r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2242
Expires: Wed, 07 Dec 2022 06:02:29 GMT
Date: Wed, 07 Dec 2022 05:25:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1384
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:07 GMT
Last-Modified: Wed, 07 Dec 2022 05:02:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 05:20:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 279
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2244
Expires: Wed, 07 Dec 2022 06:02:31 GMT
Date: Wed, 07 Dec 2022 05:25:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: P7gC4PsHvWLw5q0NAkTpfpVCcNfsfLzwDAGqzcyaTlJcfi5s9lFniCbz8M+Onn29bj8qjtShjwU=
x-amz-request-id: 57ZC38PH3CDV4MT0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 04:47:22 GMT
age: 2265
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:25:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bookworm-bilgeadam.blogspot.com/2012/12/ne-talihli-basn-varms.html?spref=tw
172.217.21.161200 OK 17 kB URL HTTP/1.1 bookworm-bilgeadam.blogspot.com/2012/12/ne-talihli-basn-varms.html?spref=tw
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5362)
Hash 073553d0c2c7e17129172ccf810af646
2ef2891b4b69702239a598568c400fe0c92742c0
0066d52870c99825f07f6cae95d55f9fd660db11f56ea2c75e39d2999813a1f4
GET /2012/12/ne-talihli-basn-varms.html?spref=tw HTTP/1.1
Host: bookworm-bilgeadam.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 07 Dec 2022 05:25:07 GMT
Date: Wed, 07 Dec 2022 05:25:07 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 05 Dec 2022 13:01:25 GMT
ETag: W/"6d8aa58b1169bd06e1df3a22d5eeb2a76df61e12309cae748716b5102797e1ed"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 16873
Server: GSE
bookworm-bilgeadam.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 bookworm-bilgeadam.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: bookworm-bilgeadam.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/2012/12/ne-talihli-basn-varms.html?spref=tw
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Wed, 14 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 06 Dec 2022 18:52:37 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.2200 OK 36 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (3577)
Hash 6e8229c199cbcf21341c0f992cbe0846
d05abc4d581a1d0935e2b4d15a1e39f25ef49ed3
7776703114729432d477261b6d8ea0e84a3fc887566f549a7c98e7ebc4272df6
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Wed, 07 Dec 2022 05:25:07 GMT
Expires: Wed, 07 Dec 2022 05:25:07 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 3582047799839601548
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36236
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 21:47:55 GMT
expires: Wed, 06 Dec 2023 21:47:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 21:53:25 GMT
content-type: text/css
age: 27433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_email.gif
216.58.207.233200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:19:21 GMT
expires: Tue, 13 Dec 2022 14:19:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 07:54:23 GMT
content-type: image/gif
age: 54347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/arrow_dropdown.gif
216.58.207.233200 OK 141 B URL HTTP/2 resources.blogblog.com/img/widgets/arrow_dropdown.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 13 x 10\012- data
Hash 2964a07d60a4e76b299130fb1b4115f6
3b72dcc19f3ad685513eaba612e07e0ed495f2e1
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
GET /img/widgets/arrow_dropdown.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:06:05 GMT
expires: Tue, 13 Dec 2022 15:06:05 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 01:53:22 GMT
content-type: image/gif
age: 51543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon_feed12.png
216.58.207.233200 OK 500 B URL HTTP/2 resources.blogblog.com/img/icon_feed12.png
