r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2965
Expires: Thu, 08 Dec 2022 20:03:30 GMT
Date: Thu, 08 Dec 2022 19:14:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7354
Expires: Thu, 08 Dec 2022 21:16:39 GMT
Date: Thu, 08 Dec 2022 19:14:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 19:08:13 GMT
content-type: application/json
age: 352
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6806
Expires: Thu, 08 Dec 2022 21:07:31 GMT
Date: Thu, 08 Dec 2022 19:14:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Nr4A9+f1SIsiXitifgvEHV3C205zh4tLdEDavq/EXVsCkuQnFxa3ybTducUcdpTqoFYcipDsIvs=
x-amz-request-id: 0HRADTVVJ9VRTA8V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 18:48:01 GMT
age: 1564
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 19:14:05 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 19:07:58 GMT
age: 368
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.hu/search/label/%23GARANTILINKARBYS
172.217.21.161302 Moved Temporarily 210 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.hu/search/label/%23GARANTILINKARBYS
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 97aa56ddeecab8541f0ef0b6f9bdb2ed
a9bf301a7c6b9ba3fbe939ab32bb2410f004aa0a
2fa1d7b0ddd3e4ac570de7cfd9698b8209000c50ee933a7852851078a967d64c
Analyzer Verdict Alert fortinet Malware
GET /search/label/%23GARANTILINKARBYS HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://dusunmekvepaylasmak.blogspot.com/search/label/%23GARANTILINKARBYS
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 19:14:06 GMT
Expires: Thu, 08 Dec 2022 19:14:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 210
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:06 GMT
Last-Modified: Thu, 08 Dec 2022 17:42:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
dusunmekvepaylasmak.blogspot.com/search/label/%23GARANTILINKARBYS
172.217.21.161301 Moved Permanently 210 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/%23GARANTILINKARBYS
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 51ebe88681127bb30770351e1461403a
eb3183b95f03bbdfded8fb42c9ec580c1d0ddbdb
3ee6b49bde7262331eefbcc264d0953ce6ada4fc5bc9fe1285d686f287aae838
Analyzer Verdict Alert fortinet Malware
GET /search/label/%23GARANTILINKARBYS HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/%23GARANTILINKARBYS
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 19:14:06 GMT
Expires: Thu, 08 Dec 2022 19:14:06 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 210
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NooHdrdgxXXxS+AZb5Cbig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Y+C4ijDuHLSdKst7p5lCOQgqhLs=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 657cc99dcf677bd6e64e82ac79e8068d
abf109679285d118b3ad71fc5b60ff37106de953
8d6696efdfbac41437bed499e16dd4c0e52c0f16bc321daaa31d0051eb4b2cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 40ed5ec0836e5a03f0c1347b5db96966
40a1f62afbf3c26ea40be6d287122f3ffd19870e
2fd03cac65cc434ddade13acacc1c68a2a4bbc557e3a03777ea20fdd6c91a441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5169
Cache-Control: max-age=134013
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Etag: "63918bcb-117"
Expires: Sat, 10 Dec 2022 08:27:40 GMT
Last-Modified: Thu, 08 Dec 2022 07:01:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 21:47:55 GMT
expires: Wed, 06 Dec 2023 21:47:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 21:53:25 GMT
content-type: text/css
age: 163572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 40ed5ec0836e5a03f0c1347b5db96966
40a1f62afbf3c26ea40be6d287122f3ffd19870e
2fd03cac65cc434ddade13acacc1c68a2a4bbc557e3a03777ea20fdd6c91a441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5169
Cache-Control: max-age=134013
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Etag: "63918bcb-117"
Expires: Sat, 10 Dec 2022 08:27:40 GMT
Last-Modified: Thu, 08 Dec 2022 07:01:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=UA-20442478-1
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 87655af607bcdac2ad3028830b7ba1c7
3b1013687ebe614a72e9c0235fbcd5fb7681edfd
e79458f3fd04b6d430eb69f0aef7a5edc4e28e431f351d5c45a06ec8e8870742
GET /gtag/js?id=UA-20442478-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 19:14:07 GMT
expires: Thu, 08 Dec 2022 19:14:07 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-19531429-2
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 6a54fbff94e365d97feb9145c7912bea
efe0274ea07034dd61250c2de50e3ebecd2e91fd
2cfb44b48425d4ee18b40d7167b43e5f005d36fd6cc8f42859d7e887f343cc04
GET /gtag/js?id=UA-19531429-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 19:14:07 GMT
expires: Thu, 08 Dec 2022 19:14:07 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:00:17 GMT
expires: Tue, 05 Dec 2023 21:00:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 252830
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 09ac9a1e368a98bc086681c2992cf97f
91ed9e2313d3b2744d33fa89001c3e74826f657e
774f645c9070697838bb4a95372a2630f53fd85735663cbd6d9ec3a204b28dd3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Thu, 08 Dec 2022 19:14:07 GMT
expires: Thu, 08 Dec 2022 19:14:07 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha21HIHuUlix-jJLX7r5_m6N5fJtzze-cmh8rQgkc5HVmQBYGEIoNcduJSsGX9FrrEKXjqTHmpO5peIyaEXnxDofqnDOV5fim2eFITEO1DWlfVY4bQ=w72-h72-n-k-no-nu
142.250.74.97200 OK 2.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha21HIHuUlix-jJLX7r5_m6N5fJtzze-cmh8rQgkc5HVmQBYGEIoNcduJSsGX9FrrEKXjqTHmpO5peIyaEXnxDofqnDOV5fim2eFITEO1DWlfVY4bQ=w72-h72-n-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash d3f1c22135fdf6ce25ada093bae3c5d7
ab6edce8e298cf6e619139355b4cd0ba8c1567f1
7f7e4bde820be5120884612c0d4321c75fd1826650ecc1bdc96c767b808447b1
GET /blogger_img_proxy/ANbyha21HIHuUlix-jJLX7r5_m6N5fJtzze-cmh8rQgkc5HVmQBYGEIoNcduJSsGX9FrrEKXjqTHmpO5peIyaEXnxDofqnDOV5fim2eFITEO1DWlfVY4bQ=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 09 Dec 2022 19:14:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 19:14:07 GMT
server: fife
content-length: 2670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 31 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (580)
Hash 8b7cd98004b5a619d5ae2c11f7e4f95f
1f4a7476084e64124984e742593655247f8e8774
4a8f8a092ac4f6cdfb825ee9f028c08ec0154732dfeea23d9beaac3aed75dc4f
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 31306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 08:09:50 GMT
expires: Tue, 05 Dec 2023 08:09:50 GMT
cache-control: public, max-age=31536000
age: 299057
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/2 1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8ab41d14c1aa09a171e6f7fb8890d5c6
a8b93b1d387d1fbd63c629e849c332cc2b5406be
ef0d3d17010f324ae57a2ae20015c0d728f58c905b70a5518effa04ff160c982
GET /-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="10_aralik_insan_haklari_gunu.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3454
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:07 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1fe3"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4484
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:07 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7fdb"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
142.250.74.161200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6242
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:07 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7d8d"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
142.250.74.161200 OK 11 kB URL HTTP/2 1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 279edb5b823b4f55f7c83479a93225e3
01356acda7ff0acedb0051e71745fee61d67f62c
3935368604f5e255ee391a2f871167446fce3ed81b1df1fc7474b8e9cd358f17
GET /-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sa_l_kl__ya_am_sa_l_kl__beslenme.png";filename*=UTF-8''sa%C4%9Fl%C4%B1kl%C4%B1_ya%C5%9Fam_sa%C4%9Fl%C4%B1kl%C4%B1_beslenme.png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 10679
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:07 GMT
expires: Tue, 06 Dec 2022 00:19:24 GMT
cache-control: public, max-age=86400, no-transform
etag: "v13776"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.74200 OK 3.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.74:0
Hash 13f3624cbe0297e281b87e531ba217d7
59d59bdd2e64c9bfade6a49c50966716fa8dd167
f868dbb7574f3ffff6e4680993f17dd294bbde1f1109bc333a34644cc9737607
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 19:14:07 GMT
date: Thu, 08 Dec 2022 19:14:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (4885)
Hash edd3af7f7cedde42e6ad2c6c496fa1bf
801d2f79c07c95abbe51d21a05188b167fd4b2e2
44d568bb763fe32d464c9509a34e0776f3941ad3bf3716966cfd20e111b4b69f
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 08 Dec 2022 19:14:07 GMT
expires: Thu, 08 Dec 2022 19:14:07 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11627363313284217235
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4a86688295feb230197592b719ed63bc
54000b01163d69f65234be8830ea02c261b06c3b
9ae90ca7f126091012617ed801d1398e045144ddea9233d8d50bb41c8b2760b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6434
Cache-Control: max-age=150348
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Etag: "6391c6ab-117"
Expires: Sat, 10 Dec 2022 12:59:56 GMT
Last-Modified: Thu, 08 Dec 2022 11:12:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dusunmekvepaylasmak.blogspot.com/search/label/%23GARANTILINKARBYS
172.217.21.161200 OK 120 kB URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/%23GARANTILINKARBYS
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526)
Size 120 kB (120506 bytes)
Hash aa210e8374334dc9fe0fa31182b07aa3
5c98237eb0b3c7c9c4e5566b16654368fddb2ba5
6a1d5a910aff1c61b07046254ceeb2f7c158701dfa5f3aec9ef674bad236593e
Analyzer Verdict Alert fortinet Malware
GET /search/label/%23GARANTILINKARBYS HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 08 Dec 2022 19:14:07 GMT
date: Thu, 08 Dec 2022 19:14:07 GMT
cache-control: private, max-age=0
last-modified: Tue, 29 Nov 2022 20:22:02 GMT
etag: W/"8ca8df289a2001deb99934e54cae67fa14d6127f41db94bab2f53714bb6870c1"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 120506
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/2 4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 224d3ec59a39b8cdd2d4c077d110c666
74bfa0bc3bbd7d8928b4b92eed15d3fec387dc96
8e58417455611270809624f5418459976924a39b03d7b3cc7e34f2408d5a45aa
GET /-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3254
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1e5"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
142.250.74.161200 OK 3.9 kB URL HTTP/2 1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f91fb184622c776de69f08e56b12601c
5800b6197cc43faa89c793e1aafe440e1da702d0
9056fe9741c4a058dc1111aac665ca879e406cdf4b44ac0f4fd64ebb7912202d
GET /-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3855
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3feda69b54a7382821cea05719fd60f7
38c4c734a116c904aef9b12dee521f2d231dd1da
bc791c45c72bbb86a69ba1d4463e82b7cde6cb1f849606740e9ab1f8743c09ec
GET /-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="turkcell_vinn_3g_modem_ayarlari.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2162
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
142.250.74.161200 OK 2.5 kB URL HTTP/2 4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 56135157d216e4eec2eb28a4eeb1fbb9
ef67d140c4ecf6ac7f339eb3e5d45fabe21b2e9b
2e1a2083a1acc23a31793d7a9a35810e6c44c8112a413dee00c0c2848c02b751
GET /-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kopek_memesi_Hidradenitis_s_pp_rativa.jpg";filename*=UTF-8''kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2545
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
142.250.74.161200 OK 4.1 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6d50be519c80191ee9043c30938eb53c
5c764bc1ae85cca9936117ea0ec1ca7de8989a28
58c82626ef5bbae4f1cbc39e7df75682d1d9c678cf2a2d0e4b280779d5b5089c
GET /_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kosgeb.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4100
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v96"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png
142.250.74.161200 OK 9.5 kB URL HTTP/2 2.bp.blogspot.com/-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 305d8fe3e2814664363d50f38c6f1453
aab5de26887140b7f27847196bfcc9aae7a7d7c2
cec8134471a879005b14d26803e313bbbcb5e0ab2c2e5af693604ef142980c0d
GET /-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="facebook_arkadas_gizliligi_duzenleme.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 9459
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v78ef"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 85d832115b9dab07ebb58a2c7a42d25b
77b4c1ee9e67c8a915b8629376aa07d95e1052ff
4821081ed8a16ebe7abcad687dc6ebe6baa3e46461980aee72897c738815c82a
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4521
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 875a5eb0b263a336d4dba17b36b67d98
4eedf6bb827cf2cfba70af9f579b7a39b6cd8581
b08d7462edc4af114d3250b105b4689fbc3bd36c687fb6149df5da0a8341d285
GET /_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigara-yasagi-bulent-duzgit.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3364
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 01:03:26 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7a"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg
142.250.74.161200 OK 6.3 kB URL HTTP/2 3.bp.blogspot.com/-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 425231c8fe8e77bdff8aec15f1d48354
