13f7a4270b8abec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Thu, 01 Dec 2022 15:59:33 GMT
expires: Thu, 15 Dec 2022 15:59:33 GMT
cache-control: public, max-age=1209600
age: 75933
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
172.217.21.161200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221110/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Thu, 01 Dec 2022 15:03:35 GMT
expires: Thu, 15 Dec 2022 15:03:35 GMT
cache-control: public, max-age=1209600
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
age: 79291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0a7b2c025a2920fe089ddebaf876d45d
f189d6c447af2b5405fd62036e2a42d15fcdccf6
752b233c690105130d22c8d7df624c97b21e9864e7ae140987ecf04d153c0dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e53bb8387ca9b101ed40339e2578e229
3d1fd0f30606271d144d87f3d40020f5e69b91e7
c66ddb124d99935fff477ff1d0b03ee4bd33a916e66a374635a12330ae49d159
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5752
Cache-Control: max-age=128644
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Etag: "6389350e-139"
Expires: Sun, 04 Dec 2022 00:49:10 GMT
Last-Modified: Thu, 01 Dec 2022 23:13:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 784a61684d44b40a8fd20ed1372aa526
551692fea3cae6d013d73e9654144f08f733b8ae
469b6455c9b61098fc998c773d8e18208d7501c03b10727f176718c386509bd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5606
Cache-Control: max-age=93915
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Etag: "6388adf7-138"
Expires: Sat, 03 Dec 2022 15:10:21 GMT
Last-Modified: Thu, 01 Dec 2022 13:36:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEAH4iWN2ub2ad3xXswYZEwASAAA&wp=Y4n4AQANPEUKmuoCAAZpYCVouf7Xn3jnW-Ezjg
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEAH4iWN2ub2ad3xXswYZEwASAAA&wp=Y4n4AQANPEUKmuoCAAZpYCVouf7Xn3jnW-Ezjg
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEAH4iWN2ub2ad3xXswYZEwASAAA&wp=Y4n4AQANPEUKmuoCAAZpYCVouf7Xn3jnW-Ezjg HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 260028
date: Fri, 02 Dec 2022 13:05:06 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BAB-IljaGtR1rGZLZw2pYgAEgMB&wp=Y4n4AgAArvcCO8lTAAdxmZHMr11NUEhLyEjR6Q
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BAB-IljaGtR1rGZLZw2pYgAEgMB&wp=Y4n4AgAArvcCO8lTAAdxmZHMr11NUEhLyEjR6Q
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPjTDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BAB-IljaGtR1rGZLZw2pYgAEgMB&wp=Y4n4AgAArvcCO8lTAAdxmZHMr11NUEhLyEjR6Q HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 1356528
date: Fri, 02 Dec 2022 13:05:05 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 600a0b46f63ff46b0ab01cefb789d46b
e3c4ea4a38efdfe8637bbbdf77a21ffb6508ec7f
7a5355d9c1a3d3abfa4231c164a55570c6723383203547627fa05b094f15384e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5887
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:06 GMT
Last-Modified: Fri, 02 Dec 2022 11:26:59 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&ups=1&v=3&w=800&s=Xdj1fxkyIlaLsuzvvAns35-f
178.250.2.135200 OK 52 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&ups=1&v=3&w=800&s=Xdj1fxkyIlaLsuzvvAns35-f
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cb097942f6fbba54ee3ac58df2197378
58a9346b7d2000fc417135beda70f62aa29b6a27
4235755045682e562b9da3896fb6f28edbb2280d98e34219275071dbf6a47533
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&ups=1&v=3&w=800&s=Xdj1fxkyIlaLsuzvvAns35-f HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31170419
expires: Tue, 28 Nov 2023 07:32:06 GMT
date: Fri, 02 Dec 2022 13:05:06 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 51560
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
2.18.172.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 2.18.172.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 02 Dec 2022 13:05:06 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=brrjWJJQosmtLdw2GZ5AHCqbDWi2YJZyZISz5q5J1RyROXstmQ0T_ymYyTk15JM6B_P8ru1mbN31kOPnw9UrG7eIBLUB1iJEt3uZZv7ByerdUPrC71QrF5kcaM9PDLOHjy4uZnVFrAwbGVE_4TL87ikvJl3BZ24YgXnwSzUAgGTB4-Ca5h8rlNkrf0hBhcSUFcHSAwQaXpBtep04m9ZuQGCVAI6UvzUlbOFxgxG8H8GlvklGR2pjY59nExi1zJMYGT6jb4qUcZebmPaFgMU5yXp0ey7W2OIUU1WJmHk4EOOhTc3koj1qcHngW8y37Vmqm033xOmrRsj3iMotHJltD2-ji6jMfgKSa6RALeVCVMAl257MsLEJwcnhYorSI7zOjN5DKfuizHqIonIX6XAVG9WUGI_VD6ehOtZWtwOJnwfMEnoi
178.250.2.148200 OK 13 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=brrjWJJQosmtLdw2GZ5AHCqbDWi2YJZyZISz5q5J1RyROXstmQ0T_ymYyTk15JM6B_P8ru1mbN31kOPnw9UrG7eIBLUB1iJEt3uZZv7ByerdUPrC71QrF5kcaM9PDLOHjy4uZnVFrAwbGVE_4TL87ikvJl3BZ24YgXnwSzUAgGTB4-Ca5h8rlNkrf0hBhcSUFcHSAwQaXpBtep04m9ZuQGCVAI6UvzUlbOFxgxG8H8GlvklGR2pjY59nExi1zJMYGT6jb4qUcZebmPaFgMU5yXp0ey7W2OIUU1WJmHk4EOOhTc3koj1qcHngW8y37Vmqm033xOmrRsj3iMotHJltD2-ji6jMfgKSa6RALeVCVMAl257MsLEJwcnhYorSI7zOjN5DKfuizHqIonIX6XAVG9WUGI_VD6ehOtZWtwOJnwfMEnoi
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c4c6c978392f0365db35c0f31bac8e90
9f98192b075d1d758c7a4cad712aa72c4de3b75f
9605670b3075f698b75ac450ed31b9c68ff3ddea4081aa6f7c3d0eae5b2480e1
GET /delivery/lg.php?cppv=3&cpp=brrjWJJQosmtLdw2GZ5AHCqbDWi2YJZyZISz5q5J1RyROXstmQ0T_ymYyTk15JM6B_P8ru1mbN31kOPnw9UrG7eIBLUB1iJEt3uZZv7ByerdUPrC71QrF5kcaM9PDLOHjy4uZnVFrAwbGVE_4TL87ikvJl3BZ24YgXnwSzUAgGTB4-Ca5h8rlNkrf0hBhcSUFcHSAwQaXpBtep04m9ZuQGCVAI6UvzUlbOFxgxG8H8GlvklGR2pjY59nExi1zJMYGT6jb4qUcZebmPaFgMU5yXp0ey7W2OIUU1WJmHk4EOOhTc3koj1qcHngW8y37Vmqm033xOmrRsj3iMotHJltD2-ji6jMfgKSa6RALeVCVMAl257MsLEJwcnhYorSI7zOjN5DKfuizHqIonIX6XAVG9WUGI_VD6ehOtZWtwOJnwfMEnoi HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:06 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 4099327
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 71cfb0d515178ddb8f4ff5a3c4d7f95a
35dff6eed87807a50f6f2cbdca6015d8419551be
c88dfa7b36b0b6eb14aab6d3d8c06020c7d281b3bffec17303946778e99b6e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:07 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:29 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x215, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a8c54ae76cb59ff01aa7db465e05573f
904693dd7924a11b52841bc98295618881ad6b43
166e8af8adca384f1ee68949bb463e69545efa4ae7e8b7361f884500b1ce9e06
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=380
expires: Fri, 02 Dec 2022 13:11:27 GMT
date: Fri, 02 Dec 2022 13:05:06 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11438
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2FAAA_2021%2Fpurelux_terrain_black_slim_flood_2_1.jpg&v=3&w=400&s=I9O10dMXymneuiSANeBV_Dvq&b=400
178.250.2.135200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2FAAA_2021%2Fpurelux_terrain_black_slim_flood_2_1.jpg&v=3&w=400&s=I9O10dMXymneuiSANeBV_Dvq&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x152, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7da65f289fff36ac8c1b591aecc3cc2d
5a534b345e073aa2af60380f9492ff568a9193df
41a7afb975fe653451492d744ffb6585918bf12323eef196dcfe3f90b8eb2164
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2FAAA_2021%2Fpurelux_terrain_black_slim_flood_2_1.jpg&v=3&w=400&s=I9O10dMXymneuiSANeBV_Dvq&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Fri, 02 Dec 2022 13:05:07 GMT
date: Fri, 02 Dec 2022 13:05:07 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10108
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 71cfb0d515178ddb8f4ff5a3c4d7f95a
35dff6eed87807a50f6f2cbdca6015d8419551be