IP 216.58.207.233:0
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 44e7355a788fd1082deff0018883758e
50e3a28a44978e85d13c30522e0c71c8d0b24675
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
GET /img/icon_feed12.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:00:15 GMT
expires: Tue, 13 Dec 2022 14:00:15 GMT
cache-control: public, max-age=604800
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: image/png
age: 55493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-yahoo.png
216.58.207.233200 OK 580 B URL HTTP/2 resources.blogblog.com/img/widgets/subscribe-yahoo.png
IP 216.58.207.233:0
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash 79f602b6ac18bee79b4e2353a6674010
28accf82263aa1a11bb821439d4d185865662530
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
GET /img/widgets/subscribe-yahoo.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 10:41:41 GMT
expires: Tue, 13 Dec 2022 10:41:41 GMT
cache-control: public, max-age=604800
last-modified: Mon, 05 Dec 2022 10:54:49 GMT
content-type: image/png
age: 67407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-netvibes.png
216.58.207.233200 OK 1.4 kB URL HTTP/2 resources.blogblog.com/img/widgets/subscribe-netvibes.png
IP 216.58.207.233:0
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash c52a5f4ecb6be5d7e93b23ef4122ee4e
4e698a5f455daf3a8ea1e219b1998079f0546716
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
GET /img/widgets/subscribe-netvibes.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 21:58:30 GMT
expires: Tue, 13 Dec 2022 21:58:30 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 10:54:03 GMT
content-type: image/png
age: 26798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:05 GMT
expires: Wed, 06 Dec 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: text/javascript
age: 56463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3qmX-L--iRzHWCGh01e4mJjlNVbtgxKynTXGA4U-Y6vbzzLb0QoL4WiwDV8AzFB034WWU9G-wgiGKzyrQ3iq-tn4x121fJytK7yGYmUe28l9rtYw1vCItGN63hMXBNt8j8RcpA4PqFs-IracvqqHK3O8d1AiOFoMxYEPTbl5d8FxeBDPbD_g=w72-h72-p-k-no-nu
142.250.74.97200 OK 3.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3qmX-L--iRzHWCGh01e4mJjlNVbtgxKynTXGA4U-Y6vbzzLb0QoL4WiwDV8AzFB034WWU9G-wgiGKzyrQ3iq-tn4x121fJytK7yGYmUe28l9rtYw1vCItGN63hMXBNt8j8RcpA4PqFs-IracvqqHK3O8d1AiOFoMxYEPTbl5d8FxeBDPbD_g=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash cbbbf3bb7b15b7eead3c8e6c4ab9c0c9
9697069ea0a0bc837032f2a8f591b8494ef87b5c
a3f8833d2726dd727cfe193d4d8c4a29c95af093216cda7c6cffaede370040fb
GET /blogger_img_proxy/ANbyha3qmX-L--iRzHWCGh01e4mJjlNVbtgxKynTXGA4U-Y6vbzzLb0QoL4WiwDV8AzFB034WWU9G-wgiGKzyrQ3iq-tn4x121fJytK7yGYmUe28l9rtYw1vCItGN63hMXBNt8j8RcpA4PqFs-IracvqqHK3O8d1AiOFoMxYEPTbl5d8FxeBDPbD_g=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Dec 2022 05:25:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 05:25:08 GMT
server: fife
content-length: 3345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 157 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Size 157 kB (156915 bytes)
Hash 64d62574443f9d2148012af05abf60ac
16fc9b9b71eb94dbfdc15da12e9b3f21dfe1636e
c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 156915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:43:30 GMT
expires: Wed, 06 Dec 2023 05:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 08:51:54 GMT
content-type: text/javascript
age: 85298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2l7SmDCIxOJvusXBM_1zua0wl3e3YT9gTkI-rgNr0l0zq7yd4lC3ezGj8UL088UyCWxy5RC8EEmIwpjP4MmIiaMr4XsezJJYE7S-_u9fZ_BmFIUxASFiyq6JqStey36p_7ey4AMDk=w72-h72-p-k-no-nu
142.250.74.97200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2l7SmDCIxOJvusXBM_1zua0wl3e3YT9gTkI-rgNr0l0zq7yd4lC3ezGj8UL088UyCWxy5RC8EEmIwpjP4MmIiaMr4XsezJJYE7S-_u9fZ_BmFIUxASFiyq6JqStey36p_7ey4AMDk=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash c93badb9263932a542f357a467ac584a