1284a6adf99fc6e901ad2d7cd48ad8fc155b3190
6ff8f3e8fc1254ddff62c5e3ca84aae62d0edad1afbb087c51c941887e33c9b0
GET /-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="cicek_leylak-cicek_resimleri.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6296
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v842"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 198baf3f7d853bc634b438561c189896
63640490c23c9d452cb566e3c8d9cb29cb9bef37
5edbbfadba784c3a27259984b189817862e146c0c550b6854bd6175be846aa41
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4527
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 21:48:57 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2X2vr7cw8tfCRoKM0i1nR_Mb2SRvZijph88_y8xbqFHSBV80uWinNRwH5f873MccC_Q-IgVRv11aT2OM0dwb1nOhLGZ39d-bErEyg_C9g=w72-h72-p-k-no-nu
142.250.74.97404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2X2vr7cw8tfCRoKM0i1nR_Mb2SRvZijph88_y8xbqFHSBV80uWinNRwH5f873MccC_Q-IgVRv11aT2OM0dwb1nOhLGZ39d-bErEyg_C9g=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 0f3d9f2e54603b52737159997f666208
cb098488be19da38211f27785861136f6955cdcf
74001eb169eaca526406827d76b84268dedc1d2730d4e8e3f1e64a1e86391609
GET /blogger_img_proxy/ANbyha2X2vr7cw8tfCRoKM0i1nR_Mb2SRvZijph88_y8xbqFHSBV80uWinNRwH5f873MccC_Q-IgVRv11aT2OM0dwb1nOhLGZ39d-bErEyg_C9g=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 19:14:08 GMT
server: fife
content-length: 1708
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rollercoin.com/static/img/public_img/gen2/w160h600.gif
172.67.72.239200 OK 257 kB URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 172.67.72.239:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 257 kB (256868 bytes)
Hash 310de483225f5182ad7e10732d049749
47c20a51575f309719a5cc70fa770c29c3fea19b
5be1e183cfd4a31f6cf1973e887b6baaf9314e424c540f83497105535787b511
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:08 GMT
content-type: image/webp
content-length: 256868
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=323815
content-disposition: inline; filename="w160h600.webp"
etag: W/"4f0e7-18364eefb18"
last-modified: Thu, 22 Sep 2022 11:22:07 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: HIT
age: 5511073
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbNZ%2FaKRcTKkOabnJj%2FFx3t0ueGpC7TCkapKg6icv4c639IJd3ZPQuoRzD3BGIlpzt79cDYKdNCxrKlcuVieq8S0ZbwDYdRp0yKserTDQComiwkO8KFHwlW7bS8Yr2od"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7767d2807f510b45-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07a86cf9d9c8389ebd9c52303c83b27f
fd3524d701bdf111c541b6fc9e038bffcc3b5d6c
de08c944b2cb2671078e452d870757622e286f7214d736ab2c1b1d1c2ab8dcfb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9083cdf8a3f174763927ae3e9ca3934
1d1ca843e0517b384f693ff52b55fcafc48f9ee7
0f42326e84100eb58e3ac1d2eb5e21f7f0ba3502ddea7f607627a465cc234801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 12:29:21 GMT
expires: Fri, 08 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 24287
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:28:50 GMT
expires: Thu, 07 Dec 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 85518
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
142.250.74.98200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.98:0
File type ASCII text, with very long lines (5918)
Size 120 kB (119787 bytes)
Hash d39a51a0701a84bc7f96d8c1004617ad
ab0e175af256e4bf5111da3b0ab777c0732a6bfd
9305582901187fc345ba590aed6b5bb9ba734fdec930a654777df4db94128cd6
GET /pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 19:14:08 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 2016169094847575442
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:28:50 GMT
expires: Thu, 07 Dec 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 85518
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3102
Expires: Thu, 08 Dec 2022 20:05:50 GMT
Date: Thu, 08 Dec 2022 19:14:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3102
Expires: Thu, 08 Dec 2022 20:05:50 GMT
Date: Thu, 08 Dec 2022 19:14:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3102
Expires: Thu, 08 Dec 2022 20:05:50 GMT
Date: Thu, 08 Dec 2022 19:14:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 75166
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 72610
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 71853
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 70849
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3102
Expires: Thu, 08 Dec 2022 20:05:50 GMT
Date: Thu, 08 Dec 2022 19:14:08 GMT
Connection: keep-alive
www.youtube.com/s/player/72d3c60a/www-player.css
172.217.21.174200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/72d3c60a/www-player.css
IP 172.217.21.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5a5b8eb5d8a3df4b72089b611a5e7deb
9eb088fd709aba51fcc2261764df57ddb6df1498
3e06a6dbf24b719e85dac71b46a939a516c246dee204817e5aee68f580b83406
GET /s/player/72d3c60a/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=DLFmjcYqSTw; VISITOR_INFO1_LIVE=c5e2ia7-cOY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49862
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:36:35 GMT
expires: Thu, 07 Dec 2023 19:36:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 01:17:24 GMT
content-type: text/css
age: 85053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 37560
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
172.217.21.174200 OK 99 kB URL HTTP/2 www.youtube.com/s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (679)
Hash 6278b7402fc83e24ebf6989d8de59b43
cb4217da0314cbbad9a59cd9a4c5c9791c5cf2c8
ab52b872c1360673bf1bde1a98e1cf7b9c8bc351bd07651d338f444db827b995
GET /s/player/72d3c60a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=DLFmjcYqSTw; VISITOR_INFO1_LIVE=c5e2ia7-cOY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99392
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:37:00 GMT
expires: Thu, 07 Dec 2023 19:37:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 01:17:24 GMT
content-type: text/javascript
age: 85028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 595565
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 72083
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/s/player/72d3c60a/player_ias.vflset/en_US/base.js
172.217.21.174200 OK 595 kB URL HTTP/2 www.youtube.com/s/player/72d3c60a/player_ias.vflset/en_US/base.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (517)
Size 595 kB (594772 bytes)
Hash 7f5d760069d9cecea0d8dc1acfcabb2b
6acdef1e7fbbafbfbec0012a891af004b02fcb94
338bc6bd2e9aa2fccbe6a5d1a288af6d172aec6b3da3a30ddee4a9d68dc07240
GET /s/player/72d3c60a/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=DLFmjcYqSTw; VISITOR_INFO1_LIVE=c5e2ia7-cOY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 594772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:41:43 GMT
expires: Thu, 07 Dec 2023 19:41:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 01:17:24 GMT
content-type: text/javascript
age: 84745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/72d3c60a/fetch-polyfill.vflset/fetch-polyfill.js
172.217.21.174200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/72d3c60a/fetch-polyfill.vflset/fetch-polyfill.js
IP 172.217.21.174:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/72d3c60a/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=DLFmjcYqSTw; VISITOR_INFO1_LIVE=c5e2ia7-cOY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:37:00 GMT
expires: Thu, 07 Dec 2023 19:37:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 01:17:24 GMT
content-type: text/javascript
age: 85028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-ienr0bMWQ2c/UdBXnfX8_hI/AAAAAAAAHMg/Hkfn-9-6sZs/s72-c/GARANTI-ARBY
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 4.bp.blogspot.com/-ienr0bMWQ2c/UdBXnfX8_hI/AAAAAAAAHMg/Hkfn-9-6sZs/s72-c/GARANTI-ARBY
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e0787581af4559be689525fcb8f985b5
1a8c9444d4ea0c06e76ec0dc01603f15057c1614
d4e04e705e00a6ce18cc9efc58953fe859b34e12207696662987a7a7633aa039
GET /-ienr0bMWQ2c/UdBXnfX8_hI/AAAAAAAAHMg/Hkfn-9-6sZs/s72-c/GARANTI-ARBY HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v71fc"
Expires: Fri, 09 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="GARANTI-ARBY'S_KAMPANYA_BONUS.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 19:14:08 GMT
Server: fife
Content-Length: 3296
X-XSS-Protection: 0
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:42:14 GMT
expires: Thu, 07 Dec 2023 20:42:14 GMT
cache-control: public, max-age=31536000
age: 81114
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
216.58.207.227200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:43:32 GMT
expires: Wed, 06 Dec 2023 15:43:32 GMT
cache-control: public, max-age=31536000
age: 185436
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:45:39 GMT
expires: Thu, 07 Dec 2023 19:45:39 GMT
cache-control: public, max-age=31536000
age: 84509
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1
104.18.11.207200 OK 71 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1
IP 104.18.11.207:0
File type Web Open Font Format (Version 2), TrueType, length 70728, version 4.393\012- data
Hash 926c93d201fe51c8f351e858468980c3
977357f82830f57fbdac2492dd421e5dcce44a1a
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
GET /font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:08 GMT
content-type: font/woff2
content-length: 70728
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "926c93d201fe51c8f351e858468980c3"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/25/2022 04:42:02
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f44a837d0cb5a6153c7f1e321d659dfb
cdn-cache: HIT
cf-cache-status: HIT
age: 815170
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7767d282dc9efab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 08 Dec 2022 18:41:08 GMT
expires: Thu, 08 Dec 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 1980
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8129d4d0ebab3efc528f57883dfb30ba
be557eee6cd854421ec872673041867c73369fa2
ed95fb60948c81a74657e5964798a07145fe91fee47cb270006f62294a5670b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221130/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221130/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221130/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:53:25 GMT
expires: Thu, 22 Dec 2022 16:53:25 GMT
cache-control: public, max-age=1209600
age: 8443
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18cc322e73c8b494d8f43b0922588f04
e328ef83b8b4735aa93cd68ab1eb850f16c10c81
4f8f8fa8fd32fb03501eedd8474a922a448744d0464844314923ba1672c995bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1703396757&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%20%23GARANTILINKARBYS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUADQAAAACAAI~&jid=604719588&gjid=2086461790&cid=521065807.1670526848&tid=UA-20442478-1&_gid=1105346670.1670526848&_r=1>m=2oubu0&z=1473855955
216.239.32.178200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1703396757&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%20%23GARANTILINKARBYS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUADQAAAACAAI~&jid=604719588&gjid=2086461790&cid=521065807.1670526848&tid=UA-20442478-1&_gid=1105346670.1670526848&_r=1>m=2oubu0&z=1473855955
IP 216.239.32.178:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=1703396757&t=pageview&_s=1&dl=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&ul=en-us&de=UTF-8&dt=D%C3%BC%C5%9F%C3%BCnmek%20ve%20Payla%C5%9Fmak%3A%20%23GARANTILINKARBYS&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUADQAAAACAAI~&jid=604719588&gjid=2086461790&cid=521065807.1670526848&tid=UA-20442478-1&_gid=1105346670.1670526848&_r=1>m=2oubu0&z=1473855955 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
date: Thu, 08 Dec 2022 19:14:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1
216.58.207.226200 OK 252 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash c30046b1a9f0837ad586c4f83b9bb4ee
ebb271e01ce1691ac9167a3553a8eb2bc1151bc0
0bed4ecc0782206b4ef56b20d76db0ce63e2a340df70c9e94712fb09eaaa7ff1
GET /gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:08 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash b5f91c5159649d45cfdb8e3efcf44240
aa0b31d6177b082e067ccc79e601a10900c2a601
a3b705a75cd0dd9f14ae4e7c5cc298ed5b0f3e1067ac26aae94413add348b5ca
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 19:14:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 12 Dec 2022 18:24:26 GMT
ETag: "aa0b31d6177b082e067ccc79e601a10900c2a601"
Last-Modified: Thu, 08 Dec 2022 18:24:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7767d2828a73b509-OSL
www.google-analytics.com/gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=521065807.1670526848
216.239.32.178200 OK 45 kB URL HTTP/2 www.google-analytics.com/gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=521065807.1670526848
IP 216.239.32.178:0
File type ASCII text, with very long lines (1921)
Hash de512ddf9fd9a2e916a9303a3ca89583
1909e7acf5b5bf1377cbf792ed72cdbfa26e89c0
487bdc074957009c2ce47d00536fc0b97c64a306878cbbfb6a4645ee8cd856a9
GET /gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=521065807.1670526848 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 19:14:08 GMT
expires: Thu, 08 Dec 2022 19:14:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash b5f91c5159649d45cfdb8e3efcf44240
aa0b31d6177b082e067ccc79e601a10900c2a601
a3b705a75cd0dd9f14ae4e7c5cc298ed5b0f3e1067ac26aae94413add348b5ca