c88dfa7b36b0b6eb14aab6d3d8c06020c7d281b3bffec17303946778e99b6e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:07 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:29 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLumonite%2Flumonite_headwear_2019_1.jpg&v=3&w=400&s=oXKPPqjn0qeioHEzfwMAbOUr&b=400
178.250.2.135200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLumonite%2Flumonite_headwear_2019_1.jpg&v=3&w=400&s=oXKPPqjn0qeioHEzfwMAbOUr&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 322x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 67fcf3ff000017b5cc9b3c93bbc78a7b
19ed6c3256543066cecb11e5f04d21da22785843
5ba64a731ef3d416575f9c3045c0f5bf92eaec866342d14b64b7ea37d5ab9acd
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLumonite%2Flumonite_headwear_2019_1.jpg&v=3&w=400&s=oXKPPqjn0qeioHEzfwMAbOUr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=411
expires: Fri, 02 Dec 2022 13:11:58 GMT
date: Fri, 02 Dec 2022 13:05:06 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7964
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=jwM6SLbWinL0O85hpknV-i8O
178.250.2.135200 OK 4.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=jwM6SLbWinL0O85hpknV-i8O
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x205, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 408c031c22524a27aa5504099129a64a
f525dd01f41c7695cda5e6faf19438b6be05121c
3bc62b12960c71a8c5587d76f310d3e1585ac2e0ed4704f4e9123258f62d3120
GET /img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=jwM6SLbWinL0O85hpknV-i8O HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30467221
expires: Mon, 20 Nov 2023 04:12:08 GMT
date: Fri, 02 Dec 2022 13:05:07 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4808
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 71cfb0d515178ddb8f4ff5a3c4d7f95a
35dff6eed87807a50f6f2cbdca6015d8419551be
c88dfa7b36b0b6eb14aab6d3d8c06020c7d281b3bffec17303946778e99b6e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:07 GMT
Last-Modified: Fri, 02 Dec 2022 11:22:29 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 71cfb0d515178ddb8f4ff5a3c4d7f95a
35dff6eed87807a50f6f2cbdca6015d8419551be
c88dfa7b36b0b6eb14aab6d3d8c06020c7d281b3bffec17303946778e99b6e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6111
Cache-Control: max-age=123603
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:07 GMT
Etag: "63891ff7-139"
Expires: Sat, 03 Dec 2022 23:25:10 GMT
Last-Modified: Thu, 01 Dec 2022 21:43:19 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:07 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Mon, 27 Nov 2023 13:05:07 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:07 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Mon, 27 Nov 2023 13:05:07 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 5.3 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
Hash 8adf750e31a6dcea7b9fcee930f29a94
e3865a2b574e977759bb86e54de2dcc6b83b0c23
7429bd7fea67d8c476cab3c5872454a4044cfbde9a0ba2745a96f06f83fc36bb
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:07 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Mon, 27 Nov 2023 13:05:07 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2129
Cache-Control: max-age=126816
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:07 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 00:18:43 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.240.1200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.240.1:0
File type ASCII text, with very long lines (1957)
Hash 617bf212a1edb5e0fea59bf698988c9b
420555b32b054d6efc2807acc461d54ae09fbc98
e50aa714b5baaae477590815eb12ea6c3b6b5c46219f1475f9a71192fd0177a1
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6b8e5d3f48cb8e234dc34d0fee6afa29
etag: "6292246674b4b90a67ffa45610fc5564"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 02 Dec 2022 13:24:31 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: YXvyEqHtteD+pZv2mJiMmw==
x-fb-debug: osBBqWh9qJ/JF3hADNTkCQlHV0g/fvO6Nuo697YCQA4K+v9h8bgSxKoSKfYlhHh0fSJE5MchO7Y/NA3dme4CRg==
content-length: 1684
x-fb-trip-id: 1679558926
date: Fri, 02 Dec 2022 13:05:07 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=efMv0FE8fc_ROlbSq2Vqcpb5RSw9QUWQh9d6ikzmHXoFo38-CTZ7zrg2jWDXS9HqOROqv4rkAgmG4NyJ7IB8vOSkvhmb47WWdXRB5hFyhg8mqwYs7mmWvQKaqr6zo_OWEfrPNf_75-JThjjgwrqf2-tJZPdJGlc0hinicfiu6UC8JEOWYT4I31GmX1QaBIwSjMeFGmNF4V56n1A0soHzTc0_OOSE4s9yExV6g4PJB2ChmIDpQLqb49Dug7Jv-GAmi5IxnmmEZvBRnG5LCq6c8J8yHcIJkCShsKPdvHZnTvrRhG-9RYofPygnLz4IsIS-AdUJZJhQDq5te7vREXBpsu4_mRJWn_qN_kHRQN-Ri0kgDcMXgpRDFVUEFc1LxB6ONHBZu3sVWOJ-UwHY0EsuvoOLMtxLwbW8FOBzxQj9tSz0Qh-luyK_JXzHwcbMe0DD49ZBHrpR6P34S2icQMyL0XvZXWSM1IkyLlaf0inCJ2FzvyjP-CMZ4IayJXNKUkh9pxSK3w&z=Y4n4AgAArvcCO8lTAAdxmZHMr11NUEhLyEjR6Q
178.250.2.148200 OK 514 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=efMv0FE8fc_ROlbSq2Vqcpb5RSw9QUWQh9d6ikzmHXoFo38-CTZ7zrg2jWDXS9HqOROqv4rkAgmG4NyJ7IB8vOSkvhmb47WWdXRB5hFyhg8mqwYs7mmWvQKaqr6zo_OWEfrPNf_75-JThjjgwrqf2-tJZPdJGlc0hinicfiu6UC8JEOWYT4I31GmX1QaBIwSjMeFGmNF4V56n1A0soHzTc0_OOSE4s9yExV6g4PJB2ChmIDpQLqb49Dug7Jv-GAmi5IxnmmEZvBRnG5LCq6c8J8yHcIJkCShsKPdvHZnTvrRhG-9RYofPygnLz4IsIS-AdUJZJhQDq5te7vREXBpsu4_mRJWn_qN_kHRQN-Ri0kgDcMXgpRDFVUEFc1LxB6ONHBZu3sVWOJ-UwHY0EsuvoOLMtxLwbW8FOBzxQj9tSz0Qh-luyK_JXzHwcbMe0DD49ZBHrpR6P34S2icQMyL0XvZXWSM1IkyLlaf0inCJ2FzvyjP-CMZ4IayJXNKUkh9pxSK3w&z=Y4n4AgAArvcCO8lTAAdxmZHMr11NUEhLyEjR6Q
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 22fa8bc94e5b029484eea52ed8c76932
47067d7cd5a749238b201906f1f7cfe02318c09e
bc8fe3989f03196bdf195bf3efad85f38d78e624cb44696ed6b8b7cee97d1161
GET /delivery/lgn.php?cppv=3&cpp=efMv0FE8fc_ROlbSq2Vqcpb5RSw9QUWQh9d6ikzmHXoFo38-CTZ7zrg2jWDXS9HqOROqv4rkAgmG4NyJ7IB8vOSkvhmb47WWdXRB5hFyhg8mqwYs7mmWvQKaqr6zo_OWEfrPNf_75-JThjjgwrqf2-tJZPdJGlc0hinicfiu6UC8JEOWYT4I31GmX1QaBIwSjMeFGmNF4V56n1A0soHzTc0_OOSE4s9yExV6g4PJB2ChmIDpQLqb49Dug7Jv-GAmi5IxnmmEZvBRnG5LCq6c8J8yHcIJkCShsKPdvHZnTvrRhG-9RYofPygnLz4IsIS-AdUJZJhQDq5te7vREXBpsu4_mRJWn_qN_kHRQN-Ri0kgDcMXgpRDFVUEFc1LxB6ONHBZu3sVWOJ-UwHY0EsuvoOLMtxLwbW8FOBzxQj9tSz0Qh-luyK_JXzHwcbMe0DD49ZBHrpR6P34S2icQMyL0XvZXWSM1IkyLlaf0inCJ2FzvyjP-CMZ4IayJXNKUkh9pxSK3w&z=Y4n4AgAArvcCO8lTAAdxmZHMr11NUEhLyEjR6Q HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:05 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2915475
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
2.18.172.123200 OK 1.3 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
IP 2.18.172.123:0
File type Unicode text, UTF-8 text, with very long lines (3821), with no line terminators
Hash 4adc016f0378d43b1e4d8a48395311fb
de42f6825c8d2ef4989b84479d9731baa195bbaa
70f1c455a93fbc3c54102023dd47c6bcc3ff290302ac6e517cd87b74e4efc205
GET /live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 1250
etag: 727245640--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Fri, 02 Dec 2022 13:05:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=6389f7ffecc77ae3&bkl=0&bl=1&pdt=2361&sid=6389f7ffecc77ae3&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fgiri%25C5%259Fimcilik%2520e%25C4%259Fitimi&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1669986305110&jsl=1&uvs=6389f7ffa6636eaf000&skipb=1&callback=addthis.cbs.jsonp__3979922903107710
2.18.172.123200 OK 88 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6389f7ffecc77ae3&bkl=0&bl=1&pdt=2361&sid=6389f7ffecc77ae3&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fgiri%25C5%259Fimcilik%2520e%25C4%259Fitimi&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1669986305110&jsl=1&uvs=6389f7ffa6636eaf000&skipb=1&callback=addthis.cbs.jsonp__3979922903107710
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash 39fa0cd5a5ce408d513676962b6474e9