977c236de2c637e3456393655d998cd739c7ffcb
2e3f73ea041dc4def75bc3dccb6f4587916f0e8b3000b2fa63f9ae38b3166e52
GET /blogger_img_proxy/ANbyha2l7SmDCIxOJvusXBM_1zua0wl3e3YT9gTkI-rgNr0l0zq7yd4lC3ezGj8UL088UyCWxy5RC8EEmIwpjP4MmIiaMr4XsezJJYE7S-_u9fZ_BmFIUxASFiyq6JqStey36p_7ey4AMDk=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Dec 2022 05:25:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 05:25:08 GMT
server: fife
content-length: 3086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-qImFTs0DKKQ/Umv3TIqzuOI/AAAAAAAADic/3rpggnWvcWQ/w72-h72-p-k-no-nu/kitap-okumak.jpg
142.250.74.161200 OK 4.9 kB URL HTTP/1.1 1.bp.blogspot.com/-qImFTs0DKKQ/Umv3TIqzuOI/AAAAAAAADic/3rpggnWvcWQ/w72-h72-p-k-no-nu/kitap-okumak.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 49580bf15d6c9cd5b8571621b4e8141c
8e889626f8507eebff70a7e5c74c7348a364c64d
3424d8286f316866dad95f4686bb070e35be4ee7c12cb0975bb159731208b7ae
GET /-qImFTs0DKKQ/Umv3TIqzuOI/AAAAAAAADic/3rpggnWvcWQ/w72-h72-p-k-no-nu/kitap-okumak.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kitap-okumak.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4949
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Wed, 07 Dec 2022 06:09:54 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "ve28"
Content-Type: image/jpeg
Age: 0
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1mcQn5lk3okuY1GOEwOuId6Te4sbYeY7h51nUnnALaJf0Y8_0UpAfa4MQQC36YZmNo1qTkojb3YoDBdHnQLFzIjJtBMnYRsB4xst_WOTVLEIOzXGYlhTuRjT8=w72-h72-p-k-no-nu
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1mcQn5lk3okuY1GOEwOuId6Te4sbYeY7h51nUnnALaJf0Y8_0UpAfa4MQQC36YZmNo1qTkojb3YoDBdHnQLFzIjJtBMnYRsB4xst_WOTVLEIOzXGYlhTuRjT8=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash c313c4f656ce6b4985b819f162cc2bcf
ee484416be0561d5c4259e6a6cb69d4787ce394f
52d655bb4db59ed388875c36eab77d8a0e4d782e5a72c7ab83582225978f9455
GET /blogger_img_proxy/ANbyha1mcQn5lk3okuY1GOEwOuId6Te4sbYeY7h51nUnnALaJf0Y8_0UpAfa4MQQC36YZmNo1qTkojb3YoDBdHnQLFzIjJtBMnYRsB4xst_WOTVLEIOzXGYlhTuRjT8=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Dec 2022 05:25:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 05:25:08 GMT
server: fife
content-length: 3808
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1IK_V1INkD3IiI_1XtbDsybjJb-PCTxW-QYRTIwP-ncml0iEKEi_5Y1Z2WKxgRmAIf2CPxWVeEfWhBQToqM-x_OK-pYtMQQHo7Gvelc41WMEmIQKGhx1BP9sqyGrz7f4Q4eH8Fs0lKxWS-8g=w72-h72-p-k-no-nu
142.250.74.97404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1IK_V1INkD3IiI_1XtbDsybjJb-PCTxW-QYRTIwP-ncml0iEKEi_5Y1Z2WKxgRmAIf2CPxWVeEfWhBQToqM-x_OK-pYtMQQHo7Gvelc41WMEmIQKGhx1BP9sqyGrz7f4Q4eH8Fs0lKxWS-8g=w72-h72-p-k-no-nu
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash bc82f2243c3b2ed75d6b017b5351a58a
1753e9757e1dca52208afe41d1785bcd645663c3
3d29779698c9f71cfb335c091f07dc937450f7e49668b17c788b41075efe7d9a
GET /blogger_img_proxy/ANbyha1IK_V1INkD3IiI_1XtbDsybjJb-PCTxW-QYRTIwP-ncml0iEKEi_5Y1Z2WKxgRmAIf2CPxWVeEfWhBQToqM-x_OK-pYtMQQHo7Gvelc41WMEmIQKGhx1BP9sqyGrz7f4Q4eH8Fs0lKxWS-8g=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 05:25:08 GMT
server: fife
content-length: 1747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.2200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (4885)
Hash a0fcbc68d45a46046a11d6c10a2a68e8
24c332fe7db3ce8d59185219d4ed1e93c8288b42
54ac9804523d29cae8751df78ba01133241435a448d2c5dd9090d6cb4c4968fe
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 3591143147774140858
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 52323
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3f844a67fba8889a6b2a6da09b8bdb14
6ba076ed0091144165ae9a850d76a15fa920ee0f