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 19:14:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 12 Dec 2022 18:24:26 GMT
ETag: "aa0b31d6177b082e067ccc79e601a10900c2a601"
Last-Modified: Thu, 08 Dec 2022 18:24:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7767d28289910b06-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18cc322e73c8b494d8f43b0922588f04
e328ef83b8b4735aa93cd68ab1eb850f16c10c81
4f8f8fa8fd32fb03501eedd8474a922a448744d0464844314923ba1672c995bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 5
Date: Thu, 08 Dec 2022 19:14:04 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 5
Date: Thu, 08 Dec 2022 19:14:04 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b8d79685682ab0684ebcd9873dc9f1ad
de00fe0fd4b99a98433a0161801244047115d456
42212f48d6d7f7e7fb0a771330dca03001c513a90364a2e5a0b69813ad0bbecf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 464 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash 3b3854ffc7ec37148939b28239077145
1a362033e0b020680f3369be746b46994381151a
2a37ff9e03859728b9794da0932b972c34d04785835be5f59cab45839ab4c9be
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 19:14:08 GMT
location: https://www.blogger.com/followers.g?blogID=5726965044016880204&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-q_SQt0ZxIJmpesZXLWTX0Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 464
server: GSE
set-cookie: __Host-GAPS=1:hdhIGyexmI3XJAdSTu26tRv5P7WmwQ:wKT3qT9-ugEVw2-E;Path=/;Expires=Sat, 07-Dec-2024 19:14:08 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=521065807.1670526848&jid=604719588&gjid=2086461790&_gid=1105346670.1670526848&_u=YEBAAUACQAAAACAAI~&z=1857807317
108.177.14.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=521065807.1670526848&jid=604719588&gjid=2086461790&_gid=1105346670.1670526848&_u=YEBAAUACQAAAACAAI~&z=1857807317
IP 108.177.14.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=521065807.1670526848&jid=604719588&gjid=2086461790&_gid=1105346670.1670526848&_u=YEBAAUACQAAAACAAI~&z=1857807317 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Dec 2022 19:14:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=lhdblhgcbefo3tcy4mc24mar; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Fri, 09-Dec-2022 20:14:04 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Thu, 08 Dec 2022 19:14:04 GMT
Content-Length: 318
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=17671
date: Thu, 08 Dec 2022 19:14:09 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dcb0ed86727c359c48d60000d5ce055b
f7e736e0e1f78ec89eacaa08fd5648e1cf47d4fc
68713a99b06419fcaa5ee2c4b2b1a2772ff6a47df9ca0f5dda78189fefa108a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:06:04 GMT
expires: Thu, 08 Dec 2022 19:21:04 GMT
cache-control: public, max-age=900
age: 485
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 090c0d90762a09ad645f2c83d39d1678
703e7261f071d6ab7c85a28b78b8372ebb46d154
158e9b3ad4f84a9e4c47fea31495a9e6b5c024f2a3019f9766c78b1cd6b4d183
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
83.66.162.128200 OK 4.5 kB URL HTTP/1.1 widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (19781), with no line terminators
Hash d917d10a568917376ce065e84ebc04c0
eb368dc21cb28adcf22ce221b590729598658d2c
4f45f209d3645945394cdb1866967a741b66258f65d42fb7dc0b163a4a1d39ec
GET //content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01 HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 8836026
Date: Sun, 28 Aug 2022 12:46:44 GMT
Expires: Thu, 22 Dec 2022 23:31:43 GMT
Cache-Control: public
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Last-Modified: Wed, 22 Dec 2021 23:31:43 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 4521
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 090c0d90762a09ad645f2c83d39d1678
703e7261f071d6ab7c85a28b78b8372ebb46d154
158e9b3ad4f84a9e4c47fea31495a9e6b5c024f2a3019f9766c78b1cd6b4d183
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42bdfac4b74435a3d8add640fc703403
e1a183562d91f7cec147112026b6d9d904533ed1
4366d9c119721babbd7188548e8885917a1c011f1cf828dceef088140e8fe8c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
216.58.211.1200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221206/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Thu, 08 Dec 2022 18:31:16 GMT
expires: Thu, 22 Dec 2022 18:31:16 GMT
cache-control: public, max-age=1209600
age: 2573
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1542)
Hash 6f59900fa87e133bae329372aebefe36
260937d2934233c07b112f3564ec9eca7b529fd7
156c12ec7d6973b5742504716567b70740dd66bee9cc0e1a1608df56e77011fd
GET /pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7480
x-xss-protection: 0
date: Thu, 08 Dec 2022 18:31:16 GMT
expires: Thu, 22 Dec 2022 18:31:16 GMT
cache-control: public, max-age=1209600
age: 2573
etag: 15631949847000551034
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/72d3c60a/player_ias.vflset/en_US/remote.js
172.217.21.174200 OK 37 kB URL HTTP/2 www.youtube.com/s/player/72d3c60a/player_ias.vflset/en_US/remote.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (537)
Hash 2d953000152b22924e370a28236c32bb
375eeac066b2aba919e9e25e82e3b33ed8927e2a
bd3e50fb063c03a676e27b03570e1696515b8d70ac6f3e5000237b8b7b8c347a
GET /s/player/72d3c60a/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=DLFmjcYqSTw; VISITOR_INFO1_LIVE=c5e2ia7-cOY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 37222
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:41:45 GMT
expires: Thu, 07 Dec 2023 19:41:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 01:17:24 GMT
content-type: text/javascript
age: 84744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b991a259d1f5ed59f771c6717d37d319
3d27e198a13a8b503653a55c7dff4502fde93b4f
943d09ffc57eaa5f8786fe4877c949ab50ba5fb001ca4901a05d5eab57536716
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3399
Cache-Control: max-age=104149
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Etag: "63911e10-139"
Expires: Sat, 10 Dec 2022 00:09:58 GMT
Last-Modified: Wed, 07 Dec 2022 23:13:20 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 08 Dec 2022 19:14:09 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cb4dd119f7430c320eac60b72355bd8c
e5694c4e08731720fa303127f2f4b2fe5ab9fba9
116e36f240390df2689f722ba0174ff342f7c6ce3a6b91853342c93def2a0825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11936, version 1.0\012- data
Hash 15d8ede0a816bc7a9838207747c6620c
f6e2e75f1277c66e282553ae6a22661e51f472b8
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 09:38:03 GMT
expires: Sat, 02 Dec 2023 09:38:03 GMT
cache-control: public, max-age=31536000
age: 552966
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (35818)
Hash 511a3814cb1663e9d9286015da587ae2
a9ef6e40f17b2659c823195354e912a8979cc1a0
a2e4a4711f28ea423fdcadcced71bdf38e190b285fdde3fc9f11868ad8730375
GET /js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 06:09:08 GMT
expires: Thu, 07 Dec 2023 06:09:08 GMT
cache-control: public, max-age=31536000
age: 133501
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3aa1bbd0347d54c75a1c9f2d6c58b2c3
8162d1bb5f9508fc2cf3e8401315ad7a880e26cd
791f57b7a631981383efaab93148415f8eb3335b091da419720f1ebf0f933471
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:09 GMT
server: ESF
cache-control: private
content-length: 31045
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.6 kB URL HTTP/2 yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 7f0d8c8d9cbb88ed7c0dc10ee1a2b0ae
830e3dfe396cc6bc3a448d0ed13e4f1d25fdef58
0f8e403418f768e45267ca0edb3223d1a3c5e1dec070040b6399c0a89773cbf4
GET /vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4552
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:44:59 GMT
expires: Wed, 30 Nov 2022 20:09:33 GMT
cache-control: public, max-age=86400, no-transform
age: 8950
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5c27a4ab37c6c8203d281ea09fa3e4a
0c36ba3df7510a76b2062ad1584e564592a45035
4eac9570f12e3959c4944baf4f232cd994291cd1dfe334ffc93ac4737972bdb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
142.250.74.182200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 19:14:09 GMT
expires: Thu, 08 Dec 2022 21:14:09 GMT
cache-control: public, max-age=7200
etag: "1668598177"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5c27a4ab37c6c8203d281ea09fa3e4a
0c36ba3df7510a76b2062ad1584e564592a45035
4eac9570f12e3959c4944baf4f232cd994291cd1dfe334ffc93ac4737972bdb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bc97b26376f5787bfa0a6fdfb759e5ce
9561aece4fb95ccfebf881ead6d424ff2854d341
9fd160380e77f1017d5f2c0af94d05ca84977e4d4b42f6fd385a815fbf672556
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 989
Cache-Control: max-age=155355
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:09 GMT
Etag: "6391ef7f-139"
Expires: Sat, 10 Dec 2022 14:23:24 GMT
Last-Modified: Thu, 08 Dec 2022 14:06:55 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEH83kmNypQf1Aw-NNy5oEgASAAA&wp=Y5I3gAAKfnUKssJNAAhVlIx86eSnUeHEhni4nQ
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEH83kmNypQf1Aw-NNy5oEgASAAA&wp=Y5I3gAAKfnUKssJNAAhVlIx86eSnUeHEhni4nQ
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEH83kmNypQf1Aw-NNy5oEgASAAA&wp=Y5I3gAAKfnUKssJNAAhVlIx86eSnUeHEhni4nQ HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 190358
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019
142.250.74.35200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (2317)
Hash 672af10ab698efba2355841bfd81329b
9645421a0c97b3ef7807935fc347d89f1787d28f
0e4e6eeffa4bd3b79591b67255e83d1c6952fb98f269d7024609ae491f26fc1b
GET /mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4197
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 00:52:01 GMT
expires: Mon, 06 Mar 2023 00:52:01 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
content-type: text/javascript
age: 238929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/c42ecac5b0a5717c99bf1e3a0e3a76fe.js?tag=exit_2019
142.250.74.35200 OK 9.5 kB URL HTTP/2 www.gstatic.com/mysidia/c42ecac5b0a5717c99bf1e3a0e3a76fe.js?tag=exit_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (1740)
Hash 0f62398e9b59fd7a21041a38fbd353d7
966a7cfb8628ba45b2385db484194813acc1c078
3ed29b22b28206ebd7ee81ed3e4ee0fa01220682237996d36bfcaa056b9df03b
GET /mysidia/c42ecac5b0a5717c99bf1e3a0e3a76fe.js?tag=exit_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 9519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 01:51:55 GMT
expires: Mon, 06 Mar 2023 01:51:55 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
content-type: text/javascript
age: 235335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/generate_204?GXMk8g
172.217.21.174204 No Content 0 B URL HTTP/2 www.youtube.com/generate_204?GXMk8g
IP 172.217.21.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?GXMk8g HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=DLFmjcYqSTw; VISITOR_INFO1_LIVE=c5e2ia7-cOY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 19:14:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 518bf2ed51b00f8f798831d424dadf44
82ef1b85e2721fbcdc58cf54f55e827e7e6d7492
35b5e785c53e5e9a4be75c4086777542da459649bcd0c596a7918c0cd70ef661
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3362
Cache-Control: max-age=155930
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "6391e87a-139"
Expires: Sat, 10 Dec 2022 14:33:00 GMT
Last-Modified: Thu, 08 Dec 2022 13:36:58 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWawC2ASdg2ICAgAAALQtmre-JuykEIA3kmPl6NNBlT9RvKx2ngASAAA&wp=Y5I3gQAFX3gKso2JAA-Fv4fb4FdkXkaM8hDTcQ
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWawC2ASdg2ICAgAAALQtmre-JuykEIA3kmPl6NNBlT9RvKx2ngASAAA&wp=Y5I3gQAFX3gKso2JAA-Fv4fb4FdkXkaM8hDTcQ
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWawC2ASdg2ICAgAAALQtmre-JuykEIA3kmPl6NNBlT9RvKx2ngASAAA&wp=Y5I3gQAFX3gKso2JAA-Fv4fb4FdkXkaM8hDTcQ HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 333331
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5166
Cache-Control: max-age=100477
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "639108d1-139"
Expires: Fri, 09 Dec 2022 23:08:47 GMT
Last-Modified: Wed, 07 Dec 2022 21:42:41 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5166
Cache-Control: max-age=100477
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "639108d1-139"
Expires: Fri, 09 Dec 2022 23:08:47 GMT
Last-Modified: Wed, 07 Dec 2022 21:42:41 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5166
Cache-Control: max-age=100477
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "639108d1-139"
Expires: Fri, 09 Dec 2022 23:08:47 GMT
Last-Modified: Wed, 07 Dec 2022 21:42:41 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5193
Cache-Control: max-age=100504
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "639108d1-139"
Expires: Fri, 09 Dec 2022 23:09:14 GMT
Last-Modified: Wed, 07 Dec 2022 21:42:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 80bc0f96ea96fde678243ff6ac1a2b22
09f6a7dd77cae8777a0a105926f6f8a38635d5a4
fa517d4d2dd08a6bdc676d703e216ba5b48fc658698bc628961854dbd25dbdc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5166
Cache-Control: max-age=100477
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "639108d1-139"
Expires: Fri, 09 Dec 2022 23:08:47 GMT
Last-Modified: Wed, 07 Dec 2022 21:42:41 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbWzWQAAnYNiAgIAAAC_oV1-pfcQ9BCAN5JjYDfJKgsfq0uCCFUAEgMB&wp=Y5I3gQAFTJcFkUrUAALlB1L-_9O5gPReEQdmew
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbWzWQAAnYNiAgIAAAC_oV1-pfcQ9BCAN5JjYDfJKgsfq0uCCFUAEgMB&wp=Y5I3gQAFTJcFkUrUAALlB1L-_9O5gPReEQdmew