40635bb42c1cc3f3e6e17b8fc46f9a860c990e2a
88c8f579a9c50928d77f19b4422246dede991e859b1f620a7a4a7c1491b73e2f
GET /live/red_lojson/300lo.json?si=6389f7ffecc77ae3&bkl=0&bl=1&pdt=2361&sid=6389f7ffecc77ae3&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fgiri%25C5%259Fimcilik%2520e%25C4%259Fitimi&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1669986305110&jsl=1&uvs=6389f7ffa6636eaf000&skipb=1&callback=addthis.cbs.jsonp__3979922903107710 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 88
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Fri, 02 Dec 2022 13:05:07 GMT
X-Firefox-Spdy: h2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
2.18.172.123200 OK 28 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 2.18.172.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash 52bcf6a645211d0d5422a508ff3d0311
9c47c99a0ab39fa9dd11d05440c5b3d25c8d3bf7
aa393590ea92c4e96713996b7df36673dc5afb3c78f85a02393fda179df5cbe4
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28546
date: Fri, 02 Dec 2022 13:05:07 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=iQPEV_t_drLyBJgQ3mdd76ZiLrPYj1RJK8NZsrofGu6gBUZoC6SdhzBPTimOxBEwFkadk4TJOyPaJ29cKR_U3shCqOwlXU5FUdB9QAppTSmqv7ARRJGt_dcB0_OQ71hTcupcvVFYPndSJoB-rNl0ijsH7qBALtZ1EvfKI9WcVoVbvqLZtOj_JQb-MjX5q0QhSUB4sIUwhDCVGPAa6_Uf14mW6yO7wA3ECOV8pBxj-y4JQDO6Vu9sd1igUd7dAGQc6p_oew&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=iQPEV_t_drLyBJgQ3mdd76ZiLrPYj1RJK8NZsrofGu6gBUZoC6SdhzBPTimOxBEwFkadk4TJOyPaJ29cKR_U3shCqOwlXU5FUdB9QAppTSmqv7ARRJGt_dcB0_OQ71hTcupcvVFYPndSJoB-rNl0ijsH7qBALtZ1EvfKI9WcVoVbvqLZtOj_JQb-MjX5q0QhSUB4sIUwhDCVGPAa6_Uf14mW6yO7wA3ECOV8pBxj-y4JQDO6Vu9sd1igUd7dAGQc6p_oew&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=iQPEV_t_drLyBJgQ3mdd76ZiLrPYj1RJK8NZsrofGu6gBUZoC6SdhzBPTimOxBEwFkadk4TJOyPaJ29cKR_U3shCqOwlXU5FUdB9QAppTSmqv7ARRJGt_dcB0_OQ71hTcupcvVFYPndSJoB-rNl0ijsH7qBALtZ1EvfKI9WcVoVbvqLZtOj_JQb-MjX5q0QhSUB4sIUwhDCVGPAa6_Uf14mW6yO7wA3ECOV8pBxj-y4JQDO6Vu9sd1igUd7dAGQc6p_oew&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:07 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
2.18.172.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 2.18.172.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash ac1b5db6377f89a6d7f517c571b8ddba
87205f72f7338d717dd2966119ecb6aae22d5835
9164225c4ffa9eded3fd96fd8403249cf67e2047354fc245fb349216565d00a2
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Fri, 02 Dec 2022 13:05:07 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4n4AQAFK9cCO8xNAA8QvB-_wpQw1t2tTs_gvw&u=%7Ccqzfh9yhZcD%2Fvyci2f4%2Fm8nRGGlT%2BKpLghLJ8cG7rGU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUNOQfIy6m4dtM5FEuAyCaRIEDZjYVGiQpwJwdCKWtrg2q4Ax3F3dc0MDSZU7tGULuHMxX4ersQjM_b1TmL2525kVKqPrXHOR9wavxUHsjcJZTTpKDt9jEHM0IGwQM6wQPxBxAWPN6QNT4zJHHJZXZDy2z5Vf_WxgEIIA8HVm46ikw5pQtcTCjcl35HohSl0SP9YVnnyDHdmenlA2ocBJpnmFj6ZLVcsuyfVEGJsSZ6lfQocdTCuU1mXiZv4TJL2oGi7HtuBqNGgAo4yKdfGs87alCtJh8xms9tNqg-kLVr5AaEt_kXU-S-_T9lFlNe2eYnKikK3JwVzPLI6YD2_gVTKySsAsoDfxGYUxE3k-kDRXSoh1s1L-N32Ft4OGL86QbQn22cKyIh_lfcnZxklzPpsXVg5HD6lnN7RiRhi3iKvlShrCD54NomHNTKe3XHDGrLr35Ov58lQU3fhYUY7vD7__55f4DGN4f_ly8ihDi8Zp_M6xNaEGa8Ekz4PVaRytcg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9uMDAfiJY9fXFM2Y78EPvKG8sAbJntKxXLWY49aTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEoogco6uxPqgDAaoEmAJP0LucnsSuB_4npA5wR9dCy_M87TqTSHG2JA-yuArb7O45wPVUhHkDGUxV-xTlkRfhxOiEwwuOp58FaCk8b44WMvSKnS7fMIbf4YLUB7g33QR4QP_gmlpV794Hap40Bs9cA4LUmFrII-q06COuYld-8tsnIL_oeBcrw0wFarJ5qiUkH2LgxlEM8qLxOdGi3QO4J7-scccIL1aaaBhM5pX5U36d-6IepbVpwDnSEQ3ZZtA1yiqr0uGQCKV1U5lp3dOo3O_yMB2nyL2yfArPBNceXpQzyi4i8aCvQvdVdIA5uk4qNiSpRX-yBlqJfOuQvpZu1cMB7LB4FYFcFR3lM888aU32yk-7DrmJBNN4UkwU93w4uhfH0yyZgAb-u9fLnY__tGugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3EDo6a40LAHt1pprHGWkBi5OVwqw%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.2.65200 OK 51 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4n4AQAFK9cCO8xNAA8QvB-_wpQw1t2tTs_gvw&u=%7Ccqzfh9yhZcD%2Fvyci2f4%2Fm8nRGGlT%2BKpLghLJ8cG7rGU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUNOQfIy6m4dtM5FEuAyCaRIEDZjYVGiQpwJwdCKWtrg2q4Ax3F3dc0MDSZU7tGULuHMxX4ersQjM_b1TmL2525kVKqPrXHOR9wavxUHsjcJZTTpKDt9jEHM0IGwQM6wQPxBxAWPN6QNT4zJHHJZXZDy2z5Vf_WxgEIIA8HVm46ikw5pQtcTCjcl35HohSl0SP9YVnnyDHdmenlA2ocBJpnmFj6ZLVcsuyfVEGJsSZ6lfQocdTCuU1mXiZv4TJL2oGi7HtuBqNGgAo4yKdfGs87alCtJh8xms9tNqg-kLVr5AaEt_kXU-S-_T9lFlNe2eYnKikK3JwVzPLI6YD2_gVTKySsAsoDfxGYUxE3k-kDRXSoh1s1L-N32Ft4OGL86QbQn22cKyIh_lfcnZxklzPpsXVg5HD6lnN7RiRhi3iKvlShrCD54NomHNTKe3XHDGrLr35Ov58lQU3fhYUY7vD7__55f4DGN4f_ly8ihDi8Zp_M6xNaEGa8Ekz4PVaRytcg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9uMDAfiJY9fXFM2Y78EPvKG8sAbJntKxXLWY49aTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEoogco6uxPqgDAaoEmAJP0LucnsSuB_4npA5wR9dCy_M87TqTSHG2JA-yuArb7O45wPVUhHkDGUxV-xTlkRfhxOiEwwuOp58FaCk8b44WMvSKnS7fMIbf4YLUB7g33QR4QP_gmlpV794Hap40Bs9cA4LUmFrII-q06COuYld-8tsnIL_oeBcrw0wFarJ5qiUkH2LgxlEM8qLxOdGi3QO4J7-scccIL1aaaBhM5pX5U36d-6IepbVpwDnSEQ3ZZtA1yiqr0uGQCKV1U5lp3dOo3O_yMB2nyL2yfArPBNceXpQzyi4i8aCvQvdVdIA5uk4qNiSpRX-yBlqJfOuQvpZu1cMB7LB4FYFcFR3lM888aU32yk-7DrmJBNN4UkwU93w4uhfH0yyZgAb-u9fLnY__tGugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3EDo6a40LAHt1pprHGWkBi5OVwqw%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.2.65:0
Hash e1c6d587cceceef87d6d9f5a2eda8a1d
416d9ef8d652f42e98dcce9967c38010b5299694
778c7a3841a3d837676731f6bacfd3e98dfdebb02ef3a141f060feae2bda7c99
GET /delivery/r/afr.php?z=Y4n4AQAFK9cCO8xNAA8QvB-_wpQw1t2tTs_gvw&u=%7Ccqzfh9yhZcD%2Fvyci2f4%2Fm8nRGGlT%2BKpLghLJ8cG7rGU%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUNOQfIy6m4dtM5FEuAyCaRIEDZjYVGiQpwJwdCKWtrg2q4Ax3F3dc0MDSZU7tGULuHMxX4ersQjM_b1TmL2525kVKqPrXHOR9wavxUHsjcJZTTpKDt9jEHM0IGwQM6wQPxBxAWPN6QNT4zJHHJZXZDy2z5Vf_WxgEIIA8HVm46ikw5pQtcTCjcl35HohSl0SP9YVnnyDHdmenlA2ocBJpnmFj6ZLVcsuyfVEGJsSZ6lfQocdTCuU1mXiZv4TJL2oGi7HtuBqNGgAo4yKdfGs87alCtJh8xms9tNqg-kLVr5AaEt_kXU-S-_T9lFlNe2eYnKikK3JwVzPLI6YD2_gVTKySsAsoDfxGYUxE3k-kDRXSoh1s1L-N32Ft4OGL86QbQn22cKyIh_lfcnZxklzPpsXVg5HD6lnN7RiRhi3iKvlShrCD54NomHNTKe3XHDGrLr35Ov58lQU3fhYUY7vD7__55f4DGN4f_ly8ihDi8Zp_M6xNaEGa8Ekz4PVaRytcg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9uMDAfiJY9fXFM2Y78EPvKG8sAbJntKxXLWY49aTAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEoogco6uxPqgDAaoEmAJP0LucnsSuB_4npA5wR9dCy_M87TqTSHG2JA-yuArb7O45wPVUhHkDGUxV-xTlkRfhxOiEwwuOp58FaCk8b44WMvSKnS7fMIbf4YLUB7g33QR4QP_gmlpV794Hap40Bs9cA4LUmFrII-q06COuYld-8tsnIL_oeBcrw0wFarJ5qiUkH2LgxlEM8qLxOdGi3QO4J7-scccIL1aaaBhM5pX5U36d-6IepbVpwDnSEQ3ZZtA1yiqr0uGQCKV1U5lp3dOo3O_yMB2nyL2yfArPBNceXpQzyi4i8aCvQvdVdIA5uk4qNiSpRX-yBlqJfOuQvpZu1cMB7LB4FYFcFR3lM888aU32yk-7DrmJBNN4UkwU93w4uhfH0yyZgAb-u9fLnY__tGugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3EDo6a40LAHt1pprHGWkBi5OVwqw%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:08 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=32fYsft_drLyBJgQuVbfhJBEnFIxiVHFkxTl3uJAS00OZBOgDAehKog5aItaAsst4rEind62jwcXoZfq3BB0bcd_GMoDajGF6hrkH-3XwLpf95blDupjG9eCbUk2o883rkQ1lVfudrcaLPIwHHMxQprHJaUx7-l44bIechRB7AHqgHR_eBfCPWcI7VtAluo_1TiHF_VQNa-T7FWqT6fhBt7cDEUAhOFng7hHbkTyxAJQ1Ym-4FPel9v_fkSzvvI4gxRxpxGfzIlbha_N"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 100263201
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 1c79565690e83ae97cd143886eb5adb4
438b270d950fe9ef2bc179b0fd9a12f913c528e6
cc65c4a53a3efad9aacd1165ece271a962d02083a3a570ccf44b110b70a41951
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5728