bfff84a114e777161054a146a62fb820f58478e79a586d0259fab07bcbc18d23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bumerang.hurriyet.com.tr/show_ads.js
83.66.162.14200 OK 1.2 kB URL HTTP/1.1 bumerang.hurriyet.com.tr/show_ads.js
IP 83.66.162.14:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with CRLF line terminators
Hash efafc786c6b70e2f6dd9793187cf96b8
ec35f24abf100ae3382ffe944407cd13576e8299
e1b4bbbe35c54d33512a263265e34cd7035a31bfffd400be82b8570dfe78619c
GET /show_ads.js HTTP/1.1
Host: bumerang.hurriyet.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Thu, 04 Aug 2016 14:47:25 GMT
Accept-Ranges: bytes
ETag: "8261811d5feed11:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
XSrv: BOOM01
Date: Wed, 07 Dec 2022 05:25:04 GMT
Content-Length: 1195
Set-Cookie: NSC_JOgbbvpgeocp2mkbisummyespuwpmbq=ffffffffd6fb0e0b45525d5f4f58455e445a4a423661;path=/
1.bp.blogspot.com/-jjAXEjIDro0/URulzNLVHCI/AAAAAAAADBQ/lhzHEdjl4gs/w72-h72-p-k-no-nu/can+s%C4%B1k%C4%B1nt%C4%B1s%C4%B1.jpg
142.250.74.161200 OK 2.5 kB URL HTTP/1.1 1.bp.blogspot.com/-jjAXEjIDro0/URulzNLVHCI/AAAAAAAADBQ/lhzHEdjl4gs/w72-h72-p-k-no-nu/can+s%C4%B1k%C4%B1nt%C4%B1s%C4%B1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 36f16f09a5115ffed779db71133f0710
ce3ea0e6716770c580959d62c7c285bdd31632d5
859cd33d4518e807061488fdfa08a55708739ae88633328346574688899a1520
GET /-jjAXEjIDro0/URulzNLVHCI/AAAAAAAADBQ/lhzHEdjl4gs/w72-h72-p-k-no-nu/can+s%C4%B1k%C4%B1nt%C4%B1s%C4%B1.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="can s_k_nt_s_.jpg";filename*=UTF-8''can%20s%C4%B1k%C4%B1nt%C4%B1s%C4%B1.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2526
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Wed, 07 Dec 2022 06:09:53 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vc14"
Content-Type: image/jpeg
Age: 0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-c7gXQjyGiCg/UJtSyQZwyKI/AAAAAAAACxQ/RP3Q7LIyPZ4/s80/anatomy.gif
142.250.74.161200 OK 9.4 kB URL HTTP/1.1 3.bp.blogspot.com/-c7gXQjyGiCg/UJtSyQZwyKI/AAAAAAAACxQ/RP3Q7LIyPZ4/s80/anatomy.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 80 x 67\012- data
Hash c623657241ae3b196a536deff4f2c2a3
2691e12c46d950a22c3a228e1897ef6002689469
344a085a5778689f03282da04e55d535de1f32a6775eb251576056f5b4500621
GET /-c7gXQjyGiCg/UJtSyQZwyKI/AAAAAAAACxQ/RP3Q7LIyPZ4/s80/anatomy.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="anatomy.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 9363
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Sat, 03 Dec 2022 12:48:21 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vdd7"
Content-Type: image/gif
Age: 0
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 07 Dec 2022 05:25:08 GMT
expires: Wed, 07 Dec 2022 05:25:08 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-u8haA9t7CWE/TwB9N6UiBKI/AAAAAAAABHE/O0nRTJhX8Sk/w72-h72-p-k-no-nu/en+g%25C3%25BCzel+kitap+oku.jpg
142.250.74.161200 OK 5.0 kB URL HTTP/1.1 1.bp.blogspot.com/-u8haA9t7CWE/TwB9N6UiBKI/AAAAAAAABHE/O0nRTJhX8Sk/w72-h72-p-k-no-nu/en+g%25C3%25BCzel+kitap+oku.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d959c4c88baf56ba285135a00eedf0c0
22d40e06fe2d669f3dbffb02330cc938f78134f6
a8e12299bb04d2c44b4afdb99d76de3ed90f4864238fffa2a8340d653e2ade78
GET /-u8haA9t7CWE/TwB9N6UiBKI/AAAAAAAABHE/O0nRTJhX8Sk/w72-h72-p-k-no-nu/en+g%25C3%25BCzel+kitap+oku.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="en g_zel kitap oku.jpg";filename*=UTF-8''en%20g%C3%BCzel%20kitap%20oku.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5015
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Sat, 03 Dec 2022 12:48:21 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v471"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/-EScL_Altdg4/UJu4ry_v2GI/AAAAAAAACyU/hnVRj4iSpsY/s1600/Ba%25C5%259Fl%25C4%25B1k.jpg