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPTpDbWzWQAAnYNiAgIAAAC_oV1-pfcQ9BCAN5JjYDfJKgsfq0uCCFUAEgMB&wp=Y5I3gQAFTJcFkUrUAALlB1L-_9O5gPReEQdmew HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 352567
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sun, 03 Dec 2023 19:14:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sun, 03 Dec 2023 19:14:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 1.2 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
Hash ffbef94bab6ce57075592c57349ef358
357dae122083b9f94cd6e9ede02dee55deb7fb62
0fb62fdf8fe86175490effa760a71d88c064e2c8113e64121ea67b9f57812aef
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sun, 03 Dec 2023 19:14:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.24.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 92656
expires: Tue, 28 Nov 2023 19:14:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35VVIP%2FZxyBh3GMkPujgru8u3O54%2BQo8cDRbqlJuPvhtHy9IHLnUHFObYGvEbUTPGw0QnhXb8kg6S5Yj%2F7vUbZrVjwjj1JQKaHZVMNR49suYi%2F%2FIjfLXXaSdIzNkr3jB0k7tQJMQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7767d2904d7ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 98f8af26b00325bf9086a697fb7e9931
4393fab2dbe807c5b0323a7f200754ac54a8cd10
7fd58e94c14ad131f33b9b6a962417b051f69e7473131cfd8f380ff80644fbd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4675
Cache-Control: max-age=150050
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "6391cc62-13a"
Expires: Sat, 10 Dec 2022 12:55:00 GMT
Last-Modified: Thu, 08 Dec 2022 11:37:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 98f8af26b00325bf9086a697fb7e9931
4393fab2dbe807c5b0323a7f200754ac54a8cd10
7fd58e94c14ad131f33b9b6a962417b051f69e7473131cfd8f380ff80644fbd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4769
Cache-Control: max-age=150145
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "6391cc62-13a"
Expires: Sat, 10 Dec 2022 12:56:35 GMT
Last-Modified: Thu, 08 Dec 2022 11:37:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 98f8af26b00325bf9086a697fb7e9931
4393fab2dbe807c5b0323a7f200754ac54a8cd10
7fd58e94c14ad131f33b9b6a962417b051f69e7473131cfd8f380ff80644fbd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4746
Cache-Control: max-age=150121
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:10 GMT
Etag: "6391cc62-13a"
Expires: Sat, 10 Dec 2022 12:56:11 GMT
Last-Modified: Thu, 08 Dec 2022 11:37:06 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2F8839%2Flight5_eb1000_shimano_1_2.jpg&v=3&w=400&s=4-Jyve4WnHpbv1aKQ9H0XNX8&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2F8839%2Flight5_eb1000_shimano_1_2.jpg&v=3&w=400&s=4-Jyve4WnHpbv1aKQ9H0XNX8&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x386, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed60ecda74ee44e16c8761237878c1ca
a28153fa505a26bad8d73107e16ec945297a21a2
8eb46e676a21862a4e4a7c34a5e19da5a5dee7550afeb49ef838cbcce70ff8c1
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2F8839%2Flight5_eb1000_shimano_1_2.jpg&v=3&w=400&s=4-Jyve4WnHpbv1aKQ9H0XNX8&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=913
expires: Thu, 08 Dec 2022 19:29:24 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11384
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FMuuta%2Fmulti_switch_dashboard_controller_1.jpg&v=3&w=400&s=O9SRhSpFY0FhjcG4u83X5ZGG&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FMuuta%2Fmulti_switch_dashboard_controller_1.jpg&v=3&w=400&s=O9SRhSpFY0FhjcG4u83X5ZGG&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 367x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2ad0b828ff7d933d096b876ba4fbcbe
6503de3af2d78aa9c56e5f3b0f662aae22707df3
947c750200b159be2928ffe5e107d24295602f28061e08b943e6120c6c14c2a9
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FMuuta%2Fmulti_switch_dashboard_controller_1.jpg&v=3&w=400&s=O9SRhSpFY0FhjcG4u83X5ZGG&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1764
expires: Thu, 08 Dec 2022 19:43:35 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10694
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Panther_S1050__Straight__103_cm__432W__Ref_50%2Fpurelux_panther_s1050_set_1.jpg&v=3&w=400&s=rDOnozyNpdPTrYf56i97yQJv&b=400
178.250.0.139200 OK 9.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Panther_S1050__Straight__103_cm__432W__Ref_50%2Fpurelux_panther_s1050_set_1.jpg&v=3&w=400&s=rDOnozyNpdPTrYf56i97yQJv&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x304, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f142bd9b3b35e074b448348ded81f154
71a8c1e8d103d23185dc37c5718202327341ed7c
fa164a17ead157625abd670655483de0c34d3b4fba9c9cfe07092ed36f897cad
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Panther_S1050__Straight__103_cm__432W__Ref_50%2Fpurelux_panther_s1050_set_1.jpg&v=3&w=400&s=rDOnozyNpdPTrYf56i97yQJv&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=607
expires: Thu, 08 Dec 2022 19:24:17 GMT
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8976
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FLED_Driving_light_BAR_Strands_SIBERIA_Single_Row_42_199W%2Fstrands_siberia_sr_42_4.jpg&v=3&w=400&s=MEj_hxuwGd7Bpn0egPX_xIJz&b=400
178.250.0.139200 OK 3.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FLED_Driving_light_BAR_Strands_SIBERIA_Single_Row_42_199W%2Fstrands_siberia_sr_42_4.jpg&v=3&w=400&s=MEj_hxuwGd7Bpn0egPX_xIJz&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x131, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d755e3d7e47d960536e38f5b5916103a
86518366045316e114187babc950bc70120dae28
e7d51db8b1f1307bb1f70648d1107d04674c40b59e10a7b8d2bf7784e52ddde4
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FLED_Driving_light_BAR_Strands_SIBERIA_Single_Row_42_199W%2Fstrands_siberia_sr_42_4.jpg&v=3&w=400&s=MEj_hxuwGd7Bpn0egPX_xIJz&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1183
expires: Thu, 08 Dec 2022 19:33:53 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 3230
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLumonite%2Flumonite_headwear_2019_1.jpg&v=3&w=400&s=oXKPPqjn0qeioHEzfwMAbOUr&b=400
178.250.0.139200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLumonite%2Flumonite_headwear_2019_1.jpg&v=3&w=400&s=oXKPPqjn0qeioHEzfwMAbOUr&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 322x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 67fcf3ff000017b5cc9b3c93bbc78a7b
19ed6c3256543066cecb11e5f04d21da22785843
5ba64a731ef3d416575f9c3045c0f5bf92eaec866342d14b64b7ea37d5ab9acd
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLumonite%2Flumonite_headwear_2019_1.jpg&v=3&w=400&s=oXKPPqjn0qeioHEzfwMAbOUr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=357
expires: Thu, 08 Dec 2022 19:20:08 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7964
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Black_9120__Round__23_cm__120W__Ref_45%2Fpurelux_9120_2pcs.jpg&v=3&w=400&s=46urBzYv0uJZBEn11eCLZjf6&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Black_9120__Round__23_cm__120W__Ref_45%2Fpurelux_9120_2pcs.jpg&v=3&w=400&s=46urBzYv0uJZBEn11eCLZjf6&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x237, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb8478edb6b0e81b10ececacf2803c10
637eb1e8a1a7f67c41d086c74874e6f4c2173805
620896e5216d1d64eb9ca9c4edfca0804553152e50e7fbb829cdcd7f540856c8
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Black_9120__Round__23_cm__120W__Ref_45%2Fpurelux_9120_2pcs.jpg&v=3&w=400&s=46urBzYv0uJZBEn11eCLZjf6&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Thu, 08 Dec 2022 19:14:10 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14118
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Road_Curve_C550__Curved__55_cm__120W__Ref_40%2Fpurelux_road_curve_c550_kit_2_1.jpg&v=3&w=400&s=j7ILwNj8USEeWIcKf2HJL1io&b=400
178.250.0.139200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Road_Curve_C550__Curved__55_cm__120W__Ref_40%2Fpurelux_road_curve_c550_kit_2_1.jpg&v=3&w=400&s=j7ILwNj8USEeWIcKf2HJL1io&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 395x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a76c5ae6656cf089cba4734b849b908
09e706f23ca653f4bedfb26bf895ab2045aa40fe
4b0f205d3607dbe8ef6dfaf22eefd82bbd8d36b7a084584f7f187c81d2598b47
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Road_Curve_C550__Curved__55_cm__120W__Ref_40%2Fpurelux_road_curve_c550_kit_2_1.jpg&v=3&w=400&s=j7ILwNj8USEeWIcKf2HJL1io&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Thu, 08 Dec 2022 19:14:10 GMT
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11560
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FDriving_light_Purelux_Black_XSlim_S520_52_cm_2020%2Fpurelux_road_black_xlim_520_set1_1.jpg&v=3&w=400&s=zpqdlIDfeiKNjGaMVOjs-ckO&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FDriving_light_Purelux_Black_XSlim_S520_52_cm_2020%2Fpurelux_road_black_xlim_520_set1_1.jpg&v=3&w=400&s=zpqdlIDfeiKNjGaMVOjs-ckO&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3e89e13d398f55d40ea2a9caa23da113
77c757887da94a8c2a2ca407279ed7e6ffd248a1
fee972982ad4ddb91f3597eff979c1be24a2a3d174651845ba8dcaf62560c8bc
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FDriving_light_Purelux_Black_XSlim_S520_52_cm_2020%2Fpurelux_road_black_xlim_520_set1_1.jpg&v=3&w=400&s=zpqdlIDfeiKNjGaMVOjs-ckO&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1438
expires: Thu, 08 Dec 2022 19:38:09 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12692
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Black_XSlim_C520%2Fpurelux_black_xslim_c520_set_1_1.jpg&v=3&w=400&s=FoXLAFdqz_hFYsm5RpfnPMnP&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Black_XSlim_C520%2Fpurelux_black_xslim_c520_set_1_1.jpg&v=3&w=400&s=FoXLAFdqz_hFYsm5RpfnPMnP&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x327, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e5224585739a368e646538ca153738e
6fded7f9f92f8f7bb90eba52188952c238c8b974
618356c80458b2a4d4fdf884de50a5b45cf2c88ecc0d189948dbb85a32e6a0b3
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Black_XSlim_C520%2Fpurelux_black_xslim_c520_set_1_1.jpg&v=3&w=400&s=FoXLAFdqz_hFYsm5RpfnPMnP&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=565
expires: Thu, 08 Dec 2022 19:23:35 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12962
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Strands_Dark_Knight_Insane__Rectangle__25_cm__112W__Ref_45%2Fstrands_dark_knight_insane_2pcs.jpg&v=3&w=400&s=B9hsUhzkNkEB3kCqa4MxJzgN&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Strands_Dark_Knight_Insane__Rectangle__25_cm__112W__Ref_45%2Fstrands_dark_knight_insane_2pcs.jpg&v=3&w=400&s=B9hsUhzkNkEB3kCqa4MxJzgN&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x293, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5b4af39b66b308a17a2dc5120695c96
6eec0d70e4e4e7a897b3542323b4ce82eebce2a0
78d485b7a963540ddcac1828adad70d4d36a056f161cc062294af8ff4a569b4f
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Strands_Dark_Knight_Insane__Rectangle__25_cm__112W__Ref_45%2Fstrands_dark_knight_insane_2pcs.jpg&v=3&w=400&s=B9hsUhzkNkEB3kCqa4MxJzgN&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=976
expires: Thu, 08 Dec 2022 19:30:27 GMT
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13512
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_1_1.jpeg&v=3&w=400&s=oq6SYVucXa86LfvhsPxuVId5&b=400
178.250.0.139200 OK 7.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_1_1.jpeg&v=3&w=400&s=oq6SYVucXa86LfvhsPxuVId5&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x135, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc3fc2c1ef36e93d1410da1cd0199d5f
f615d90828dd6bf875e9609c1a14539a1a5a067d
9050f8e129f3bc31803d31f286a5b243b2c09422eabbc91c0a21710ce096d269
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_1_1.jpeg&v=3&w=400&s=oq6SYVucXa86LfvhsPxuVId5&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=292
expires: Thu, 08 Dec 2022 19:19:02 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7554
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Fvalostorese%2Fproduktbilder%2FStrands%2Fstrands_side_shooter_xl1.jpg&v=3&w=400&s=LgG80EhGjE1gfdh31GTFVnwy&b=400
178.250.0.139200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Fvalostorese%2Fproduktbilder%2FStrands%2Fstrands_side_shooter_xl1.jpg&v=3&w=400&s=LgG80EhGjE1gfdh31GTFVnwy&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 354x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bad75e07564efac2cf2ffc01d1bdfc18
020eed83c5ca4239069ee51b3b8bd45061b1cd8c
7409bb500bf4c8e83e64b46cd167a3c350819dc0642cfac7deaa555addbb88f9
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Fvalostorese%2Fproduktbilder%2FStrands%2Fstrands_side_shooter_xl1.jpg&v=3&w=400&s=LgG80EhGjE1gfdh31GTFVnwy&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Thu, 08 Dec 2022 19:14:10 GMT
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16728
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2FAAA_2021%2Fpurelux_terrain_black_slim_flood_2_1.jpg&v=3&w=400&s=I9O10dMXymneuiSANeBV_Dvq&b=400
178.250.0.139200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2FAAA_2021%2Fpurelux_terrain_black_slim_flood_2_1.jpg&v=3&w=400&s=I9O10dMXymneuiSANeBV_Dvq&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x152, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7da65f289fff36ac8c1b591aecc3cc2d
5a534b345e073aa2af60380f9492ff568a9193df
41a7afb975fe653451492d744ffb6585918bf12323eef196dcfe3f90b8eb2164
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2FAAA_2021%2Fpurelux_terrain_black_slim_flood_2_1.jpg&v=3&w=400&s=I9O10dMXymneuiSANeBV_Dvq&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1564
expires: Thu, 08 Dec 2022 19:40:15 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10108