Cache-Control: max-age=157403
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:08 GMT
Etag: "6389a57f-138"
Expires: Sun, 04 Dec 2022 08:48:31 GMT
Last-Modified: Fri, 02 Dec 2022 07:13:03 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 1c79565690e83ae97cd143886eb5adb4
438b270d950fe9ef2bc179b0fd9a12f913c528e6
cc65c4a53a3efad9aacd1165ece271a962d02083a3a570ccf44b110b70a41951
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5712
Cache-Control: max-age=157387
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 13:05:08 GMT
Etag: "6389a57f-138"
Expires: Sun, 04 Dec 2022 08:48:15 GMT
Last-Modified: Fri, 02 Dec 2022 07:13:03 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 312
static.criteo.net/design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff
178.250.0.130200 OK 26 kB URL HTTP/2 static.criteo.net/design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff
IP 178.250.0.130:0
File type Web Open Font Format, TrueType, length 26324, version 1.0\012- data
Hash 9acd111085f701eaf4fea7135f15ffa7
176a9dd986032b3647d1a40458db1db7d965f8bc
5a4a3459c15a5266e888bb12bbe9041b0f72aed89306411a5d5e69e7a1aa9f4d
GET /design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 26324
last-modified: Mon, 06 Jul 2020 12:19:39 GMT
etag: "5f0316db-66d4"
expires: Mon, 27 Nov 2023 13:05:08 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrOzWawC2ASdg2ICAgAAALQtmre-JuykEAL4iWPSgAu_-luUbyAshgASAAA&wp=Y4n4AwAD4OEKmvLIAAGwWIyG72dlpiEFcQ5czg
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrOzWawC2ASdg2ICAgAAALQtmre-JuykEAL4iWPSgAu_-luUbyAshgASAAA&wp=Y4n4AwAD4OEKmvLIAAGwWIyG72dlpiEFcQ5czg
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPjTDrOzWawC2ASdg2ICAgAAALQtmre-JuykEAL4iWPSgAu_-luUbyAshgASAAA&wp=Y4n4AwAD4OEKmvLIAAGwWIyG72dlpiEFcQ5czg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 261072
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff
178.250.0.130200 OK 17 kB URL HTTP/2 static.criteo.net/design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff
IP 178.250.0.130:0
File type Web Open Font Format, CFF, length 17120, version 1.0\012- data
Hash f683179206a26fcb9ef35c6d14f6f7c7
c6da815fa6502dd63eb2606efd112fdd1eb9e79e
a26a23639f1408dca8879503cd479d3f823b085b727437c9d66c33ca3f75c08f
GET /design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 17120
last-modified: Mon, 06 Jul 2020 12:19:39 GMT
etag: "5f0316db-42e0"
expires: Mon, 27 Nov 2023 13:05:08 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQAfiJY2jpjhdeFmr_YRUqABIAAA&wp=Y4n4AQAFK9cCO8xNAA8QvB-_wpQw1t2tTs_gvw
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQAfiJY2jpjhdeFmr_YRUqABIAAA&wp=Y4n4AQAFK9cCO8xNAA8QvB-_wpQw1t2tTs_gvw
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPjTDrOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQAfiJY2jpjhdeFmr_YRUqABIAAA&wp=Y4n4AQAFK9cCO8xNAA8QvB-_wpQw1t2tTs_gvw HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 313375
date: Fri, 02 Dec 2022 13:05:07 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=196&s=4ouIMMHG0KUjZgSVuN_jrEyC
178.250.2.135200 OK 4.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=196&s=4ouIMMHG0KUjZgSVuN_jrEyC
IP 178.250.2.135:0
File type PNG image data, 196 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 2fe02fc60e160832830d2521f92b1fcc
170b5b34513a5d59f649b991a39f11987b7e4498
24115ae116c0a1e4754f4ae80ce1f552396e0985aae03300082e1d91e96c0365
GET /img/img?h=244&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=196&s=4ouIMMHG0KUjZgSVuN_jrEyC HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31033672
expires: Sun, 26 Nov 2023 17:33:00 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4672
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2Fc%2F8%2F1%2F9c8106f1a37d456e964ee03772d44431_2_PIA-310442_0_10.png%3Fcb%3D202248&v=3&w=400&s=Hmxn-ZlKdyW2wnc3Aw286OBj&b=400
178.250.2.135200 OK 19 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2Fc%2F8%2F1%2F9c8106f1a37d456e964ee03772d44431_2_PIA-310442_0_10.png%3Fcb%3D202248&v=3&w=400&s=Hmxn-ZlKdyW2wnc3Aw286OBj&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f90527f83adf0382324fa93eb1eb9bf3
ee113d841a6d9040c373430c3b2a88dd6ebe96d2
bf3c251657ac922b2366b070b69cdd6f0db85e791e40886738f3e0d4a4ab5cce
GET /img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2Fc%2F8%2F1%2F9c8106f1a37d456e964ee03772d44431_2_PIA-310442_0_10.png%3Fcb%3D202248&v=3&w=400&s=Hmxn-ZlKdyW2wnc3Aw286OBj&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31169984
expires: Tue, 28 Nov 2023 07:24:53 GMT
date: Fri, 02 Dec 2022 13:05:07 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 18974
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&v=3&w=400&s=LVi7sb_4cFxobGr32mz2qrAr&b=400
178.250.2.135200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&v=3&w=400&s=LVi7sb_4cFxobGr32mz2qrAr&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 178c5e385a9ed02d5875442d32270f11
2c251aefd49e71e3b79eeb30d3635f2517f8cdba
b41a23920209dfe68b30262f235397abc4f7701965b9b8c76acf865c1d9435a4
GET /img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&v=3&w=400&s=LVi7sb_4cFxobGr32mz2qrAr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170304
expires: Tue, 28 Nov 2023 07:30:13 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16812
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202248&v=3&w=400&s=aVzjpwpmMinec8n4BpGxQpcN&b=400
178.250.2.135200 OK 22 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202248&v=3&w=400&s=aVzjpwpmMinec8n4BpGxQpcN&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f9fd1b24ffea6d7405a113fbbf5f89dc
9fcf28da340faef7f0c4b8f4e9d1b15d1289beca
7f0d2067a86a0eb8cf24d526f4b703f3289a421a56e260ba08b9bbec0c06ae10
GET /img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202248&v=3&w=400&s=aVzjpwpmMinec8n4BpGxQpcN&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170152
expires: Tue, 28 Nov 2023 07:27:41 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 22500
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202248&v=3&w=400&s=Rf6sBtl7FrWkFsZSayCA1REI&b=400
178.250.2.135200 OK 23 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202248&v=3&w=400&s=Rf6sBtl7FrWkFsZSayCA1REI&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5d6c0ba93cbc75838395f85a49deb8b8
d2bbfaad975096c3cf2fccc5bd263ee6573a2fcd
3b5f1d58eb4a0171834485b4eb23b745e9cae1cdfffded44cc0508b7562790ea
GET /img/img?c=3&cq=256&h=400&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202248&v=3&w=400&s=Rf6sBtl7FrWkFsZSayCA1REI&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170147
expires: Tue, 28 Nov 2023 07:27:36 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 23074
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DzeR5Shz3duLB_cuXiHGfwANVo_yJghCtwY48aSj4fPrwCdnRdWt5IfBvg5DwQh7KI0XQLP449ssg-UTIrpco3RrDaqX-FqXqLj6tdOWeJC3Hi0Zrric5u8bzO5F6QoYw0J-TqLE4hqImJIuRHUmAQ6Nh2jNTmFIsqJmq6NX1WsRRhFnGpNYY9Jx9Fkyw7FqhKefsEDQ8P8_WrSFeJRz-U1gluN6Pj4_V8SSDSm5t4mcJSTuKFgvl7gn_gRwuQO8uuS9i1DNIw1T2072UwvxPeZizktkN7u0OBsZvi972vvPY0V2saHJCRAi4c2vbbRzBfuEpmCUoOvqnYeHoKCpcDxQjGYfp5PycL0OjHRXH_NNObIDzLBaSoWgFampyEzTdnURPcmO6ygsdtddZF5uecMw5Eq06XbffORIAxR9oaaHA6KQ
178.250.2.148200 OK 14 kB URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DzeR5Shz3duLB_cuXiHGfwANVo_yJghCtwY48aSj4fPrwCdnRdWt5IfBvg5DwQh7KI0XQLP449ssg-UTIrpco3RrDaqX-FqXqLj6tdOWeJC3Hi0Zrric5u8bzO5F6QoYw0J-TqLE4hqImJIuRHUmAQ6Nh2jNTmFIsqJmq6NX1WsRRhFnGpNYY9Jx9Fkyw7FqhKefsEDQ8P8_WrSFeJRz-U1gluN6Pj4_V8SSDSm5t4mcJSTuKFgvl7gn_gRwuQO8uuS9i1DNIw1T2072UwvxPeZizktkN7u0OBsZvi972vvPY0V2saHJCRAi4c2vbbRzBfuEpmCUoOvqnYeHoKCpcDxQjGYfp5PycL0OjHRXH_NNObIDzLBaSoWgFampyEzTdnURPcmO6ygsdtddZF5uecMw5Eq06XbffORIAxR9oaaHA6KQ