142.250.74.161200 OK 40 kB URL HTTP/1.1 4.bp.blogspot.com/-EScL_Altdg4/UJu4ry_v2GI/AAAAAAAACyU/hnVRj4iSpsY/s1600/Ba%25C5%259Fl%25C4%25B1k.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 965x150, components 3\012- data
Hash a50201e83f86a2ea09ade682f7444f33
abfde01b7800ee92e418138b6db6d4ae5b9cb5b8
9e1e16a2acb473427c3a370bb7f36ba7770397706f5e4ce3f65747c4e4311f0a
GET /-EScL_Altdg4/UJu4ry_v2GI/AAAAAAAACyU/hnVRj4iSpsY/s1600/Ba%25C5%259Fl%25C4%25B1k.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Ba_l_k.jpg";filename*=UTF-8''Ba%C5%9Fl%C4%B1k.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 39837
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Thu, 01 Dec 2022 02:44:43 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vb25"
Content-Type: image/jpeg
Age: 0
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.2200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.2:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 19:51:21 GMT
Expires: Tue, 20 Dec 2022 19:51:21 GMT
Cache-Control: public, max-age=1209600
Age: 34427
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.46200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.46:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:07 GMT
expires: Wed, 06 Dec 2023 13:44:07 GMT
cache-control: public, max-age=31536000
age: 56461
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-6MrBShV8Cv0/Umv4jn59laI/AAAAAAAADio/SFjK-u0QZCY/s1600/nerelerde_kitap_okunur.jpg
142.250.74.161200 OK 24 kB URL HTTP/1.1 1.bp.blogspot.com/-6MrBShV8Cv0/Umv4jn59laI/AAAAAAAADio/SFjK-u0QZCY/s1600/nerelerde_kitap_okunur.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 245x372, components 3\012- data
Hash 236d5a35ee196634d6618435be21e5a1
ce5221e81ca6a3b7d195a04009e8d28f14d1c18c
82348a8f23dc69296e399f9e8073dcbe4e265e8e8a7b4e0b06aeb4da8d366f26
GET /-6MrBShV8Cv0/Umv4jn59laI/AAAAAAAADio/SFjK-u0QZCY/s1600/nerelerde_kitap_okunur.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="nerelerde_kitap_okunur.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 23635
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Wed, 07 Dec 2022 06:09:54 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "ve2b"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/-YHtWiPnE-Cs/TLQ5xxjyGgI/AAAAAAAAAY4/6yNpEqf6Pgo/w72-h72-p-k-no-nu/kitap-oku.jpg
142.250.74.161200 OK 3.1 kB URL HTTP/1.1 1.bp.blogspot.com/-YHtWiPnE-Cs/TLQ5xxjyGgI/AAAAAAAAAY4/6yNpEqf6Pgo/w72-h72-p-k-no-nu/kitap-oku.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ac3f4df0da2ce5b690bc60ec031c74fd
43e53edaa32b7a59e89f3b0b0ceacded3e90a1a7
e05ca378e82578b751fc4561442f8f1c646d7a157df2f5e67bc564bb8b810a6a
GET /-YHtWiPnE-Cs/TLQ5xxjyGgI/AAAAAAAAAY4/6yNpEqf6Pgo/w72-h72-p-k-no-nu/kitap-oku.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kitap-oku.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3135
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Sat, 03 Dec 2022 12:48:21 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v18e"
Content-Type: image/jpeg
Age: 0
www.blogblog.com/1kt/awesomeinc/tabs_gradient_light.png
216.58.207.233200 OK 182 B URL HTTP/1.1 www.blogblog.com/1kt/awesomeinc/tabs_gradient_light.png
IP 216.58.207.233:0
File type PNG image data, 20 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash a3c2c1c288eca66ee27f75ea41dcd96f
77dbd443ccabca3cfb43a48a2ccb44f752f5a77a
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
GET /1kt/awesomeinc/tabs_gradient_light.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 182
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 12:40:23 GMT
Expires: Tue, 13 Dec 2022 12:40:23 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 06 Dec 2022 04:51:45 GMT
Content-Type: image/png
Age: 60285
logo.onlinewebstat.com/logo/c.gif
217.195.203.216200 OK 613 B URL HTTP/1.1 logo.onlinewebstat.com/logo/c.gif
IP 217.195.203.216:0