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2Fled_worklight_purelux_curve_180w_2018.JPG&v=3&w=400&s=NdelsRnCQ_y5UUFJunEqKWQ9&b=400
178.250.0.139200 OK 7.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2Fled_worklight_purelux_curve_180w_2018.JPG&v=3&w=400&s=NdelsRnCQ_y5UUFJunEqKWQ9&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x215, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c651a88f2e7e1317caadbdbcb0464e55
56ceb9fc259ebe8f0825d81dfba82abd722e534f
07121de547927d092b76690011301417e76afaedf51d43923973a3baa740feb7
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FPurelux%2Fled_worklight_purelux_curve_180w_2018.JPG&v=3&w=400&s=NdelsRnCQ_y5UUFJunEqKWQ9&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=65
expires: Thu, 08 Dec 2022 19:15:16 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7506
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x215, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a8c54ae76cb59ff01aa7db465e05573f
904693dd7924a11b52841bc98295618881ad6b43
166e8af8adca384f1ee68949bb463e69545efa4ae7e8b7361f884500b1ce9e06
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=266
expires: Thu, 08 Dec 2022 19:18:37 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11438
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_flush_mount_1.jpg&v=3&w=400&s=u2KMFwPa0WZqPqMhdB6GWfvG&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_flush_mount_1.jpg&v=3&w=400&s=u2KMFwPa0WZqPqMhdB6GWfvG&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x392, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9b60946cbe44d8a1083fa5a1604d0e62
1659b300fcc7f8c0bc3bbb962df6d03788feda88
9ecfb2c02118df8be7375386ad19d9408fc7bb26d621d400de32f88e52b8fd95
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_flush_mount_1.jpg&v=3&w=400&s=u2KMFwPa0WZqPqMhdB6GWfvG&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Thu, 08 Dec 2022 19:14:10 GMT
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12616
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_1.jpg&v=3&w=400&s=ttnksdPIV_9FTy3o3Q485f3r&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_1.jpg&v=3&w=400&s=ttnksdPIV_9FTy3o3Q485f3r&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 390x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eecc4b2e106e52cc18195d87fde04306
7f863035d9a2f5a47106679fc0e63c9c49de7a30
6308a0453b6c0a229aff85e92e226176ee87fc3bdc3626ed07b5b336e8d82f15
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_1.jpg&v=3&w=400&s=ttnksdPIV_9FTy3o3Q485f3r&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Thu, 08 Dec 2022 19:14:10 GMT
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13208
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=sbRDt31k1jOwi5Dq2x0DVo1q
178.250.0.139200 OK 2.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=sbRDt31k1jOwi5Dq2x0DVo1q
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 364x104, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d68f0c206fbc43640d87acd8ac358d0d
de93fb8fc26a456bec0e842b9a5aeb47c139f771
e783cf1e10a4ab2295be2903a3d7f198ace6c2c239152780a75aabd2cab5ac91
GET /img/img?h=104&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=sbRDt31k1jOwi5Dq2x0DVo1q HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29508654
expires: Wed, 15 Nov 2023 08:05:04 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2194
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6349-0.jpg%3Fcb%3D9055279200116f2e4a8672847426951d&v=3&w=800&s=f8AgwWDlqiH4tW0kUAJ8YaiW&b=400
178.250.0.139200 OK 5.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6349-0.jpg%3Fcb%3D9055279200116f2e4a8672847426951d&v=3&w=800&s=f8AgwWDlqiH4tW0kUAJ8YaiW&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ab422e7c2e948609e5d52bb6e4b4c77c
5d17e9cb404ea9d5ffb73f97563f5bebc1fcfaf6
15ee9ba7a34cbac34c5ab3a350ef2492507944e46da5384ba5ee3b31fdd03b13
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F6%2F3%2F6349-0.jpg%3Fcb%3D9055279200116f2e4a8672847426951d&v=3&w=800&s=f8AgwWDlqiH4tW0kUAJ8YaiW&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29934745
expires: Mon, 20 Nov 2023 06:26:36 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5948
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0017Z-0.jpg%3Fcb%3Dd2275143653c8b6c1a4d350e9a49880d&v=3&w=800&s=7wigCJUIAXxmnmfN-3L1JKFM&b=400
178.250.0.139200 OK 6.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0017Z-0.jpg%3Fcb%3Dd2275143653c8b6c1a4d350e9a49880d&v=3&w=800&s=7wigCJUIAXxmnmfN-3L1JKFM&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 165x241, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 834be1e94b97b3046f72dc7e1655cbc2
01763b030849d82d7d401131d540ffc118c9e230
0cf7663e5fafa148537e1fd7f65fab5540d4e0a84662b5c71f3c27c26994f289
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F178GR0017Z-0.jpg%3Fcb%3Dd2275143653c8b6c1a4d350e9a49880d&v=3&w=800&s=7wigCJUIAXxmnmfN-3L1JKFM&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29688086
expires: Fri, 17 Nov 2023 09:55:36 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6922
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=eQX_AOs8uVFphtQHWgSlVhzC
178.250.0.139200 OK 4.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=eQX_AOs8uVFphtQHWgSlVhzC
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x205, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 408c031c22524a27aa5504099129a64a
f525dd01f41c7695cda5e6faf19438b6be05121c
3bc62b12960c71a8c5587d76f310d3e1585ac2e0ed4704f4e9123258f62d3120
GET /img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=eQX_AOs8uVFphtQHWgSlVhzC HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28737406
expires: Mon, 06 Nov 2023 09:50:57 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4808
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F9%2F199217-0.jpg%3Fcb%3D47dbfbf4f03c12e4fad3262b52cc498f&v=3&w=800&s=zmBiqudPSUEDt_IcffN7S8Jr&b=400
178.250.0.139200 OK 4.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F9%2F199217-0.jpg%3Fcb%3D47dbfbf4f03c12e4fad3262b52cc498f&v=3&w=800&s=zmBiqudPSUEDt_IcffN7S8Jr&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 274x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4f5eb42d3a4558a7c995710ff437cb0
1f73d7b42b3e1f5b8754e62b1ff933f2e69f3d1c
c33b7e6d19155abc7f2ad85172e017a537e0cd29f15fc2cce401bb9f87ec2193
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F9%2F199217-0.jpg%3Fcb%3D47dbfbf4f03c12e4fad3262b52cc498f&v=3&w=800&s=zmBiqudPSUEDt_IcffN7S8Jr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30981467
expires: Sat, 02 Dec 2023 09:11:58 GMT
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4298
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a8b65dd45b5caaf05d7af1a012c211
2d76450cb9247fc5eb904e3d6db3c051c26226ae
bdeedcf8ba166914065e069ca9514b3020cfe22d1239cb8ec86495c301108540
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30023226
expires: Tue, 21 Nov 2023 07:01:17 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10926
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=800&s=IlDQVF_Fuv2E4tLS8BUAz5vh&b=400
178.250.0.139200 OK 5.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=800&s=IlDQVF_Fuv2E4tLS8BUAz5vh&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x287, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5dff790a5bb26782110b9d621212e3b5
0b9bdb39b2fbb7823b6a6b80845206df692e80c2
1eedd2a7f883999396b0c2877a2512186f875339b3e284c34601ebb9a71fb8e0
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F3%2F53858-0.jpg%3Fcb%3Df661ebfe7e8461b1aa776d9647b44d74&v=3&w=800&s=IlDQVF_Fuv2E4tLS8BUAz5vh&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30358541
expires: Sat, 25 Nov 2023 04:09:51 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5062
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Df66e0b12358704733e006c2edd98397d&v=3&w=800&s=Hyg2J6WWfA7iGrbNCrv0fMYM&b=400
178.250.0.139200 OK 4.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Df66e0b12358704733e006c2edd98397d&v=3&w=800&s=Hyg2J6WWfA7iGrbNCrv0fMYM&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0bbeed0d30c19b5ea43d60cbe7d7c77b
a5caf3336dda32c303683c030d3311183fad8b75
b9f9db0c090cce1861088be7bbc5919da4de33a3ae653ff09dec92c395814a1b
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139300-0_1.jpg%3Fcb%3Df66e0b12358704733e006c2edd98397d&v=3&w=800&s=Hyg2J6WWfA7iGrbNCrv0fMYM&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30891951
expires: Fri, 01 Dec 2023 08:20:02 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4796
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Heat_9200__Round__22_cm__200W__Ref_50%2Fpurelux_heat_9200_2pcs_2.jpg&v=3&w=400&s=3vepe0GQdu5rvhazv6jKdRw8&b=400
178.250.0.139200 OK 17 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Heat_9200__Round__22_cm__200W__Ref_50%2Fpurelux_heat_9200_2pcs_2.jpg&v=3&w=400&s=3vepe0GQdu5rvhazv6jKdRw8&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x237, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2372449094ed8ac6c5752886ff3a870b
bc8028ffc78292b4b86e6f165bf513ef2aac5cc1
9330d96ead07fbd491e8ca0aa58b129f163386408cd69118877507cf959119ac
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Heat_9200__Round__22_cm__200W__Ref_50%2Fpurelux_heat_9200_2pcs_2.jpg&v=3&w=400&s=3vepe0GQdu5rvhazv6jKdRw8&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Thu, 08 Dec 2022 19:14:10 GMT
date: Thu, 08 Dec 2022 19:14:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 16570
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_1_1.jpeg&ups=1&v=3&w=800&s=9A1yDzDB_EudQog7sjhPo2ly
178.250.0.139200 OK 28 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_1_1.jpeg&ups=1&v=3&w=800&s=9A1yDzDB_EudQog7sjhPo2ly
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x269, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 17d987675e9bc8a03eab8ddd9e3cbd59
9017567ae3147a126e56ffc57e32d0fc9e2f0456
05c76d0fa3414329612b925f3fee9c85531a2ae4fb0e42666f92e721f7202f4d
GET /img/img?c=3&cq=256&h=800&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_1_1.jpeg&ups=1&v=3&w=800&s=9A1yDzDB_EudQog7sjhPo2ly HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=292
expires: Thu, 08 Dec 2022 19:19:02 GMT
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 27638
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 169 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
Size 169 kB (168802 bytes)
Hash a4bcdb554e6515b3315d761567002b03
df11fe29679605de4d0e2d6edf906fe68f304e6e
7c6cc5d569de81ae8783aec63e0063e48be742a0ddf2f0e9502e748c3827f4c6
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sun, 03 Dec 2023 19:14:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 08 Dec 2022 19:14:10 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
4.bp.blogspot.com/-ienr0bMWQ2c/UdBXnfX8_hI/AAAAAAAAHMg/Hkfn-9-6sZs/s1600/GARANTI-ARBY
142.250.74.161200 OK 10 kB URL HTTP/1.1 4.bp.blogspot.com/-ienr0bMWQ2c/UdBXnfX8_hI/AAAAAAAAHMg/Hkfn-9-6sZs/s1600/GARANTI-ARBY
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 224x224, components 3\012- data
Hash 1515bd56e4b47bb4d592609c4ccab5dd
98586319edf0590e817a1b978f929d1e3ffb3a15
e05fbe4451a5ab07ae6798cd4a025cae07e1c1c4eef344ad9fdd29fef1741874
GET /-ienr0bMWQ2c/UdBXnfX8_hI/AAAAAAAAHMg/Hkfn-9-6sZs/s1600/GARANTI-ARBY HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v71fc"
Expires: Fri, 09 Dec 2022 19:14:11 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="GARANTI-ARBY'S_KAMPANYA_BONUS.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 19:14:11 GMT
Server: fife
Content-Length: 9985
X-XSS-Protection: 0
csm.eu.criteo.net/all?cppv=3&cpp=MnHhE9cBwSGAqJESxc8yVWRWQl2I0xeaUrHrT3aTPBUyF61JamENWFBJBWBiqV33WQr-6YvQ98tNt-mPrcVkaejml2-Zj9lTrss5KDwTP9prSefz3gVqHfYlZYCG2KMT8_m_Y8CI5a_3iSsgkfwpebrfE64HumZ8lvJYPBGJZ4vVcxHyvybOZNCfeN-u8yZcehaGKt9elPLB9D0trrZdDRlVuYUVQ7FrcwVstIBNFCevDSbM-HbgbsFdmL5qOHhXZZxfdw&sds=2&rev=83862.2&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=MnHhE9cBwSGAqJESxc8yVWRWQl2I0xeaUrHrT3aTPBUyF61JamENWFBJBWBiqV33WQr-6YvQ98tNt-mPrcVkaejml2-Zj9lTrss5KDwTP9prSefz3gVqHfYlZYCG2KMT8_m_Y8CI5a_3iSsgkfwpebrfE64HumZ8lvJYPBGJZ4vVcxHyvybOZNCfeN-u8yZcehaGKt9elPLB9D0trrZdDRlVuYUVQ7FrcwVstIBNFCevDSbM-HbgbsFdmL5qOHhXZZxfdw&sds=2&rev=83862.2&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=MnHhE9cBwSGAqJESxc8yVWRWQl2I0xeaUrHrT3aTPBUyF61JamENWFBJBWBiqV33WQr-6YvQ98tNt-mPrcVkaejml2-Zj9lTrss5KDwTP9prSefz3gVqHfYlZYCG2KMT8_m_Y8CI5a_3iSsgkfwpebrfE64HumZ8lvJYPBGJZ4vVcxHyvybOZNCfeN-u8yZcehaGKt9elPLB9D0trrZdDRlVuYUVQ7FrcwVstIBNFCevDSbM-HbgbsFdmL5qOHhXZZxfdw&sds=2&rev=83862.2&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=4McIGdcBwSGAqJEScl_tnleqEfkLk-Ef9FC_PWYeplzddRN8E6Nrc-IGjF-cRVer9NLq9expV4TiKfDf3wVflgX919Y1PBpq6EtpRVJhDx6l4yAj9Z9pRS4O6l6E7k2iqIVcQ1J7hdJvUskNNBXNBY4vsy7VurAD1IyynPsdlQ1B1YwUeW45yyP874H-0KHT17t0w4jAexWIMGjIfCEj06B6x_6Rg7pVBtfW_3csoYUHcCq0NWbczaI33klkzR4T3zaAkQ&sds=2&rev=83862.2&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=4McIGdcBwSGAqJEScl_tnleqEfkLk-Ef9FC_PWYeplzddRN8E6Nrc-IGjF-cRVer9NLq9expV4TiKfDf3wVflgX919Y1PBpq6EtpRVJhDx6l4yAj9Z9pRS4O6l6E7k2iqIVcQ1J7hdJvUskNNBXNBY4vsy7VurAD1IyynPsdlQ1B1YwUeW45yyP874H-0KHT17t0w4jAexWIMGjIfCEj06B6x_6Rg7pVBtfW_3csoYUHcCq0NWbczaI33klkzR4T3zaAkQ&sds=2&rev=83862.2&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=4McIGdcBwSGAqJEScl_tnleqEfkLk-Ef9FC_PWYeplzddRN8E6Nrc-IGjF-cRVer9NLq9expV4TiKfDf3wVflgX919Y1PBpq6EtpRVJhDx6l4yAj9Z9pRS4O6l6E7k2iqIVcQ1J7hdJvUskNNBXNBY4vsy7VurAD1IyynPsdlQ1B1YwUeW45yyP874H-0KHT17t0w4jAexWIMGjIfCEj06B6x_6Rg7pVBtfW_3csoYUHcCq0NWbczaI33klkzR4T3zaAkQ&sds=2&rev=83862.2&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:10 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3742