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 2e47b1fc19a9d36c690f2096191b2f0c
ae45b24b7e9b9293f6ae63c600f8d75a896a722f
7b5d9cc9fdd240c1ce7d9c6fb319b7df5625c5328616f0b2e8712794dac17af8
GET /delivery/lg.php?cppv=3&cpp=DzeR5Shz3duLB_cuXiHGfwANVo_yJghCtwY48aSj4fPrwCdnRdWt5IfBvg5DwQh7KI0XQLP449ssg-UTIrpco3RrDaqX-FqXqLj6tdOWeJC3Hi0Zrric5u8bzO5F6QoYw0J-TqLE4hqImJIuRHUmAQ6Nh2jNTmFIsqJmq6NX1WsRRhFnGpNYY9Jx9Fkyw7FqhKefsEDQ8P8_WrSFeJRz-U1gluN6Pj4_V8SSDSm5t4mcJSTuKFgvl7gn_gRwuQO8uuS9i1DNIw1T2072UwvxPeZizktkN7u0OBsZvi972vvPY0V2saHJCRAi4c2vbbRzBfuEpmCUoOvqnYeHoKCpcDxQjGYfp5PycL0OjHRXH_NNObIDzLBaSoWgFampyEzTdnURPcmO6ygsdtddZF5uecMw5Eq06XbffORIAxR9oaaHA6KQ HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:07 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2970502
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2Fa%2F9%2Ff%2Fda9fff0f359c487789b562e7e06b2212_2_PIA-310819_0_10.png%3Fcb%3D202248&v=3&w=800&s=oSBTu5vzo09AfpzAs67eMMP2&b=400
178.250.2.135200 OK 35 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2Fa%2F9%2Ff%2Fda9fff0f359c487789b562e7e06b2212_2_PIA-310819_0_10.png%3Fcb%3D202248&v=3&w=800&s=oSBTu5vzo09AfpzAs67eMMP2&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1492e79dd0f16b8c4cbdd0cd46810de8
e12c71689c97874685364ae3f6efe35b0f136d3f
bc38898484a0208cf41c814b91a2011acc80904a5cc48c3994d3a3cdbe713275
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2Fa%2F9%2Ff%2Fda9fff0f359c487789b562e7e06b2212_2_PIA-310819_0_10.png%3Fcb%3D202248&v=3&w=800&s=oSBTu5vzo09AfpzAs67eMMP2&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170771
expires: Tue, 28 Nov 2023 07:38:00 GMT
date: Fri, 02 Dec 2022 13:05:07 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 34922
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=596&s=lsOC3jHhbrLlOJrpm9E30Ade
178.250.2.135200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=596&s=lsOC3jHhbrLlOJrpm9E30Ade
IP 178.250.2.135:0
File type PNG image data, 363 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash f03ca053f2d04d276e3d2b26806d4229
986e208b8bd818b001bd826edf05f906b625e167
7028be2a15f9a2f1362bbcc3d3fbd3e15e17334d0b98e708ed73f6dc338d602b
GET /img/img?h=104&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=596&s=lsOC3jHhbrLlOJrpm9E30Ade HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31033672
expires: Sun, 26 Nov 2023 17:33:00 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8038
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F1%2F9%2Ff%2F6%2F19f66542f31fdb4cb965b78a65df561678b3745c_1_PIA_14789_4_80.png%3Fcb%3D202248&v=3&w=800&s=cV1N-mxz8E8XlKssyJzezzeY&b=400
178.250.2.135200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F1%2F9%2Ff%2F6%2F19f66542f31fdb4cb965b78a65df561678b3745c_1_PIA_14789_4_80.png%3Fcb%3D202248&v=3&w=800&s=cV1N-mxz8E8XlKssyJzezzeY&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1612f1db8dae865ee3fe8c8b6de5917a
f3b763e44f305dd6e5059c33418fe5804dbd08b7
47a62a7821d978c7df03f312c84c1ee66c322b1016a29579ab3b7a7531437a1d
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F1%2F9%2Ff%2F6%2F19f66542f31fdb4cb965b78a65df561678b3745c_1_PIA_14789_4_80.png%3Fcb%3D202248&v=3&w=800&s=cV1N-mxz8E8XlKssyJzezzeY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170152
expires: Tue, 28 Nov 2023 07:27:41 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14294
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F1%2Ff%2Ff%2F31ff790f4ad2ad57e7baddd006c7f777e6c71123_2_PIA_118337_0_30.PNG%3Fcb%3D202248&v=3&w=800&s=esErEkiwWdXVU1ECUPAwR0Mv&b=400
178.250.2.135200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F1%2Ff%2Ff%2F31ff790f4ad2ad57e7baddd006c7f777e6c71123_2_PIA_118337_0_30.PNG%3Fcb%3D202248&v=3&w=800&s=esErEkiwWdXVU1ECUPAwR0Mv&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5e07b8a98142d31a9e06f7b97520fcda
f69d6b99f67fdd2401ff62746cbe088217e4d69f
bc69614f3c04dbeab5d9e6251421f8447d6eb45a59015f964d7a2686cabb4355
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F1%2Ff%2Ff%2F31ff790f4ad2ad57e7baddd006c7f777e6c71123_2_PIA_118337_0_30.PNG%3Fcb%3D202248&v=3&w=800&s=esErEkiwWdXVU1ECUPAwR0Mv&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170208
expires: Tue, 28 Nov 2023 07:28:36 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12720
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202248&v=3&w=800&s=zPjVSgCkCwCKPvSyK83fqSom&b=400
178.250.2.135200 OK 22 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202248&v=3&w=800&s=zPjVSgCkCwCKPvSyK83fqSom&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f9fd1b24ffea6d7405a113fbbf5f89dc
9fcf28da340faef7f0c4b8f4e9d1b15d1289beca
7f0d2067a86a0eb8cf24d526f4b703f3289a421a56e260ba08b9bbec0c06ae10
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202248&v=3&w=800&s=zPjVSgCkCwCKPvSyK83fqSom&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170152
expires: Tue, 28 Nov 2023 07:27:41 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 22500
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202248&v=3&w=800&s=V4R-ppKluKEcrMewvUXLxNFd&b=400
178.250.2.135200 OK 23 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202248&v=3&w=800&s=V4R-ppKluKEcrMewvUXLxNFd&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5d6c0ba93cbc75838395f85a49deb8b8
d2bbfaad975096c3cf2fccc5bd263ee6573a2fcd
3b5f1d58eb4a0171834485b4eb23b745e9cae1cdfffded44cc0508b7562790ea
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2F9%2F3%2Fc%2F993c78120a1d0fa7722ab72c50dc5abbfa87280e_3_PIA_175728_0_20ab.png%3Fcb%3D202248&v=3&w=800&s=V4R-ppKluKEcrMewvUXLxNFd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170147
expires: Tue, 28 Nov 2023 07:27:36 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 23074
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2Fc%2F8%2F1%2F9c8106f1a37d456e964ee03772d44431_2_PIA-310442_0_10.png%3Fcb%3D202248&v=3&w=800&s=HLx_l2p3kCuKhIXiyLqXjIMV&b=400
178.250.2.135200 OK 19 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2Fc%2F8%2F1%2F9c8106f1a37d456e964ee03772d44431_2_PIA-310442_0_10.png%3Fcb%3D202248&v=3&w=800&s=HLx_l2p3kCuKhIXiyLqXjIMV&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f90527f83adf0382324fa93eb1eb9bf3
ee113d841a6d9040c373430c3b2a88dd6ebe96d2
bf3c251657ac922b2366b070b69cdd6f0db85e791e40886738f3e0d4a4ab5cce
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F9%2Fc%2F8%2F1%2F9c8106f1a37d456e964ee03772d44431_2_PIA-310442_0_10.png%3Fcb%3D202248&v=3&w=800&s=HLx_l2p3kCuKhIXiyLqXjIMV&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31169984
expires: Tue, 28 Nov 2023 07:24:53 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 18974
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&v=3&w=800&s=lzAvCqK3yi2648T8EFgmLUVu&b=400
178.250.2.135200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&v=3&w=800&s=lzAvCqK3yi2648T8EFgmLUVu&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 178c5e385a9ed02d5875442d32270f11
2c251aefd49e71e3b79eeb30d3635f2517f8cdba
b41a23920209dfe68b30262f235397abc4f7701965b9b8c76acf865c1d9435a4
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Ff%2Fc%2F7%2F9%2Ffc79b1a857fc18b9a7c48b0abdbf13a1a0c3ac79_2_PIA_73938_0_10.png%3Fcb%3D202248&v=3&w=800&s=lzAvCqK3yi2648T8EFgmLUVu&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170304
expires: Tue, 28 Nov 2023 07:30:13 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16812
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2Fc%2Fe%2F9%2F3ce9863edb3547e89cbe365e1ad6f6ee_2_PIA-271779_0_10.jpg%3Fcb%3D202248&v=3&w=800&s=BJv6z3d6iYYfI2Ream6tq91N&b=400