Cache-Control: max-age=166397
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:11 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:27:28 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash c412ce8ff51176f04ac89f371da5b196
e3ef74977079cae3780872d73c76aae6299e5fd2
719c299176c9fc45fea81dcd3b7507d0413e3af7d7d75475fe558a860f0d4c48
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e95d6ecbd01a89b7083b4a6ef8e8c0c9
etag: "9a4b9bc481bd45b20a726d2443420805"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 08 Dec 2022 19:17:08 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: xBLOj/URdvBKyJ83HaWxlg==
x-fb-debug: +5xgKTf2maQTN8i9kop5Mq4jyqLWMc4cQ1yPzgrufuJTpt+zmSMx5Uq3Af28rXcjK0Z3N03yLeAS3oeU/5aKdA==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Thu, 08 Dec 2022 19:14:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3742
Cache-Control: max-age=166397
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:11 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:27:28 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
m.addthis.com/live/red_lojson/300lo.json?si=639237807dcadb52&bkl=0&bl=1&pdt=2516&sid=639237807dcadb52&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2F%2523GARANTILINKARBYS&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670526850139&jsl=1&uvs=63923780bbba5cf0000&skipb=1&callback=addthis.cbs.jsonp__433164031686562030
23.38.200.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=639237807dcadb52&bkl=0&bl=1&pdt=2516&sid=639237807dcadb52&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2F%2523GARANTILINKARBYS&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670526850139&jsl=1&uvs=63923780bbba5cf0000&skipb=1&callback=addthis.cbs.jsonp__433164031686562030
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash e85c84db8a18838ea46fbceebd3cf123
ceb6d4c3c711981b1faafead456018452da3108e
b0b50b386a9d680e29d66379d0020c9c3b5f57cad8b94e9422f0398c2adebe23
GET /live/red_lojson/300lo.json?si=639237807dcadb52&bkl=0&bl=1&pdt=2516&sid=639237807dcadb52&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2F%2523GARANTILINKARBYS&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670526850139&jsl=1&uvs=63923780bbba5cf0000&skipb=1&callback=addthis.cbs.jsonp__433164031686562030 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 08 Dec 2022 19:14:11 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
23.38.200.123200 OK 1.3 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (3821), with no line terminators
Hash 4adc016f0378d43b1e4d8a48395311fb
de42f6825c8d2ef4989b84479d9731baa195bbaa
70f1c455a93fbc3c54102023dd47c6bcc3ff290302ac6e517cd87b74e4efc205
GET /live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 1250
etag: 727245640--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Thu, 08 Dec 2022 19:14:11 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
23.38.200.123200 OK 29 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash f4a430f112d94f56cbeddcde217f69b6
01c1580d462c4977c7194746540f813e6b5675ce
f8999cbfee6629cf5f2f77d325a508f30a1adc6f1ab7506c462bf467930f36da
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28570
date: Thu, 08 Dec 2022 19:14:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Thu, 08 Dec 2022 19:14:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=QSGg8szSUYSURKRSeWXAlJU3MvbOrAw7rFuVlTAT0mmeToKgoxeZf39CW8zf3KyXW3F26WGK3N_URigxJidO4pI-oG32-02VIv_BlJ_54OEHZe_jnUPhTmCtA12dA_R6rkSxojp6a2jXywkWAZG4MZ-jZc3op0xFr5vIgkD5hrkJSDLfzca7G19_k3oeb8mwNGaqjE3AodXmi94laDUZ1ZxncpiU1V_v0Wrg2MaUsVsyTqtgD2GmriPzmSmnk5z6e8CFOZM3YMtI_v8AqJESEpwDCLk72TvGtcxr_411afndWbspvQzp0OrAMFW2whmztj-hegLYkV8F9nFjOOeTW7_-dcP4dqXtp-fyCCQ21Rzil35QziRM4lLEpsrJQymKW66AJcHTWXQRApbNcfVnj5eJiHbfFJrIA4eGvZ9FyNnpg6tvr_e04j6o6FpWibZa9xVvF82cXw2D3YpLCGlCj3TBW7z0gg_66u1BW96ZYUlW1RgB&z=Y5I3gQAFTJcFkUrUAALlB1L-_9O5gPReEQdmew
178.250.0.160200 OK 74 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=QSGg8szSUYSURKRSeWXAlJU3MvbOrAw7rFuVlTAT0mmeToKgoxeZf39CW8zf3KyXW3F26WGK3N_URigxJidO4pI-oG32-02VIv_BlJ_54OEHZe_jnUPhTmCtA12dA_R6rkSxojp6a2jXywkWAZG4MZ-jZc3op0xFr5vIgkD5hrkJSDLfzca7G19_k3oeb8mwNGaqjE3AodXmi94laDUZ1ZxncpiU1V_v0Wrg2MaUsVsyTqtgD2GmriPzmSmnk5z6e8CFOZM3YMtI_v8AqJESEpwDCLk72TvGtcxr_411afndWbspvQzp0OrAMFW2whmztj-hegLYkV8F9nFjOOeTW7_-dcP4dqXtp-fyCCQ21Rzil35QziRM4lLEpsrJQymKW66AJcHTWXQRApbNcfVnj5eJiHbfFJrIA4eGvZ9FyNnpg6tvr_e04j6o6FpWibZa9xVvF82cXw2D3YpLCGlCj3TBW7z0gg_66u1BW96ZYUlW1RgB&z=Y5I3gQAFTJcFkUrUAALlB1L-_9O5gPReEQdmew
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3bbc4cb7b383ac3f5445aa69b4905fad
f2680be0e18b7ecbdc089cad174818b015a1fdc5
7985af12d93d4ce0484cc36a53a954ace33629fdaa0354f5bfa39031edecf45b
GET /delivery/lgn.php?cppv=3&cpp=QSGg8szSUYSURKRSeWXAlJU3MvbOrAw7rFuVlTAT0mmeToKgoxeZf39CW8zf3KyXW3F26WGK3N_URigxJidO4pI-oG32-02VIv_BlJ_54OEHZe_jnUPhTmCtA12dA_R6rkSxojp6a2jXywkWAZG4MZ-jZc3op0xFr5vIgkD5hrkJSDLfzca7G19_k3oeb8mwNGaqjE3AodXmi94laDUZ1ZxncpiU1V_v0Wrg2MaUsVsyTqtgD2GmriPzmSmnk5z6e8CFOZM3YMtI_v8AqJESEpwDCLk72TvGtcxr_411afndWbspvQzp0OrAMFW2whmztj-hegLYkV8F9nFjOOeTW7_-dcP4dqXtp-fyCCQ21Rzil35QziRM4lLEpsrJQymKW66AJcHTWXQRApbNcfVnj5eJiHbfFJrIA4eGvZ9FyNnpg6tvr_e04j6o6FpWibZa9xVvF82cXw2D3YpLCGlCj3TBW7z0gg_66u1BW96ZYUlW1RgB&z=Y5I3gQAFTJcFkUrUAALlB1L-_9O5gPReEQdmew HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3063622
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/images/cvlbx/beachSummer.jpg
23.38.200.123200 OK 88 kB URL HTTP/2 s7.addthis.com/static/images/cvlbx/beachSummer.jpg
IP 23.38.200.123:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x800, components 3\012- data
Hash 2c026aa51bcd25d6b33218d4aa5f6d83
dc4d354fbae246e6f8e4f3d959720d2f006adb33
2e8cb0f4f4f8506bfeb3a39189a6b975e80018e5aa8cd49ed48cb9c4219a8958
GET /static/images/cvlbx/beachSummer.jpg HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/jpeg
content-length: 88467
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-15993"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 08 Dec 2022 19:14:12 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
23.38.200.123200 OK 394 B URL HTTP/2 s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (564), with no line terminators
Hash 09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Thu, 08 Dec 2022 19:14:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
23.38.200.123200 OK 127 B URL HTTP/2 s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c16f2b8f73dfadd8068f3f840cdf7bc5
48f837510b3e187dde91ce56bdd8453830ce64b2
aa41e2ad8da9c442cc1c812d157425bdb3e7e9ff2aec76ee3ac41bbfec720a0e
GET /static/208.92c9dfa16a7b958c8a95.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-70"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 127
date: Thu, 08 Dec 2022 19:14:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/195.461912c47007775093ae.js
23.38.200.123200 OK 298 B URL HTTP/2 s7.addthis.com/static/195.461912c47007775093ae.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (384), with no line terminators
Hash b3a09bfb320e3798865e9543432f891f
1b852bdc37086072c734acec0af4d1971e6ec320
62048a133b36399f6990ddbf705fc3a2cd9a8a9d010e1fb89ed8bdd25d56fca3
GET /static/195.461912c47007775093ae.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-180"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 298
date: Thu, 08 Dec 2022 19:14:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQgDeSY_m1F4ywwkeXK1lKABIAAA&wp=Y5I3gAAJSBAKsooDAATCbTiX1aBgXYgCWXzzPA
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPenErOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQgDeSY_m1F4ywwkeXK1lKABIAAA&wp=Y5I3gAAJSBAKsooDAATCbTiX1aBgXYgCWXzzPA
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPenErOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQgDeSY_m1F4ywwkeXK1lKABIAAA&wp=Y5I3gAAJSBAKsooDAATCbTiX1aBgXYgCWXzzPA HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 351421
date: Thu, 08 Dec 2022 19:14:11 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YNk7ZTJwH2wcgyAhk9jTPTiOVIQXH6kQbzLrrEIKrABwlZE62NUZt0vYrmUoL0nyClrVUJF4dUM04tEillS6-ZMGGp0jAhrEfGgCuSZ_xeBsOgSczHKcdWx4OW6LC4Sl2NUsJuN3tB4--w7NXH8vDACvX-nhFuS746nVwAkUQmm-khMt27VuSd9OTkmymhhCJzhusMti-u7bfWOaELxX_Kl9Edm18Tn41ELsMu0eGcFl1SdZohEPUC2jHvLjV6w1rWmfU_ruS3n8y1cTQ8Q_nNvGL-QfUemyK53geMMMgG3P7XJUf1RpFJGYUpBQGM0e9tEMvqwqhEOhxcRtUFswz3JITi_Cyc_8EGeAuALssVVqpf3QIRI2bXUEIMMB9Y14GXXprsMTsaNhLj0RygO9FlfftRxPYhymwIYqZQxrCv3gRYb23jZZg9AD4Pb8d9FU4SqzPg
178.250.0.160200 OK 44 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YNk7ZTJwH2wcgyAhk9jTPTiOVIQXH6kQbzLrrEIKrABwlZE62NUZt0vYrmUoL0nyClrVUJF4dUM04tEillS6-ZMGGp0jAhrEfGgCuSZ_xeBsOgSczHKcdWx4OW6LC4Sl2NUsJuN3tB4--w7NXH8vDACvX-nhFuS746nVwAkUQmm-khMt27VuSd9OTkmymhhCJzhusMti-u7bfWOaELxX_Kl9Edm18Tn41ELsMu0eGcFl1SdZohEPUC2jHvLjV6w1rWmfU_ruS3n8y1cTQ8Q_nNvGL-QfUemyK53geMMMgG3P7XJUf1RpFJGYUpBQGM0e9tEMvqwqhEOhxcRtUFswz3JITi_Cyc_8EGeAuALssVVqpf3QIRI2bXUEIMMB9Y14GXXprsMTsaNhLj0RygO9FlfftRxPYhymwIYqZQxrCv3gRYb23jZZg9AD4Pb8d9FU4SqzPg
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 319933bdd0b26bfe751173f45cd8e102
6845be2010f470c829266cc58844afcb5f44b073
fc696f96f42c71849302e2df9d9fa9d3805f63552b6d6e5a920c4e6fd8908f7d
GET /delivery/lg.php?cppv=3&cpp=YNk7ZTJwH2wcgyAhk9jTPTiOVIQXH6kQbzLrrEIKrABwlZE62NUZt0vYrmUoL0nyClrVUJF4dUM04tEillS6-ZMGGp0jAhrEfGgCuSZ_xeBsOgSczHKcdWx4OW6LC4Sl2NUsJuN3tB4--w7NXH8vDACvX-nhFuS746nVwAkUQmm-khMt27VuSd9OTkmymhhCJzhusMti-u7bfWOaELxX_Kl9Edm18Tn41ELsMu0eGcFl1SdZohEPUC2jHvLjV6w1rWmfU_ruS3n8y1cTQ8Q_nNvGL-QfUemyK53geMMMgG3P7XJUf1RpFJGYUpBQGM0e9tEMvqwqhEOhxcRtUFswz3JITi_Cyc_8EGeAuALssVVqpf3QIRI2bXUEIMMB9Y14GXXprsMTsaNhLj0RygO9FlfftRxPYhymwIYqZQxrCv3gRYb23jZZg9AD4Pb8d9FU4SqzPg HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2686453
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ
IP 178.250.0.139:0
File type PNG image data, 196 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash bc381116221b106493d972a9262c65e3
980f03704c3d56409200806ffc1b8269240383a4
391ed2f12f92968f164c061b48e5421254b9aae4dfce080b727d60dd6c1cb72e
GET /img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28823331
expires: Tue, 07 Nov 2023 09:43:03 GMT
date: Thu, 08 Dec 2022 19:14:11 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10921
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/151.67aec2e0546e639563bb.js
23.38.200.123200 OK 1.4 kB URL HTTP/2 s7.addthis.com/static/151.67aec2e0546e639563bb.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (1679)
Hash 2bb45db873ce6edc3055bf717f347996
e4809a22f1684378e8dc41a38a6c9d2f99e1d043
3c9c81f51e5a7204c001a8735b325ceff3cabb9f64249b00619388b228a48d43
GET /static/151.67aec2e0546e639563bb.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-68f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 815
date: Thu, 08 Dec 2022 19:14:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63923780bbba5cf0&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
23.38.200.123204 No Content 0 B URL HTTP/2 m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63923780bbba5cf0&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
IP 23.38.200.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63923780bbba5cf0&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
expires: Thu, 08 Dec 2022 19:14:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Dec 2022 19:14:12 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://dusunmekvepaylasmak.blogspot.com/search/label/%23GARANTILINKARBYS
last-modified: Thu, 08 Dec 2022 19:00:00 GMT
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 08 Dec 2022 19:14:12 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&callback=_ate.cbs.rcb_2zlg0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&callback=_ate.cbs.rcb_2zlg0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash e40d264f16be23161d58101537580155
76d1d36fd9771123e9160de75ca48be24f67ade8
754ce4f40c22fdc303d9909c60df3fac062d33aa23b50593ae8cfbad1b6c1db8
GET /url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&callback=_ate.cbs.rcb_2zlg0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/%23garantilinkarbys
last-modified: Thu, 08 Dec 2022 19:14:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Thu, 08 Dec 2022 19:14:12 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&callback=_ate.cbs.rcb_ap4y0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&callback=_ate.cbs.rcb_ap4y0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash fce00af098ebb160b7063f008ab6dec6
1feae8d7bc02eedced7e8d18f6101eb48a490562
6051eaa9c23ddb40132e1d3cf8b00c8fa1b2a3a4e57198b856b538af7201dba1
GET /url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2F%2523GARANTILINKARBYS&callback=_ate.cbs.rcb_ap4y0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/%23garantilinkarbys
last-modified: Thu, 08 Dec 2022 19:14:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Thu, 08 Dec 2022 19:14:12 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 08 Dec 2022 19:14:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 702a0ae6203cc0be921dcce7bf11f217
7dc0230b09bed8ac90d00f28a5163b6d3bb0f7fd
5eafd281e989db9301cf0aa367aee3b7043faf63b97e6cd82a2c8af8581ac258
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 927
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 08 Dec 2022 19:14:13 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=521065807.1670526848&jid=604719588&_u=YEBAAUACQAAAACAAI~&z=563272358
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=521065807.1670526848&jid=604719588&_u=YEBAAUACQAAAACAAI~&z=563272358
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=521065807.1670526848&jid=604719588&_u=YEBAAUACQAAAACAAI~&z=563272358 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 19:14:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QXnALyPcXEEotVk8xXoJnxpbKa9KSZGrxTb73IlkbILfg2gsRzjhojPtD-fX1QTWfTXQ5WkrjcGDLDPbX7hWtCQf0AF18mgoYMpLcrcHob5MWVfPiqA9SyMyNjv4MsHIk2FoWiRYAHh3L7WFAwZlUZMuvHqBjgmrPSnf8IlO_J3OXWhdXfksoGapG1HvPYD47DLccUxqECYhI7voIsaEjRUio1fBw7uXU-IkXXMlvF9nfLEkWBXXqm0cuHHQq9R0PI6uE3AoRzlMoKuFABe1xTwg1NtU4V46zRlgpRiVhiOMRrzmixIc5SjCOifcN7VHPtSUdOFcjOCt4yqrp0PkVVxUAXpfC70-V6qKqDZZaFGNKQRx9xBK8FBgB8I0RaITLbZ6IQqUwaOntYZ3YWxSJmN3Vg3YP4eINyXbhSti6gWBDhVa
178.250.0.160200 OK 517 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QXnALyPcXEEotVk8xXoJnxpbKa9KSZGrxTb73IlkbILfg2gsRzjhojPtD-fX1QTWfTXQ5WkrjcGDLDPbX7hWtCQf0AF18mgoYMpLcrcHob5MWVfPiqA9SyMyNjv4MsHIk2FoWiRYAHh3L7WFAwZlUZMuvHqBjgmrPSnf8IlO_J3OXWhdXfksoGapG1HvPYD47DLccUxqECYhI7voIsaEjRUio1fBw7uXU-IkXXMlvF9nfLEkWBXXqm0cuHHQq9R0PI6uE3AoRzlMoKuFABe1xTwg1NtU4V46zRlgpRiVhiOMRrzmixIc5SjCOifcN7VHPtSUdOFcjOCt4yqrp0PkVVxUAXpfC70-V6qKqDZZaFGNKQRx9xBK8FBgB8I0RaITLbZ6IQqUwaOntYZ3YWxSJmN3Vg3YP4eINyXbhSti6gWBDhVa
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 7289b518ed15da48f0cf1a722519f913
fd62c2d9ceb46462e7699b697e2070ba57d268eb
ec4441aac5a79a2a5649b81b92926818de43d6f3f770cb9056840aac6733ce23
GET /delivery/lg.php?cppv=3&cpp=QXnALyPcXEEotVk8xXoJnxpbKa9KSZGrxTb73IlkbILfg2gsRzjhojPtD-fX1QTWfTXQ5WkrjcGDLDPbX7hWtCQf0AF18mgoYMpLcrcHob5MWVfPiqA9SyMyNjv4MsHIk2FoWiRYAHh3L7WFAwZlUZMuvHqBjgmrPSnf8IlO_J3OXWhdXfksoGapG1HvPYD47DLccUxqECYhI7voIsaEjRUio1fBw7uXU-IkXXMlvF9nfLEkWBXXqm0cuHHQq9R0PI6uE3AoRzlMoKuFABe1xTwg1NtU4V46zRlgpRiVhiOMRrzmixIc5SjCOifcN7VHPtSUdOFcjOCt4yqrp0PkVVxUAXpfC70-V6qKqDZZaFGNKQRx9xBK8FBgB8I0RaITLbZ6IQqUwaOntYZ3YWxSJmN3Vg3YP4eINyXbhSti6gWBDhVa HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:11 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2665344
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=47WoS9cBwSGAqJES1KT0uBC6jpaI06OTbbiW221kKO5CdwyahmlWEnQaUL0sM-1NeYyWC2x3uZ_GtWsm1Q2vogCZ5ZXxa1MA9scDtH2UMdJIqw0q5JMw3HHRJyp5jrNWH1hRGLpxINMOW6w6GZvqGLtj8Ui6uY7TzoGjQAoqXXvWHjhGtVB4zVCvjnrxcNq_n2F5of4-GAV8usW0zQOJitD2iWKqSpYuOz3GX2s6iyEaPnkTI1oAiRI3frE0VkxRNNk6VQ&sds=2&rev=83862.2&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=47WoS9cBwSGAqJES1KT0uBC6jpaI06OTbbiW221kKO5CdwyahmlWEnQaUL0sM-1NeYyWC2x3uZ_GtWsm1Q2vogCZ5ZXxa1MA9scDtH2UMdJIqw0q5JMw3HHRJyp5jrNWH1hRGLpxINMOW6w6GZvqGLtj8Ui6uY7TzoGjQAoqXXvWHjhGtVB4zVCvjnrxcNq_n2F5of4-GAV8usW0zQOJitD2iWKqSpYuOz3GX2s6iyEaPnkTI1oAiRI3frE0VkxRNNk6VQ&sds=2&rev=83862.2&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=47WoS9cBwSGAqJES1KT0uBC6jpaI06OTbbiW221kKO5CdwyahmlWEnQaUL0sM-1NeYyWC2x3uZ_GtWsm1Q2vogCZ5ZXxa1MA9scDtH2UMdJIqw0q5JMw3HHRJyp5jrNWH1hRGLpxINMOW6w6GZvqGLtj8Ui6uY7TzoGjQAoqXXvWHjhGtVB4zVCvjnrxcNq_n2F5of4-GAV8usW0zQOJitD2iWKqSpYuOz3GX2s6iyEaPnkTI1oAiRI3frE0VkxRNNk6VQ&sds=2&rev=83862.2&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:12 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 82fe344091a7fb91113742b06e991694
8beb6c9547d3b04b341e03559bc868d9d8eb4f95
315eca86217123eed9a0817b39026b72ff82e16e68f938a2bf683999bf90cdbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4908
Cache-Control: max-age=93365
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 19:14:13 GMT
Etag: "6390ee0e-1d7"
Expires: Fri, 09 Dec 2022 21:10:18 GMT
Last-Modified: Wed, 07 Dec 2022 19:48:30 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=34380&adfrmid=0
109.232.197.33302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=34380&adfrmid=0
IP 109.232.197.33:0
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=34380&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 08 Dec 2022 19:14:13 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=34380&adfrmid=0
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=34380&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=34380&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=34380&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 19:14:13 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=n804niflUCDHwvBG8DGwm6jofDeKYOYpF4yUVRC8bP9nH218YMH6_A--; expires=Fri, 05 Jan 2024 19:14:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=z8HeIqw48u_3yfiM5BosHn4KOR7UbACbJ_oC3.wUSQcFVs2j.suCOFeyNGu19JlFs80o05pXm2k9Bw8o6C1YmXQTiJfEVtBnX3yqZYI3LZGUIrpklLHBxlZ8_PxXrTtVJ30-; expires=Fri, 05 Jan 2024 19:14:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Fri, 05 Jan 2024 19:14:13 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
media.boomads.com/images/offer/odul-20222910073038755.jpg
83.66.162.75200 OK 22 kB URL HTTP/1.1 media.boomads.com/images/offer/odul-20222910073038755.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 616x117, components 3\012- data
Hash 24cd3f4c54967c20e2c2ed6e258b36ef
84bf01ace88003ad22edfc985c139807e13b7434
8a386ca865acc7093fd1932c37f7a1e110e7fc62a943fb40d25dd2a8135d1dbb
GET /images/offer/odul-20222910073038755.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 00:57:38 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"1fa6ad5768ebd81:0"
Content-Type: image/jpeg
Last-Modified: Sat, 29 Oct 2022 07:30:38 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 22186
media.boomads.com/images/offer/messi-campaign-20222910072716532.png
83.66.162.75200 OK 122 kB URL HTTP/1.1 media.boomads.com/images/offer/messi-campaign-20222910072716532.png
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type PNG image data, 690 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (121729 bytes)
Hash 6d0ee80a532a4f56bf96d1e1a13a1fae
f9e3669edb7099e82ba10d347626457fe43eecca
5fde2ef794e0bf4cda9ec98c8c3589c09d21a72e833e86caee9489e344addeb0
GET /images/offer/messi-campaign-20222910072716532.png HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 13:04:48 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"7f3927df67ebd81:0"
Content-Type: image/png
Last-Modified: Sat, 29 Oct 2022 07:27:16 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 121729
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=63923783ace1c09a6bb977cff87376d1
37.157.6.233302 Found 40 kB URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=63923783ace1c09a6bb977cff87376d1
IP 37.157.6.233:0
Hash 76a24ea6de20d77bc494cadd8a153b48
6197a27942018d7176ba214846b5b2b2507f3b09
bb8b6caff76b270c0b10a70f1d49ae7fcd6f768a14ed2aed953cc469d85b0196
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=63923783ace1c09a6bb977cff87376d1 HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 19:14:09 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=34380&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
media.boomads.com/images/offer/bitget-koruma-f-20221611055851763.png
83.66.162.75200 OK 59 kB URL HTTP/1.1 media.boomads.com/images/offer/bitget-koruma-f-20221611055851763.png
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type PNG image data, 605 x 318, 8-bit/color RGBA, non-interlaced\012- data
Hash 28911308dbbf78cbf79d17edb4b7301d
8dd0119fd3cfb87953fcc9fcdaf0a1167040db7c
cb50e628b3a660107ea8be316ca36951b72170f094899547808907b4ac60994e
GET /images/offer/bitget-koruma-f-20221611055851763.png HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 00:26:43 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "e47b38080f9d81:0"
Content-Type: image/png
Last-Modified: Wed, 16 Nov 2022 05:58:51 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 59303
csm.eu.criteo.net/all?cppv=3&cpp=47WoS9cBwSGAqJES1KT0uBC6jpaI06OTbbiW221kKO5CdwyahmlWEnQaUL0sM-1NeYyWC2x3uZ_GtWsm1Q2vogCZ5ZXxa1MA9scDtH2UMdJIqw0q5JMw3HHRJyp5jrNWH1hRGLpxINMOW6w6GZvqGLtj8Ui6uY7TzoGjQAoqXXvWHjhGtVB4zVCvjnrxcNq_n2F5of4-GAV8usW0zQOJitD2iWKqSpYuOz3GX2s6iyEaPnkTI1oAiRI3frE0VkxRNNk6VQ&sds=2&rev=83862.2&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=47WoS9cBwSGAqJES1KT0uBC6jpaI06OTbbiW221kKO5CdwyahmlWEnQaUL0sM-1NeYyWC2x3uZ_GtWsm1Q2vogCZ5ZXxa1MA9scDtH2UMdJIqw0q5JMw3HHRJyp5jrNWH1hRGLpxINMOW6w6GZvqGLtj8Ui6uY7TzoGjQAoqXXvWHjhGtVB4zVCvjnrxcNq_n2F5of4-GAV8usW0zQOJitD2iWKqSpYuOz3GX2s6iyEaPnkTI1oAiRI3frE0VkxRNNk6VQ&sds=2&rev=83862.2&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=47WoS9cBwSGAqJES1KT0uBC6jpaI06OTbbiW221kKO5CdwyahmlWEnQaUL0sM-1NeYyWC2x3uZ_GtWsm1Q2vogCZ5ZXxa1MA9scDtH2UMdJIqw0q5JMw3HHRJyp5jrNWH1hRGLpxINMOW6w6GZvqGLtj8Ui6uY7TzoGjQAoqXXvWHjhGtVB4zVCvjnrxcNq_n2F5of4-GAV8usW0zQOJitD2iWKqSpYuOz3GX2s6iyEaPnkTI1oAiRI3frE0VkxRNNk6VQ&sds=2&rev=83862.2&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
media.boomads.com/images/offer/strategy-plaza-20221011074814694.jpg
83.66.162.75200 OK 379 kB URL HTTP/1.1 media.boomads.com/images/offer/strategy-plaza-20221011074814694.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, progressive, precision 8, 1200x675, components 3\012- data
Size 379 kB (379117 bytes)
Hash b382414882619cf0368b18ac37ca2bd3
a7abb09bf3c40a75fe04f2df711d1a0ae88b408e
332629d99e7ea426ba19994ea2b934d11d2e51dc46ff10419df651a7e44e2684
GET /images/offer/strategy-plaza-20221011074814694.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 00:27:06 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"af848cad8f4d81:0"
Content-Type: image/jpeg
Last-Modified: Thu, 10 Nov 2022 07:48:14 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 379117
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:05:37 GMT
age: 32917
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
172.217.21.174200 OK 31 B URL HTTP/2 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP 172.217.21.174:0
File type JSON data\012- , ASCII text
Hash 0517a608635a116d279530f9e79f46c6
d039de7440a05934e6a9f517ef98c460efa701c4
fcdc48636aaf6e5c6123f43decdec565c7a7614a1729283815ecdfb7ae1bef63
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1670526854035
Content-Type: application/json
X-Goog-Visitor-Id: CgtjNWUyaWE3LWNPWSiA78icBg%3D%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20221206.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1670526847744&flash=0&frm=2&u_tz&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C325%2C315&vis=1&wgl=true&ca_type=image
Content-Length: 946
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=DLFmjcYqSTw; VISITOR_INFO1_LIVE=c5e2ia7-cOY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 08 Dec 2022 19:14:14 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+654; expires=Sat, 07-Dec-2024 19:14:14 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 19:14:14 GMT
cache-control: private
X-Firefox-Spdy: h2
media.boomads.com/images/offer/kcgi-2022-20222910074714115.jpg
83.66.162.75200 OK 169 kB URL HTTP/1.1 media.boomads.com/images/offer/kcgi-2022-20222910074714115.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1035x540, components 3\012- data
Size 169 kB (168772 bytes)
Hash 8cd35c2df8f8bd0437123455fd84be85
06ca591d59b000bee2db467de3790e524bc4e984
f3979564e6e978be15db9e42e554b4048fc596ddd7d55c0c65f24db27d7bc359
GET /images/offer/kcgi-2022-20222910074714115.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 11:11:57 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"aadff7a86aebd81:0"
Content-Type: image/jpeg
Last-Modified: Sat, 29 Oct 2022 07:47:14 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 168772
media.boomads.com/images/offer/messi-bitget-20222110121742292.jpg
83.66.162.75200 OK 611 kB URL HTTP/1.1 media.boomads.com/images/offer/messi-bitget-20222110121742292.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 2401x1200, components 3\012- data
Size 611 kB (610984 bytes)
Hash ec36574f7ca255fc0e4d5a773a120901
ee5e79237583d7e9ef1748dda812fd126e8b3baa
a562f4c019f5ff6b7590e66bfb9ce9aa126b8ba445115c604c9e90d65229d45e
GET /images/offer/messi-bitget-20222110121742292.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:53:08 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"12e5661e47e5d81:0"
Content-Type: image/jpeg
Last-Modified: Fri, 21 Oct 2022 12:17:42 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 610984
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sun, 03 Dec 2023 19:14:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sun, 03 Dec 2023 19:14:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 19:14:10 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sun, 03 Dec 2023 19:14:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9vvg25JQosmtLdw2GZ5AHCqbDWgLEevB8MVmis7sr910OirZPSWn-02ehhiBJTrHJTogSSVlJ8mRqRFWqoKKFEe53ZOK68_za29f-CoKq4dSxWWvtiGVNHvQOhC5eaGreyWknVE9XYDRrnqmJ1JnvoxeNbGLBh0eGKbJuHqXE6BYwPYefaxRGWw53gMIJWWgNRjM8lBfjGjZgaPYlf_dTVBG6oneN6c5QsRBMEVFIlPGoA_slUurc6udFz7B6jm3rW6k6YcOuinO8ZpjG0C_FqS2IrR9bwPj2DfHqH8XQxi5LSqQiAkTcIE9We2aVYlX74W2Ka-A8MxSeWyQNruYun7UGxEMTnACNPjSL9Csi4qlSr8Xxdb9fIixLrwWcGckHLIVO2Uv-rS2OMDojx973Lhx9mpptEApub7P8z17vSpLE9Ya
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9vvg25JQosmtLdw2GZ5AHCqbDWgLEevB8MVmis7sr910OirZPSWn-02ehhiBJTrHJTogSSVlJ8mRqRFWqoKKFEe53ZOK68_za29f-CoKq4dSxWWvtiGVNHvQOhC5eaGreyWknVE9XYDRrnqmJ1JnvoxeNbGLBh0eGKbJuHqXE6BYwPYefaxRGWw53gMIJWWgNRjM8lBfjGjZgaPYlf_dTVBG6oneN6c5QsRBMEVFIlPGoA_slUurc6udFz7B6jm3rW6k6YcOuinO8ZpjG0C_FqS2IrR9bwPj2DfHqH8XQxi5LSqQiAkTcIE9We2aVYlX74W2Ka-A8MxSeWyQNruYun7UGxEMTnACNPjSL9Csi4qlSr8Xxdb9fIixLrwWcGckHLIVO2Uv-rS2OMDojx973Lhx9mpptEApub7P8z17vSpLE9Ya
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=9vvg25JQosmtLdw2GZ5AHCqbDWgLEevB8MVmis7sr910OirZPSWn-02ehhiBJTrHJTogSSVlJ8mRqRFWqoKKFEe53ZOK68_za29f-CoKq4dSxWWvtiGVNHvQOhC5eaGreyWknVE9XYDRrnqmJ1JnvoxeNbGLBh0eGKbJuHqXE6BYwPYefaxRGWw53gMIJWWgNRjM8lBfjGjZgaPYlf_dTVBG6oneN6c5QsRBMEVFIlPGoA_slUurc6udFz7B6jm3rW6k6YcOuinO8ZpjG0C_FqS2IrR9bwPj2DfHqH8XQxi5LSqQiAkTcIE9We2aVYlX74W2Ka-A8MxSeWyQNruYun7UGxEMTnACNPjSL9Csi4qlSr8Xxdb9fIixLrwWcGckHLIVO2Uv-rS2OMDojx973Lhx9mpptEApub7P8z17vSpLE9Ya HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2891642
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-03-10 20:26:25