178.250.2.135200 OK 7.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2Fc%2Fe%2F9%2F3ce9863edb3547e89cbe365e1ad6f6ee_2_PIA-271779_0_10.jpg%3Fcb%3D202248&v=3&w=800&s=BJv6z3d6iYYfI2Ream6tq91N&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 299x310, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 27eecf6253de53a848c4198dccb34f42
23135b25f890908a28e4ccc6516bb104fb87e74b
009d2b5951debd7e1f1d0c4554eeff59824e23a1fa248c7b83c893f138de3b7e
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2Fc%2Fe%2F9%2F3ce9863edb3547e89cbe365e1ad6f6ee_2_PIA-271779_0_10.jpg%3Fcb%3D202248&v=3&w=800&s=BJv6z3d6iYYfI2Ream6tq91N&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170233
expires: Tue, 28 Nov 2023 07:29:02 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7602
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F7%2Fd%2Fd%2F37ddfab1f4015f290952a7f4e5264312bb223793_1_639_1806_140_sty022018_2.png%3Fcb%3D202248&v=3&w=800&s=pIpkOoPgisPBdICCfXVvMLvN&b=400
178.250.2.135200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F7%2Fd%2Fd%2F37ddfab1f4015f290952a7f4e5264312bb223793_1_639_1806_140_sty022018_2.png%3Fcb%3D202248&v=3&w=800&s=pIpkOoPgisPBdICCfXVvMLvN&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2ec3ca3f49be4cf123d915a0b3dad920
0203ab77810192e65d0f74e6b1737ff95506b4f4
f5313381a63782f5e351808a5874cc726315524e651ca169caf71904212935f8
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F7%2Fd%2Fd%2F37ddfab1f4015f290952a7f4e5264312bb223793_1_639_1806_140_sty022018_2.png%3Fcb%3D202248&v=3&w=800&s=pIpkOoPgisPBdICCfXVvMLvN&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170296
expires: Tue, 28 Nov 2023 07:30:05 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16884
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F0%2F9%2F8%2F2%2F09824266c7e4ae54f9e626dee2b8dac974b26ca4_1_RV_MS_G_L__26_10_18_03.png%3Fcb%3D202248&v=3&w=800&s=8SbS9PYUuJAPHBUvGNbI85hS&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F0%2F9%2F8%2F2%2F09824266c7e4ae54f9e626dee2b8dac974b26ca4_1_RV_MS_G_L__26_10_18_03.png%3Fcb%3D202248&v=3&w=800&s=8SbS9PYUuJAPHBUvGNbI85hS&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ec8896f7fd99deabf4f1274a6f8167da
3c2bdfe1af1e60571a2e3a608afbf28f4c96b8d4
1b5c46b09e96836a0f2b5ad7040fe73c3e773cd16dd29a4b12a72e9de4433f87
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F0%2F9%2F8%2F2%2F09824266c7e4ae54f9e626dee2b8dac974b26ca4_1_RV_MS_G_L__26_10_18_03.png%3Fcb%3D202248&v=3&w=800&s=8SbS9PYUuJAPHBUvGNbI85hS&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31170142
expires: Tue, 28 Nov 2023 07:27:31 GMT
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11278
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff
178.250.0.130200 OK 20 kB URL HTTP/2 static.criteo.net/design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff
IP 178.250.0.130:0
File type Web Open Font Format, CFF, length 19492, version 1.0\012- data
Hash fe16408343054418c53b45c76a1892f2
b2f898a889e2164ba7bb7d6676b5a294eb97817b
3b42d14795d22866ea7e9bd3b4259fa75e510bcbbf7ab1861acb9ce2290128f2
GET /design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 19492
last-modified: Mon, 06 Jul 2020 12:29:00 GMT
etag: "5f03190c-4c24"
expires: Mon, 27 Nov 2023 13:05:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tYxyTa53B9rnuK1wYYK64mDFXJ59DHQdDTeM40o41bjzxUtL9q3N4XujwvfNuj2Vc-crkyJEZNjPic-fjoZAZ76ZGEz4HWM-xuvLQQCvKuCRRow6pze36EfWv_crbBMyqxl0aj99iPF5_lC6yDRi6bYsKkwagRZNcquJGxbPFUVY2_ap9VcDwsvpiHZujxwD2zd8sJtnTpd7MsCXjUrf34rYcK5aFkjcFDI4GXVaFMtTiUqnp55hgkZRO3AqWkjzm3IeuESHcoQfIP_J1EvEARo1LFoW7gldiL5HWQFXx4aG-q2C3FYODTATZPkJ0xCaypMUdKaFtTrV2bYWzjoDaN_wvfPm1i1ZQMNOIFc3dPzL_DGO5eRCM92dmI3cFikDzwTO1sYfhtYZpHE7k9wF8qdHZAPs0SBEOTIlRCnzOCZ_EQNr
178.250.2.148200 OK 47 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tYxyTa53B9rnuK1wYYK64mDFXJ59DHQdDTeM40o41bjzxUtL9q3N4XujwvfNuj2Vc-crkyJEZNjPic-fjoZAZ76ZGEz4HWM-xuvLQQCvKuCRRow6pze36EfWv_crbBMyqxl0aj99iPF5_lC6yDRi6bYsKkwagRZNcquJGxbPFUVY2_ap9VcDwsvpiHZujxwD2zd8sJtnTpd7MsCXjUrf34rYcK5aFkjcFDI4GXVaFMtTiUqnp55hgkZRO3AqWkjzm3IeuESHcoQfIP_J1EvEARo1LFoW7gldiL5HWQFXx4aG-q2C3FYODTATZPkJ0xCaypMUdKaFtTrV2bYWzjoDaN_wvfPm1i1ZQMNOIFc3dPzL_DGO5eRCM92dmI3cFikDzwTO1sYfhtYZpHE7k9wF8qdHZAPs0SBEOTIlRCnzOCZ_EQNr
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 64dfe33afeb973db638cfa534b9782fe
e1b918e9083fe08f48a55bbd9a1a483bfa722991
7eb253979e0dcf9abce5cf092eda19b1e94186592fc28bb5c44459b8768f539b
GET /delivery/lg.php?cppv=3&cpp=tYxyTa53B9rnuK1wYYK64mDFXJ59DHQdDTeM40o41bjzxUtL9q3N4XujwvfNuj2Vc-crkyJEZNjPic-fjoZAZ76ZGEz4HWM-xuvLQQCvKuCRRow6pze36EfWv_crbBMyqxl0aj99iPF5_lC6yDRi6bYsKkwagRZNcquJGxbPFUVY2_ap9VcDwsvpiHZujxwD2zd8sJtnTpd7MsCXjUrf34rYcK5aFkjcFDI4GXVaFMtTiUqnp55hgkZRO3AqWkjzm3IeuESHcoQfIP_J1EvEARo1LFoW7gldiL5HWQFXx4aG-q2C3FYODTATZPkJ0xCaypMUdKaFtTrV2bYWzjoDaN_wvfPm1i1ZQMNOIFc3dPzL_DGO5eRCM92dmI3cFikDzwTO1sYfhtYZpHE7k9wF8qdHZAPs0SBEOTIlRCnzOCZ_EQNr HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:08 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2670866
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 02 Dec 2022 13:05:09 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d19128725c9ca1f655433c9fb1eddafb
62ef02ec75348d98ffa699790347d29a5430a051
23550df0008f7ee6b8a81e4b89964a715e98ed15fe3b169d5933700ec896a57a
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 852
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 02 Dec 2022 13:05:09 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=32fYsft_drLyBJgQuVbfhJBEnFIxiVHFkxTl3uJAS00OZBOgDAehKog5aItaAsst4rEind62jwcXoZfq3BB0bcd_GMoDajGF6hrkH-3XwLpf95blDupjG9eCbUk2o883rkQ1lVfudrcaLPIwHHMxQprHJaUx7-l44bIechRB7AHqgHR_eBfCPWcI7VtAluo_1TiHF_VQNa-T7FWqT6fhBt7cDEUAhOFng7hHbkTyxAJQ1Ym-4FPel9v_fkSzvvI4gxRxpxGfzIlbha_N&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=32fYsft_drLyBJgQuVbfhJBEnFIxiVHFkxTl3uJAS00OZBOgDAehKog5aItaAsst4rEind62jwcXoZfq3BB0bcd_GMoDajGF6hrkH-3XwLpf95blDupjG9eCbUk2o883rkQ1lVfudrcaLPIwHHMxQprHJaUx7-l44bIechRB7AHqgHR_eBfCPWcI7VtAluo_1TiHF_VQNa-T7FWqT6fhBt7cDEUAhOFng7hHbkTyxAJQ1Ym-4FPel9v_fkSzvvI4gxRxpxGfzIlbha_N&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=32fYsft_drLyBJgQuVbfhJBEnFIxiVHFkxTl3uJAS00OZBOgDAehKog5aItaAsst4rEind62jwcXoZfq3BB0bcd_GMoDajGF6hrkH-3XwLpf95blDupjG9eCbUk2o883rkQ1lVfudrcaLPIwHHMxQprHJaUx7-l44bIechRB7AHqgHR_eBfCPWcI7VtAluo_1TiHF_VQNa-T7FWqT6fhBt7cDEUAhOFng7hHbkTyxAJQ1Ym-4FPel9v_fkSzvvI4gxRxpxGfzIlbha_N&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=yBr8s_t_drLyBJgQVq4N-b4hSaTHUFwwFXmqrWGwuUNLmtxL6x9WK-v1cwNV-gutYttavRRhTlYOD2qZDQDKtATEYUEckyaK7CAZpnVUCMI2KM9Su7ShinoOwSUcboZ0qvhV_8YUE63TTllM72bDwO9o6LAmDZUvZKFotLB96KIu2STEHwoI2CfeAztU8o006IsYlRt1EQQWMggyCfZ6OlUZDk1Mr69YpFXVUujf7AUPLJRm49IF3bVBDeH0z91PfPFHzImCfOj5fnh5&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=yBr8s_t_drLyBJgQVq4N-b4hSaTHUFwwFXmqrWGwuUNLmtxL6x9WK-v1cwNV-gutYttavRRhTlYOD2qZDQDKtATEYUEckyaK7CAZpnVUCMI2KM9Su7ShinoOwSUcboZ0qvhV_8YUE63TTllM72bDwO9o6LAmDZUvZKFotLB96KIu2STEHwoI2CfeAztU8o006IsYlRt1EQQWMggyCfZ6OlUZDk1Mr69YpFXVUujf7AUPLJRm49IF3bVBDeH0z91PfPFHzImCfOj5fnh5&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=yBr8s_t_drLyBJgQVq4N-b4hSaTHUFwwFXmqrWGwuUNLmtxL6x9WK-v1cwNV-gutYttavRRhTlYOD2qZDQDKtATEYUEckyaK7CAZpnVUCMI2KM9Su7ShinoOwSUcboZ0qvhV_8YUE63TTllM72bDwO9o6LAmDZUvZKFotLB96KIu2STEHwoI2CfeAztU8o006IsYlRt1EQQWMggyCfZ6OlUZDk1Mr69YpFXVUujf7AUPLJRm49IF3bVBDeH0z91PfPFHzImCfOj5fnh5&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:08 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=981399558.1669986302&jid=1343620823&_u=YEBAAUAAAAAAACAAI~&z=323678559