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 9f906bfe8a0a96b9156c7a4ed4664168
cdn-cache: HIT
cf-cache-status: HIT
age: 19837636
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7767d27dabfbb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5I3gQAFX3gKso2JAA-Fv4fb4FdkXkaM8hDTcQ&u=%7CjJeoEZy5C7Nwn%2Fu1aGtPp4UoIai5uG1%2BHqZNpzfeKRg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XXS-nd-IQJ6s9W9xXUiNViAmIazQnnqB2TSWWS9is1AI0qNursuJyITwZ7YRY8mW_Tlnxls5sv2H4hxAtM9rhJVzUeb4HS__QKADeUH-lqPgbSMZ13GQ1Hxsnnf1hRQ2ET5hSqwNRIF6LGgaxlix4xPdnkxYZlQ2C3eYVAFW_lLRpN6cG3Zxy00pO5L_UR_hPIsd75e97bqv0ODg13q0OKAlay8R_jobAn0lIP1uCPczrnSYqXiIAuvCnfiiGHcr9CAOwF97ZizpAbEiTqDX_RA9z69D4xvaQYBex_6AXr_9WT0pND2jBxt_lduFr9SvE2_3CJBI5D0nPaSsuuYK8QSryuLnbFSj4RJoiidfLAi1zwY_1IsR9gFB2g0khJ14WG8bhvmRt5WHrFODa5YKGSfiB9uG4Bk9G93t8xzRJu85zqG6DtZDaBCeWnhzmAL6b2mH3MZ8yyVNkNNFxDZc54W8-mVwcB1HRumYfppmX-t9lf_oBfA6QKUkfbbHZHXSdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyfaOgTeSY_i-FYmbygW_i76IC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCy1U0M4utsT6oAwGqBJACT9Dz--qoJJev4X7KBkfO79BpShgoP-PLXlPB2DfDGmER5LdFHrF4mL0LUxt3sm3ZA-GD_pAGMvppu2kVN5YWCwOXVbDaiiO7paxlrBYo_ACd6oQU_2iaF3NTaa3VO1rXtBlBO1h-UVtuS_M4VxtuEgpTFXcwkrxljR5S21sAPqYFsQYGzFElPC-C3orMocTCnTZyrctpXXFvnVCaPVXAPpopC90sUwhXQTnOfc3BpMFW9t1heJ7DsNg3EYS964FN7V_l45BcAZm5g5YO7GvTyRFXdYK3AVIeJMYa7Etm7SA_fOwzZA2ywc75-ldwMYM4GpVxAsoGxlezAWiYqu55rJOyT3s_lZmxr-RcPkVqr0OABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0X9z2V0jC63RPCxuekZxUXy05Q6g%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5I3gQAFX3gKso2JAA-Fv4fb4FdkXkaM8hDTcQ&u=%7CjJeoEZy5C7Nwn%2Fu1aGtPp4UoIai5uG1%2BHqZNpzfeKRg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XXS-nd-IQJ6s9W9xXUiNViAmIazQnnqB2TSWWS9is1AI0qNursuJyITwZ7YRY8mW_Tlnxls5sv2H4hxAtM9rhJVzUeb4HS__QKADeUH-lqPgbSMZ13GQ1Hxsnnf1hRQ2ET5hSqwNRIF6LGgaxlix4xPdnkxYZlQ2C3eYVAFW_lLRpN6cG3Zxy00pO5L_UR_hPIsd75e97bqv0ODg13q0OKAlay8R_jobAn0lIP1uCPczrnSYqXiIAuvCnfiiGHcr9CAOwF97ZizpAbEiTqDX_RA9z69D4xvaQYBex_6AXr_9WT0pND2jBxt_lduFr9SvE2_3CJBI5D0nPaSsuuYK8QSryuLnbFSj4RJoiidfLAi1zwY_1IsR9gFB2g0khJ14WG8bhvmRt5WHrFODa5YKGSfiB9uG4Bk9G93t8xzRJu85zqG6DtZDaBCeWnhzmAL6b2mH3MZ8yyVNkNNFxDZc54W8-mVwcB1HRumYfppmX-t9lf_oBfA6QKUkfbbHZHXSdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyfaOgTeSY_i-FYmbygW_i76IC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCy1U0M4utsT6oAwGqBJACT9Dz--qoJJev4X7KBkfO79BpShgoP-PLXlPB2DfDGmER5LdFHrF4mL0LUxt3sm3ZA-GD_pAGMvppu2kVN5YWCwOXVbDaiiO7paxlrBYo_ACd6oQU_2iaF3NTaa3VO1rXtBlBO1h-UVtuS_M4VxtuEgpTFXcwkrxljR5S21sAPqYFsQYGzFElPC-C3orMocTCnTZyrctpXXFvnVCaPVXAPpopC90sUwhXQTnOfc3BpMFW9t1heJ7DsNg3EYS964FN7V_l45BcAZm5g5YO7GvTyRFXdYK3AVIeJMYa7Etm7SA_fOwzZA2ywc75-ldwMYM4GpVxAsoGxlezAWiYqu55rJOyT3s_lZmxr-RcPkVqr0OABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0X9z2V0jC63RPCxuekZxUXy05Q6g%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y5I3gQAFX3gKso2JAA-Fv4fb4FdkXkaM8hDTcQ&u=%7CjJeoEZy5C7Nwn%2Fu1aGtPp4UoIai5uG1%2BHqZNpzfeKRg%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XXS-nd-IQJ6s9W9xXUiNViAmIazQnnqB2TSWWS9is1AI0qNursuJyITwZ7YRY8mW_Tlnxls5sv2H4hxAtM9rhJVzUeb4HS__QKADeUH-lqPgbSMZ13GQ1Hxsnnf1hRQ2ET5hSqwNRIF6LGgaxlix4xPdnkxYZlQ2C3eYVAFW_lLRpN6cG3Zxy00pO5L_UR_hPIsd75e97bqv0ODg13q0OKAlay8R_jobAn0lIP1uCPczrnSYqXiIAuvCnfiiGHcr9CAOwF97ZizpAbEiTqDX_RA9z69D4xvaQYBex_6AXr_9WT0pND2jBxt_lduFr9SvE2_3CJBI5D0nPaSsuuYK8QSryuLnbFSj4RJoiidfLAi1zwY_1IsR9gFB2g0khJ14WG8bhvmRt5WHrFODa5YKGSfiB9uG4Bk9G93t8xzRJu85zqG6DtZDaBCeWnhzmAL6b2mH3MZ8yyVNkNNFxDZc54W8-mVwcB1HRumYfppmX-t9lf_oBfA6QKUkfbbHZHXSdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyfaOgTeSY_i-FYmbygW_i76IC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCy1U0M4utsT6oAwGqBJACT9Dz--qoJJev4X7KBkfO79BpShgoP-PLXlPB2DfDGmER5LdFHrF4mL0LUxt3sm3ZA-GD_pAGMvppu2kVN5YWCwOXVbDaiiO7paxlrBYo_ACd6oQU_2iaF3NTaa3VO1rXtBlBO1h-UVtuS_M4VxtuEgpTFXcwkrxljR5S21sAPqYFsQYGzFElPC-C3orMocTCnTZyrctpXXFvnVCaPVXAPpopC90sUwhXQTnOfc3BpMFW9t1heJ7DsNg3EYS964FN7V_l45BcAZm5g5YO7GvTyRFXdYK3AVIeJMYa7Etm7SA_fOwzZA2ywc75-ldwMYM4GpVxAsoGxlezAWiYqu55rJOyT3s_lZmxr-RcPkVqr0OABvrv4u2Tr7XwUaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0X9z2V0jC63RPCxuekZxUXy05Q6g%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:09 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=4McIGdcBwSGAqJEScl_tnleqEfkLk-Ef9FC_PWYeplzddRN8E6Nrc-IGjF-cRVer9NLq9expV4TiKfDf3wVflgX919Y1PBpq6EtpRVJhDx6l4yAj9Z9pRS4O6l6E7k2iqIVcQ1J7hdJvUskNNBXNBY4vsy7VurAD1IyynPsdlQ1B1YwUeW45yyP874H-0KHT17t0w4jAexWIMGjIfCEj06B6x_6Rg7pVBtfW_3csoYUHcCq0NWbczaI33klkzR4T3zaAkQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 157837600
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5I3gAAJSBAKsooDAATCbTiX1aBgXYgCWXzzPA&u=%7CAjlH3p4wNoqhr%2FbVcajXWn1kwNXAO1Z%2BaF3aHR2dFJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIT0MjWuWij45gjylM5GjSehstPQio8Q10goszk2Xs2tg87JWBWScp9-6G1jlqfwJBRyva2vG4H7xNMyPq4aJ1AGjCTGVrHQZD3rGd2Paawfpjvat25JMHjyM6wfonOA4aSM7MP6nDibV4WM5MwJ6XH0sDrbH6U0yDIlt2xEBpIWmfeJLs_vzaggNm4ID5K-vgKFXiSdyrlXhC9aNRYOgnCK47xZUNiQbYmwHWuFkMsY2KnjBehnv_HfhSZxjOHoIcl6j8y5RGHvqPR20wsJpFxV2TPJaldx1MS2S4J16N2nfcTrvD1z4nzw8BmK0KJDbNJ7JSTi8YI0c0o9xJMjENIZ0iRc1SbwurJI7z9cAh6kSWRBD5NjMg29Tb7kpm-rVPcQEV74_uS37XvoFE0VYvwqrlNlhhb7Lfzos8ZrZ8K7V92B3owh4omhBIK2XSUMLJ2UANTI4UMcG5Ph5Yk7CD_aGiutI_BUPPmPaR5EQKZ2rz-AoQKDLXghFxhumC_fQ6DOLYQEUAPU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBGQygDeSY5CQJYOUygXthJOQBcme0rFcxYyL4JoBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAstVNDOLrbE-qAMBqgSLAk_QFX_r8bgZmkVaRrr9hJFAyicmEpN671ywL6cungkHt0qP_UdaUtPlUje9dgKq9SKqGq8epRsZbpQ7VLaMp7zSx36-QHZKxCWWEX8JEafqFDpgVcYLdjX9u0qoxiVTFmjDOLZHf53WvvTbdAi5khSjDg94PA3wTMqes-LxoL7UkGnYf7yQwwo-ge77LD5mdu4kzGl7q8szoSKsy3CcVFOCnUsxocVEP-t0UKhijJ3Gnv4eKd2kKMMjXB5DeP6lJMzFVHxMbiPaBRfaPg1eCPh3LUyYBVHFwHzl4Y81L1qD7UqCzNU5sUgUtT7GiQjLD5DvFrwFLLO2V9YmPm8iOjAhB3e13qrO1NWnboAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QlQ6tjMLUox7Gv6dfj74KQnwGxg%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5I3gAAJSBAKsooDAATCbTiX1aBgXYgCWXzzPA&u=%7CAjlH3p4wNoqhr%2FbVcajXWn1kwNXAO1Z%2BaF3aHR2dFJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIT0MjWuWij45gjylM5GjSehstPQio8Q10goszk2Xs2tg87JWBWScp9-6G1jlqfwJBRyva2vG4H7xNMyPq4aJ1AGjCTGVrHQZD3rGd2Paawfpjvat25JMHjyM6wfonOA4aSM7MP6nDibV4WM5MwJ6XH0sDrbH6U0yDIlt2xEBpIWmfeJLs_vzaggNm4ID5K-vgKFXiSdyrlXhC9aNRYOgnCK47xZUNiQbYmwHWuFkMsY2KnjBehnv_HfhSZxjOHoIcl6j8y5RGHvqPR20wsJpFxV2TPJaldx1MS2S4J16N2nfcTrvD1z4nzw8BmK0KJDbNJ7JSTi8YI0c0o9xJMjENIZ0iRc1SbwurJI7z9cAh6kSWRBD5NjMg29Tb7kpm-rVPcQEV74_uS37XvoFE0VYvwqrlNlhhb7Lfzos8ZrZ8K7V92B3owh4omhBIK2XSUMLJ2UANTI4UMcG5Ph5Yk7CD_aGiutI_BUPPmPaR5EQKZ2rz-AoQKDLXghFxhumC_fQ6DOLYQEUAPU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBGQygDeSY5CQJYOUygXthJOQBcme0rFcxYyL4JoBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAstVNDOLrbE-qAMBqgSLAk_QFX_r8bgZmkVaRrr9hJFAyicmEpN671ywL6cungkHt0qP_UdaUtPlUje9dgKq9SKqGq8epRsZbpQ7VLaMp7zSx36-QHZKxCWWEX8JEafqFDpgVcYLdjX9u0qoxiVTFmjDOLZHf53WvvTbdAi5khSjDg94PA3wTMqes-LxoL7UkGnYf7yQwwo-ge77LD5mdu4kzGl7q8szoSKsy3CcVFOCnUsxocVEP-t0UKhijJ3Gnv4eKd2kKMMjXB5DeP6lJMzFVHxMbiPaBRfaPg1eCPh3LUyYBVHFwHzl4Y81L1qD7UqCzNU5sUgUtT7GiQjLD5DvFrwFLLO2V9YmPm8iOjAhB3e13qrO1NWnboAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QlQ6tjMLUox7Gv6dfj74KQnwGxg%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y5I3gAAJSBAKsooDAATCbTiX1aBgXYgCWXzzPA&u=%7CAjlH3p4wNoqhr%2FbVcajXWn1kwNXAO1Z%2BaF3aHR2dFJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIT0MjWuWij45gjylM5GjSehstPQio8Q10goszk2Xs2tg87JWBWScp9-6G1jlqfwJBRyva2vG4H7xNMyPq4aJ1AGjCTGVrHQZD3rGd2Paawfpjvat25JMHjyM6wfonOA4aSM7MP6nDibV4WM5MwJ6XH0sDrbH6U0yDIlt2xEBpIWmfeJLs_vzaggNm4ID5K-vgKFXiSdyrlXhC9aNRYOgnCK47xZUNiQbYmwHWuFkMsY2KnjBehnv_HfhSZxjOHoIcl6j8y5RGHvqPR20wsJpFxV2TPJaldx1MS2S4J16N2nfcTrvD1z4nzw8BmK0KJDbNJ7JSTi8YI0c0o9xJMjENIZ0iRc1SbwurJI7z9cAh6kSWRBD5NjMg29Tb7kpm-rVPcQEV74_uS37XvoFE0VYvwqrlNlhhb7Lfzos8ZrZ8K7V92B3owh4omhBIK2XSUMLJ2UANTI4UMcG5Ph5Yk7CD_aGiutI_BUPPmPaR5EQKZ2rz-AoQKDLXghFxhumC_fQ6DOLYQEUAPU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBGQygDeSY5CQJYOUygXthJOQBcme0rFcxYyL4JoBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAstVNDOLrbE-qAMBqgSLAk_QFX_r8bgZmkVaRrr9hJFAyicmEpN671ywL6cungkHt0qP_UdaUtPlUje9dgKq9SKqGq8epRsZbpQ7VLaMp7zSx36-QHZKxCWWEX8JEafqFDpgVcYLdjX9u0qoxiVTFmjDOLZHf53WvvTbdAi5khSjDg94PA3wTMqes-LxoL7UkGnYf7yQwwo-ge77LD5mdu4kzGl7q8szoSKsy3CcVFOCnUsxocVEP-t0UKhijJ3Gnv4eKd2kKMMjXB5DeP6lJMzFVHxMbiPaBRfaPg1eCPh3LUyYBVHFwHzl4Y81L1qD7UqCzNU5sUgUtT7GiQjLD5DvFrwFLLO2V9YmPm8iOjAhB3e13qrO1NWnboAGhs3hiuHPyo7QAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2QlQ6tjMLUox7Gv6dfj74KQnwGxg%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=47WoS9cBwSGAqJES1KT0uBC6jpaI06OTbbiW221kKO5CdwyahmlWEnQaUL0sM-1NeYyWC2x3uZ_GtWsm1Q2vogCZ5ZXxa1MA9scDtH2UMdJIqw0q5JMw3HHRJyp5jrNWH1hRGLpxINMOW6w6GZvqGLtj8Ui6uY7TzoGjQAoqXXvWHjhGtVB4zVCvjnrxcNq_n2F5of4-GAV8usW0zQOJitD2iWKqSpYuOz3GX2s6iyEaPnkTI1oAiRI3frE0VkxRNNk6VQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 42417057
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 0 B URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116406
date: Thu, 08 Dec 2022 19:14:08 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5I3gAAKfnUKssJNAAhVlIx86eSnUeHEhni4nQ&u=%7CAjlH3p4wNorT%2BPNQzTZ8GdJIkptR88EtId87uWCiNHY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhSGSdsW3ImLE_K3Myq7u3aQmlmx1_Lyi5Iu57RufowcgZ3oZmObf3P7R0iVWBzAKOFM_WW3FL-Gi4KAkN8XgwgzgF8ViP1azcZtLTlHH6Pr-o2uZr34Fo4RG9_xtH7ck_D-Zasc-aUrhTc_dD7QruTrfaG1YxrTIxlwTN5iqSXgHgqJcjfvzA2h1I_9gTtybYfVGf_3Li37cxVleSHnWAoB4mBv48AkqFU-KbVc4P3xbTr8YUXIelW10fglW4DsW7AVrI_lJZCORoWNBd3dCI8wzccSxX6zUSD1wKdeg_Ye6d_0ajGR2Sh3k0D3XGZb6bAbGj-aVn3sKVQ2bLmfShN7DLV2WnE88wPaElSMAaptOY713aO9LQ2HfkKHHLfqK37kdQPUtOOzrb9RID0laEzG-JObso3JoSwpLTBY4pLJKAUtHyP2gMtU_-9jrQE7onFdlH057mMSGS6G-6v63nHADe7zHkjzG0OOifxUH4T3HcIw8SYBjFA4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHE6gDeSY_X8Kc2EywWUq6EIyZ7SsVzN8eLdiAHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCwQoab7upsT6oAwGqBIoCT9B3TJYV4qjN9hvSZLMmtg1BYqS0_kmomM8HKdSv9nDUuyOhbJU1Ce2MIHt3b9iD6y7dRWocfwDtyY55nYqOBqVnw5wMTcWP4EXKxqRmhSkErZGzLVBCpTGcahylJDhbSGEMKFBcDgEG3_RhFosdU7qc_NqQVuB4MGZhT7mTfixUSJzEHM-a4xNrIgYVEnPFdIBxC7MtAGZIqEZgYeXY8VC4weefyCXQZmrfmSHDOXz1NQfgvjeOebNd_QxTpFp57Yxigx5gwmXA6CaFnrFas4qm47e6pUPuingXO4BNQLQsy8-djEL_MRlSCe0TgMpqIh7YfZhwuR218j6LfHhlSrvYan4_vWwoNN-ABpm8s62i-biBMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lqhJi8Mzilbitz8qwiIxhBRWbwQ%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5I3gAAKfnUKssJNAAhVlIx86eSnUeHEhni4nQ&u=%7CAjlH3p4wNorT%2BPNQzTZ8GdJIkptR88EtId87uWCiNHY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhSGSdsW3ImLE_K3Myq7u3aQmlmx1_Lyi5Iu57RufowcgZ3oZmObf3P7R0iVWBzAKOFM_WW3FL-Gi4KAkN8XgwgzgF8ViP1azcZtLTlHH6Pr-o2uZr34Fo4RG9_xtH7ck_D-Zasc-aUrhTc_dD7QruTrfaG1YxrTIxlwTN5iqSXgHgqJcjfvzA2h1I_9gTtybYfVGf_3Li37cxVleSHnWAoB4mBv48AkqFU-KbVc4P3xbTr8YUXIelW10fglW4DsW7AVrI_lJZCORoWNBd3dCI8wzccSxX6zUSD1wKdeg_Ye6d_0ajGR2Sh3k0D3XGZb6bAbGj-aVn3sKVQ2bLmfShN7DLV2WnE88wPaElSMAaptOY713aO9LQ2HfkKHHLfqK37kdQPUtOOzrb9RID0laEzG-JObso3JoSwpLTBY4pLJKAUtHyP2gMtU_-9jrQE7onFdlH057mMSGS6G-6v63nHADe7zHkjzG0OOifxUH4T3HcIw8SYBjFA4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHE6gDeSY_X8Kc2EywWUq6EIyZ7SsVzN8eLdiAHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCwQoab7upsT6oAwGqBIoCT9B3TJYV4qjN9hvSZLMmtg1BYqS0_kmomM8HKdSv9nDUuyOhbJU1Ce2MIHt3b9iD6y7dRWocfwDtyY55nYqOBqVnw5wMTcWP4EXKxqRmhSkErZGzLVBCpTGcahylJDhbSGEMKFBcDgEG3_RhFosdU7qc_NqQVuB4MGZhT7mTfixUSJzEHM-a4xNrIgYVEnPFdIBxC7MtAGZIqEZgYeXY8VC4weefyCXQZmrfmSHDOXz1NQfgvjeOebNd_QxTpFp57Yxigx5gwmXA6CaFnrFas4qm47e6pUPuingXO4BNQLQsy8-djEL_MRlSCe0TgMpqIh7YfZhwuR218j6LfHhlSrvYan4_vWwoNN-ABpm8s62i-biBMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lqhJi8Mzilbitz8qwiIxhBRWbwQ%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y5I3gAAKfnUKssJNAAhVlIx86eSnUeHEhni4nQ&u=%7CAjlH3p4wNorT%2BPNQzTZ8GdJIkptR88EtId87uWCiNHY%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhSGSdsW3ImLE_K3Myq7u3aQmlmx1_Lyi5Iu57RufowcgZ3oZmObf3P7R0iVWBzAKOFM_WW3FL-Gi4KAkN8XgwgzgF8ViP1azcZtLTlHH6Pr-o2uZr34Fo4RG9_xtH7ck_D-Zasc-aUrhTc_dD7QruTrfaG1YxrTIxlwTN5iqSXgHgqJcjfvzA2h1I_9gTtybYfVGf_3Li37cxVleSHnWAoB4mBv48AkqFU-KbVc4P3xbTr8YUXIelW10fglW4DsW7AVrI_lJZCORoWNBd3dCI8wzccSxX6zUSD1wKdeg_Ye6d_0ajGR2Sh3k0D3XGZb6bAbGj-aVn3sKVQ2bLmfShN7DLV2WnE88wPaElSMAaptOY713aO9LQ2HfkKHHLfqK37kdQPUtOOzrb9RID0laEzG-JObso3JoSwpLTBY4pLJKAUtHyP2gMtU_-9jrQE7onFdlH057mMSGS6G-6v63nHADe7zHkjzG0OOifxUH4T3HcIw8SYBjFA4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmHE6gDeSY_X8Kc2EywWUq6EIyZ7SsVzN8eLdiAHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCwQoab7upsT6oAwGqBIoCT9B3TJYV4qjN9hvSZLMmtg1BYqS0_kmomM8HKdSv9nDUuyOhbJU1Ce2MIHt3b9iD6y7dRWocfwDtyY55nYqOBqVnw5wMTcWP4EXKxqRmhSkErZGzLVBCpTGcahylJDhbSGEMKFBcDgEG3_RhFosdU7qc_NqQVuB4MGZhT7mTfixUSJzEHM-a4xNrIgYVEnPFdIBxC7MtAGZIqEZgYeXY8VC4weefyCXQZmrfmSHDOXz1NQfgvjeOebNd_QxTpFp57Yxigx5gwmXA6CaFnrFas4qm47e6pUPuingXO4BNQLQsy8-djEL_MRlSCe0TgMpqIh7YfZhwuR218j6LfHhlSrvYan4_vWwoNN-ABpm8s62i-biBMaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lqhJi8Mzilbitz8qwiIxhBRWbwQ%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 19:14:09 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=MnHhE9cBwSGAqJESxc8yVWRWQl2I0xeaUrHrT3aTPBUyF61JamENWFBJBWBiqV33WQr-6YvQ98tNt-mPrcVkaejml2-Zj9lTrss5KDwTP9prSefz3gVqHfYlZYCG2KMT8_m_Y8CI5a_3iSsgkfwpebrfE64HumZ8lvJYPBGJZ4vVcxHyvybOZNCfeN-u8yZcehaGKt9elPLB9D0trrZdDRlVuYUVQ7FrcwVstIBNFCevDSbM-HbgbsFdmL5qOHhXZZxfdw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 111688759
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2