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=981399558.1669986302&jid=1343620823&_u=YEBAAUAAAAAAACAAI~&z=323678559
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=981399558.1669986302&jid=1343620823&_u=YEBAAUAAAAAAACAAI~&z=323678559 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 13:05:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media.boomads.com/images/offer/odul-20222910073038755.jpg
83.66.162.75200 OK 22 kB URL HTTP/1.1 media.boomads.com/images/offer/odul-20222910073038755.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 616x117, components 3\012- data
Hash 24cd3f4c54967c20e2c2ed6e258b36ef
84bf01ace88003ad22edfc985c139807e13b7434
8a386ca865acc7093fd1932c37f7a1e110e7fc62a943fb40d25dd2a8135d1dbb
GET /images/offer/odul-20222910073038755.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:20:02 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"1fa6ad5768ebd81:0"
Content-Type: image/jpeg
Last-Modified: Sat, 29 Oct 2022 07:30:38 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 22186
media.boomads.com/images/offer/messi-campaign-20222910072716532.png
83.66.162.75200 OK 122 kB URL HTTP/1.1 media.boomads.com/images/offer/messi-campaign-20222910072716532.png
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type PNG image data, 690 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (121729 bytes)
Hash 6d0ee80a532a4f56bf96d1e1a13a1fae
f9e3669edb7099e82ba10d347626457fe43eecca
5fde2ef794e0bf4cda9ec98c8c3589c09d21a72e833e86caee9489e344addeb0
GET /images/offer/messi-campaign-20222910072716532.png HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 20:07:22 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"7f3927df67ebd81:0"
Content-Type: image/png
Last-Modified: Sat, 29 Oct 2022 07:27:16 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 121729
media.boomads.com/images/offer/bitget-koruma-f-20221611055851763.png
83.66.162.75200 OK 59 kB URL HTTP/1.1 media.boomads.com/images/offer/bitget-koruma-f-20221611055851763.png
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type PNG image data, 605 x 318, 8-bit/color RGBA, non-interlaced\012- data
Hash 28911308dbbf78cbf79d17edb4b7301d
8dd0119fd3cfb87953fcc9fcdaf0a1167040db7c
cb50e628b3a660107ea8be316ca36951b72170f094899547808907b4ac60994e
GET /images/offer/bitget-koruma-f-20221611055851763.png HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:20:43 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "e47b38080f9d81:0"
Content-Type: image/png
Last-Modified: Wed, 16 Nov 2022 05:58:51 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 59303
media.boomads.com/images/offer/strategy-plaza-20221011074814694.jpg
83.66.162.75200 OK 379 kB URL HTTP/1.1 media.boomads.com/images/offer/strategy-plaza-20221011074814694.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, progressive, precision 8, 1200x675, components 3\012- data
Size 379 kB (379117 bytes)
Hash b382414882619cf0368b18ac37ca2bd3
a7abb09bf3c40a75fe04f2df711d1a0ae88b408e
332629d99e7ea426ba19994ea2b934d11d2e51dc46ff10419df651a7e44e2684
GET /images/offer/strategy-plaza-20221011074814694.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 04:05:12 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"af848cad8f4d81:0"
Content-Type: image/jpeg
Last-Modified: Thu, 10 Nov 2022 07:48:14 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 379117
media.boomads.com/images/offer/messi-bitget-20222110121742292.jpg
83.66.162.75200 OK 611 kB URL HTTP/1.1 media.boomads.com/images/offer/messi-bitget-20222110121742292.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2401x1200, components 3\012- data
Size 611 kB (610984 bytes)
Hash ec36574f7ca255fc0e4d5a773a120901
ee5e79237583d7e9ef1748dda812fd126e8b3baa
a562f4c019f5ff6b7590e66bfb9ce9aa126b8ba445115c604c9e90d65229d45e
GET /images/offer/messi-bitget-20222110121742292.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 21:56:47 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"12e5661e47e5d81:0"
Content-Type: image/jpeg
Last-Modified: Fri, 21 Oct 2022 12:17:42 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 610984
csm.eu.criteo.net/all?cppv=3&cpp=32fYsft_drLyBJgQuVbfhJBEnFIxiVHFkxTl3uJAS00OZBOgDAehKog5aItaAsst4rEind62jwcXoZfq3BB0bcd_GMoDajGF6hrkH-3XwLpf95blDupjG9eCbUk2o883rkQ1lVfudrcaLPIwHHMxQprHJaUx7-l44bIechRB7AHqgHR_eBfCPWcI7VtAluo_1TiHF_VQNa-T7FWqT6fhBt7cDEUAhOFng7hHbkTyxAJQ1Ym-4FPel9v_fkSzvvI4gxRxpxGfzIlbha_N&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=32fYsft_drLyBJgQuVbfhJBEnFIxiVHFkxTl3uJAS00OZBOgDAehKog5aItaAsst4rEind62jwcXoZfq3BB0bcd_GMoDajGF6hrkH-3XwLpf95blDupjG9eCbUk2o883rkQ1lVfudrcaLPIwHHMxQprHJaUx7-l44bIechRB7AHqgHR_eBfCPWcI7VtAluo_1TiHF_VQNa-T7FWqT6fhBt7cDEUAhOFng7hHbkTyxAJQ1Ym-4FPel9v_fkSzvvI4gxRxpxGfzIlbha_N&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=32fYsft_drLyBJgQuVbfhJBEnFIxiVHFkxTl3uJAS00OZBOgDAehKog5aItaAsst4rEind62jwcXoZfq3BB0bcd_GMoDajGF6hrkH-3XwLpf95blDupjG9eCbUk2o883rkQ1lVfudrcaLPIwHHMxQprHJaUx7-l44bIechRB7AHqgHR_eBfCPWcI7VtAluo_1TiHF_VQNa-T7FWqT6fhBt7cDEUAhOFng7hHbkTyxAJQ1Ym-4FPel9v_fkSzvvI4gxRxpxGfzIlbha_N&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:10 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:07 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Mon, 27 Nov 2023 13:05:07 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:07 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Mon, 27 Nov 2023 13:05:07 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4n4AwAD4OEKmvLIAAGwWIyG72dlpiEFcQ5czg&u=%7COCo4aajaq1PjxTPoI%2BAjx72nJF5aYoKEtxxLs08BHaM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XWLUiC0Bm5sY5lQ_D9Gskag0vfQz7_BX3uAByg-CkWV8-xi8vPN5mGgX1TVkD_Lx2mpywgZeWQBV7EYGtRXP4-2VmSOFyeP35p1V0gBVnoVuKUntkS6WiduexzJxil_9FRxDSnu3Fnakoz7x7n3EyB-S8E5S1CFHgNRIrH0EvubAOMlZWt2QR6pQs5OSUxJbIwrnpw9ApuKjDmq2Dab4vQErhsi2gZDVsPH3TgFUpsqU7HKAX-HyFXCkHHTKrrB1k1gxRa2Yp6gDMwjwYkWvNXkyepFcax8dgaaXegpYYikfbKh2e9vqlO7XAOAjew8LOHMh77yfkLUDyT0lSEX2YDGL1Ds29ibnEhMAgC9q0zhw_2nokMbP05p3jhv5a7X7oimskZA_ZesUp3qWZeuY1hPrE04ZR07vIetOx7UE6n4MPT7UtI2fEkNhLfU5ojFDxQ9zXzYiLrmJWMUSKBF316N-fSIbcHjepA0n6MSzGj9y2e5uXCtB_wM2O51LROEn3A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_AnYA_iJY-HBD8jl6wTY4IbwAsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRKKIHKOrsT6oAwGqBJ0CT9Ch1VaOgl6vil6ieu8UIbIcSoxKPVA04l027DNeOPDj_853Ri4Bd3M2AFxuYLnUyG71J7aTQgtiFaOQaPu4UmJ8WJeHxOi-stZAsuIf2a288TGP7PbAy8WUZbFYpoceCxY7APREoGNKq6cxm9MEPiftozZe8hLg1woFiuYlOkLrmUkroANVaaVAoUFrUEJjaGmM9kM4pOQeU1F8gX-L3J9XyPNK9O17CNchkD9Q69hgMTHRHBeifOiSaYFqfkAOY6scGeZKddJZpSREOQWXl2--hY9lQzCO8uhlQX--F0CmxgYNeTdjeKCEou2paWjJyTlRnicRZO8QZfSYje5QDNK4vPiaFykTFXxMdDFN_OsNo_0hWcTs2ZLAUY3vgAb-u9fLnY__tGugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2DmpfvaK0PzDXLl_xM3xPMw48qwA%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4n4AwAD4OEKmvLIAAGwWIyG72dlpiEFcQ5czg&u=%7COCo4aajaq1PjxTPoI%2BAjx72nJF5aYoKEtxxLs08BHaM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XWLUiC0Bm5sY5lQ_D9Gskag0vfQz7_BX3uAByg-CkWV8-xi8vPN5mGgX1TVkD_Lx2mpywgZeWQBV7EYGtRXP4-2VmSOFyeP35p1V0gBVnoVuKUntkS6WiduexzJxil_9FRxDSnu3Fnakoz7x7n3EyB-S8E5S1CFHgNRIrH0EvubAOMlZWt2QR6pQs5OSUxJbIwrnpw9ApuKjDmq2Dab4vQErhsi2gZDVsPH3TgFUpsqU7HKAX-HyFXCkHHTKrrB1k1gxRa2Yp6gDMwjwYkWvNXkyepFcax8dgaaXegpYYikfbKh2e9vqlO7XAOAjew8LOHMh77yfkLUDyT0lSEX2YDGL1Ds29ibnEhMAgC9q0zhw_2nokMbP05p3jhv5a7X7oimskZA_ZesUp3qWZeuY1hPrE04ZR07vIetOx7UE6n4MPT7UtI2fEkNhLfU5ojFDxQ9zXzYiLrmJWMUSKBF316N-fSIbcHjepA0n6MSzGj9y2e5uXCtB_wM2O51LROEn3A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_AnYA_iJY-HBD8jl6wTY4IbwAsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRKKIHKOrsT6oAwGqBJ0CT9Ch1VaOgl6vil6ieu8UIbIcSoxKPVA04l027DNeOPDj_853Ri4Bd3M2AFxuYLnUyG71J7aTQgtiFaOQaPu4UmJ8WJeHxOi-stZAsuIf2a288TGP7PbAy8WUZbFYpoceCxY7APREoGNKq6cxm9MEPiftozZe8hLg1woFiuYlOkLrmUkroANVaaVAoUFrUEJjaGmM9kM4pOQeU1F8gX-L3J9XyPNK9O17CNchkD9Q69hgMTHRHBeifOiSaYFqfkAOY6scGeZKddJZpSREOQWXl2--hY9lQzCO8uhlQX--F0CmxgYNeTdjeKCEou2paWjJyTlRnicRZO8QZfSYje5QDNK4vPiaFykTFXxMdDFN_OsNo_0hWcTs2ZLAUY3vgAb-u9fLnY__tGugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2DmpfvaK0PzDXLl_xM3xPMw48qwA%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y4n4AwAD4OEKmvLIAAGwWIyG72dlpiEFcQ5czg&u=%7COCo4aajaq1PjxTPoI%2BAjx72nJF5aYoKEtxxLs08BHaM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XWLUiC0Bm5sY5lQ_D9Gskag0vfQz7_BX3uAByg-CkWV8-xi8vPN5mGgX1TVkD_Lx2mpywgZeWQBV7EYGtRXP4-2VmSOFyeP35p1V0gBVnoVuKUntkS6WiduexzJxil_9FRxDSnu3Fnakoz7x7n3EyB-S8E5S1CFHgNRIrH0EvubAOMlZWt2QR6pQs5OSUxJbIwrnpw9ApuKjDmq2Dab4vQErhsi2gZDVsPH3TgFUpsqU7HKAX-HyFXCkHHTKrrB1k1gxRa2Yp6gDMwjwYkWvNXkyepFcax8dgaaXegpYYikfbKh2e9vqlO7XAOAjew8LOHMh77yfkLUDyT0lSEX2YDGL1Ds29ibnEhMAgC9q0zhw_2nokMbP05p3jhv5a7X7oimskZA_ZesUp3qWZeuY1hPrE04ZR07vIetOx7UE6n4MPT7UtI2fEkNhLfU5ojFDxQ9zXzYiLrmJWMUSKBF316N-fSIbcHjepA0n6MSzGj9y2e5uXCtB_wM2O51LROEn3A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_AnYA_iJY-HBD8jl6wTY4IbwAsme0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRKKIHKOrsT6oAwGqBJ0CT9Ch1VaOgl6vil6ieu8UIbIcSoxKPVA04l027DNeOPDj_853Ri4Bd3M2AFxuYLnUyG71J7aTQgtiFaOQaPu4UmJ8WJeHxOi-stZAsuIf2a288TGP7PbAy8WUZbFYpoceCxY7APREoGNKq6cxm9MEPiftozZe8hLg1woFiuYlOkLrmUkroANVaaVAoUFrUEJjaGmM9kM4pOQeU1F8gX-L3J9XyPNK9O17CNchkD9Q69hgMTHRHBeifOiSaYFqfkAOY6scGeZKddJZpSREOQWXl2--hY9lQzCO8uhlQX--F0CmxgYNeTdjeKCEou2paWjJyTlRnicRZO8QZfSYje5QDNK4vPiaFykTFXxMdDFN_OsNo_0hWcTs2ZLAUY3vgAb-u9fLnY__tGugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2DmpfvaK0PzDXLl_xM3xPMw48qwA%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:08 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=yBr8s_t_drLyBJgQVq4N-b4hSaTHUFwwFXmqrWGwuUNLmtxL6x9WK-v1cwNV-gutYttavRRhTlYOD2qZDQDKtATEYUEckyaK7CAZpnVUCMI2KM9Su7ShinoOwSUcboZ0qvhV_8YUE63TTllM72bDwO9o6LAmDZUvZKFotLB96KIu2STEHwoI2CfeAztU8o006IsYlRt1EQQWMggyCfZ6OlUZDk1Mr69YpFXVUujf7AUPLJRm49IF3bVBDeH0z91PfPFHzImCfOj5fnh5"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 138054619
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 0 B URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 285695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y4n4AQANPEUKmuoCAAZpYCVouf7Xn3jnW-Ezjg&u=%7Ccqzfh9yhZcA8dq11wSwyd18vnmlhZeE%2Bl2xVT7s3W9A%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhQYmjvClkUQ1glyazQx0z25CPBl33p6oqlqrWt7Vn9xmVcQghSKwC3mdxdXLGzoixo9EOUQGAGK0cwrVpUrhwBsS8IwVy37MW1NDsfoqD4twpmGuorj4cMhZ8T06iyGHMJPpsISgU7MozrhGkGLsBEupF9mES1IxZy-Thd2O2bpZI9ValubWlvMoclPp5MxYAdMxo-Gf2R8MQefQkCfsrtwnxhYDVpGUTsFhvrtjAT5bxNxz7EKKwGnw-HtAuB3__PX39Q-ZFDOsIL4LPQn638AUX23J2As1Oe4qlUaYvFmRKP8dnRWoMrqeaRvTb694OwA-bcYur8kGKexo9QS3YDmyZig2nNE71bcjXv3pSk3mS4GHW0Eloqx36llE1LvnzIhK4jJHUo2we0D0q7jGYrxSVK4F-TXCioWCPtJg8DcawleV0QVBfpqtL6Yvzt6lt5jCIlm1XfGOnqSmeS6L8fN87ZHKHD3Di8ob-4BilCzjFbZ7J_-fFuA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDWmPAfiJY8X4NILU6wTg0plAyZ7SsVzNo5b3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEoogco6uxPqgDAaoElwJP0IhfOtoWqWFwjDXDAwzXCn3JqhT8lX6I49VhJQYzx7WuijKHFxdlfZpFHRnhPMKCXMkigugxuPK01T0LCCTHTKdz9Shu0AZikQT0DTy9QE2SP3wY6A2zzYSsF4vrlXqFh-vp3f2qu2z60ARLi2zQnRJWjsj9-IJGroSQm9e9fz12Jmo6t99jXPCd_k87ErF553h7js_IfMmvcOzsKJz3I33dmKuAxXqhs1Ga5fmeaLwPmo3nafKNClkDZwpLPeQAxnWts5KYWW7sn2ogdcyzdXXJ_w029d6UltqeTSXaUOrUPdFE-Hm2z4ZuhgrIiVCGGs-YAqQTQN55pAGyzVoH3dTQ8UxeF4XumIvHWR6SHHW_NsigQOOABpm8s62i-biBMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VbDXhzzU9syM56mcbpvu40u3DdA%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.2.65200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y4n4AQANPEUKmuoCAAZpYCVouf7Xn3jnW-Ezjg&u=%7Ccqzfh9yhZcA8dq11wSwyd18vnmlhZeE%2Bl2xVT7s3W9A%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhQYmjvClkUQ1glyazQx0z25CPBl33p6oqlqrWt7Vn9xmVcQghSKwC3mdxdXLGzoixo9EOUQGAGK0cwrVpUrhwBsS8IwVy37MW1NDsfoqD4twpmGuorj4cMhZ8T06iyGHMJPpsISgU7MozrhGkGLsBEupF9mES1IxZy-Thd2O2bpZI9ValubWlvMoclPp5MxYAdMxo-Gf2R8MQefQkCfsrtwnxhYDVpGUTsFhvrtjAT5bxNxz7EKKwGnw-HtAuB3__PX39Q-ZFDOsIL4LPQn638AUX23J2As1Oe4qlUaYvFmRKP8dnRWoMrqeaRvTb694OwA-bcYur8kGKexo9QS3YDmyZig2nNE71bcjXv3pSk3mS4GHW0Eloqx36llE1LvnzIhK4jJHUo2we0D0q7jGYrxSVK4F-TXCioWCPtJg8DcawleV0QVBfpqtL6Yvzt6lt5jCIlm1XfGOnqSmeS6L8fN87ZHKHD3Di8ob-4BilCzjFbZ7J_-fFuA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDWmPAfiJY8X4NILU6wTg0plAyZ7SsVzNo5b3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEoogco6uxPqgDAaoElwJP0IhfOtoWqWFwjDXDAwzXCn3JqhT8lX6I49VhJQYzx7WuijKHFxdlfZpFHRnhPMKCXMkigugxuPK01T0LCCTHTKdz9Shu0AZikQT0DTy9QE2SP3wY6A2zzYSsF4vrlXqFh-vp3f2qu2z60ARLi2zQnRJWjsj9-IJGroSQm9e9fz12Jmo6t99jXPCd_k87ErF553h7js_IfMmvcOzsKJz3I33dmKuAxXqhs1Ga5fmeaLwPmo3nafKNClkDZwpLPeQAxnWts5KYWW7sn2ogdcyzdXXJ_w029d6UltqeTSXaUOrUPdFE-Hm2z4ZuhgrIiVCGGs-YAqQTQN55pAGyzVoH3dTQ8UxeF4XumIvHWR6SHHW_NsigQOOABpm8s62i-biBMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VbDXhzzU9syM56mcbpvu40u3DdA%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.2.65:0
GET /delivery/r/afr.php?z=Y4n4AQANPEUKmuoCAAZpYCVouf7Xn3jnW-Ezjg&u=%7Ccqzfh9yhZcA8dq11wSwyd18vnmlhZeE%2Bl2xVT7s3W9A%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhQYmjvClkUQ1glyazQx0z25CPBl33p6oqlqrWt7Vn9xmVcQghSKwC3mdxdXLGzoixo9EOUQGAGK0cwrVpUrhwBsS8IwVy37MW1NDsfoqD4twpmGuorj4cMhZ8T06iyGHMJPpsISgU7MozrhGkGLsBEupF9mES1IxZy-Thd2O2bpZI9ValubWlvMoclPp5MxYAdMxo-Gf2R8MQefQkCfsrtwnxhYDVpGUTsFhvrtjAT5bxNxz7EKKwGnw-HtAuB3__PX39Q-ZFDOsIL4LPQn638AUX23J2As1Oe4qlUaYvFmRKP8dnRWoMrqeaRvTb694OwA-bcYur8kGKexo9QS3YDmyZig2nNE71bcjXv3pSk3mS4GHW0Eloqx36llE1LvnzIhK4jJHUo2we0D0q7jGYrxSVK4F-TXCioWCPtJg8DcawleV0QVBfpqtL6Yvzt6lt5jCIlm1XfGOnqSmeS6L8fN87ZHKHD3Di8ob-4BilCzjFbZ7J_-fFuA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDWmPAfiJY8X4NILU6wTg0plAyZ7SsVzNo5b3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEoogco6uxPqgDAaoElwJP0IhfOtoWqWFwjDXDAwzXCn3JqhT8lX6I49VhJQYzx7WuijKHFxdlfZpFHRnhPMKCXMkigugxuPK01T0LCCTHTKdz9Shu0AZikQT0DTy9QE2SP3wY6A2zzYSsF4vrlXqFh-vp3f2qu2z60ARLi2zQnRJWjsj9-IJGroSQm9e9fz12Jmo6t99jXPCd_k87ErF553h7js_IfMmvcOzsKJz3I33dmKuAxXqhs1Ga5fmeaLwPmo3nafKNClkDZwpLPeQAxnWts5KYWW7sn2ogdcyzdXXJ_w029d6UltqeTSXaUOrUPdFE-Hm2z4ZuhgrIiVCGGs-YAqQTQN55pAGyzVoH3dTQ8UxeF4XumIvHWR6SHHW_NsigQOOABpm8s62i-biBMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VbDXhzzU9syM56mcbpvu40u3DdA%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 13:05:06 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=iQPEV_t_drLyBJgQ3mdd76ZiLrPYj1RJK8NZsrofGu6gBUZoC6SdhzBPTimOxBEwFkadk4TJOyPaJ29cKR_U3shCqOwlXU5FUdB9QAppTSmqv7ARRJGt_dcB0_OQ71hTcupcvVFYPndSJoB-rNl0ijsH7qBALtZ1EvfKI9WcVoVbvqLZtOj_JQb-MjX5q0QhSUB4sIUwhDCVGPAa6_Uf14mW6yO7wA3ECOV8pBxj-y4JQDO6Vu9sd1igUd7dAGQc6p_oew"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 156645330
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.74:0
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 13:05:03 GMT
date: Fri, 02 Dec 2022 13:05:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 13:05:07 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Mon, 27 Nov 2023 13:05:07 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2