ASN #20649 FS Veri Merkezi Internet Teknolojileri Limited Sirketi
File type GIF image data, version 89a, 20 x 14\012- data
Hash 71568e3bef1945b53531d1e7d64e60db
0ea4fd52ba859aed188a7ac646a1bb926a84bbb7
88a9b0fd0969e4815f0465824311b1c015dfd93c326b627ce5b10e8104b42f5f
GET /logo/c.gif HTTP/1.1
Host: logo.onlinewebstat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 05:25:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Thu, 27 Sep 2007 15:42:10 GMT
ETag: "270-43b1fd034f880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 613
Connection: close
Content-Type: image/gif
sayac.onlinewebstat.com/c.js
217.195.203.216200 OK 2.4 kB URL HTTP/1.1 sayac.onlinewebstat.com/c.js
IP 217.195.203.216:0
ASN #20649 FS Veri Merkezi Internet Teknolojileri Limited Sirketi
File type ASCII text, with CRLF line terminators
Hash 93e259972860a0e13edf59ab0ac01fbc
e5c790c39dca158666bfa94013512ec579042557
a98c5155f8586678344d1c2a312e8098bf72dcc832a5b0c15406c44ed19a7d94
GET /c.js HTTP/1.1
Host: sayac.onlinewebstat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 05:25:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Sun, 18 Jan 2015 06:57:45 GMT
ETag: "251e-50ce7b90a6c40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2418
Connection: close
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7168214029370425&plah=bookworm-bilgeadam.blogspot.com&bust=31071114
142.250.74.2200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7168214029370425&plah=bookworm-bilgeadam.blogspot.com&bust=31071114
IP 142.250.74.2:0
File type ASCII text, with very long lines (5918)
Size 120 kB (119961 bytes)
Hash 133073057fd7f1f5ff20ddecaae2519b
07afd98cc494b67f38ea0a202e1da3167bbb1d3b
57bf69f7ddcc38f97cd3fcf7799ae96c6af7937205b15e22e2f5c658a8cbdd9c
GET /pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7168214029370425&plah=bookworm-bilgeadam.blogspot.com&bust=31071114 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Dec 2022 05:25:08 GMT
expires: Wed, 07 Dec 2022 05:25:08 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 16007334495363402066
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119961
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
216.58.211.2200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221129/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:44:30 GMT
expires: Wed, 21 Dec 2022 03:44:30 GMT
cache-control: public, max-age=1209600
age: 6038
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 05:11:20 GMT
cache-control: public,max-age=3600
age: 828
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/img/logo-16.png
216.58.207.233200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 216.58.207.233:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 07:09:35 GMT
Expires: Tue, 13 Dec 2022 07:09:35 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 05 Dec 2022 06:50:28 GMT
Content-Type: image/png
Age: 80133
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
217.195.203.216/analiz.gif?user=bookwormbilgeadam&wnos=99&wnobr=31&k=ccyes&agent=Mozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0%2529%2520Gecko/20100101%2520Firefox/105.0&l=http%3A//bookworm-bilgeadam.blogspot.com/2012/12/ne-talihli-basn-varms.html%3Fspref%3Dtw&w=1280&h=1024&n=1&ce=true&r=0.4849647014358577&ns=1
217.195.203.216200 OK 43 B URL HTTP/1.1 217.195.203.216/analiz.gif?user=bookwormbilgeadam&wnos=99&wnobr=31&k=ccyes&agent=Mozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0%2529%2520Gecko/20100101%2520Firefox/105.0&l=http%3A//bookworm-bilgeadam.blogspot.com/2012/12/ne-talihli-basn-varms.html%3Fspref%3Dtw&w=1280&h=1024&n=1&ce=true&r=0.4849647014358577&ns=1
IP 217.195.203.216:0
ASN #20649 FS Veri Merkezi Internet Teknolojileri Limited Sirketi
File type GIF image data, version 89a, 1 x 1\012- data
Hash ff8a32564f433c5abbc7c446ade8802c
66dd592e78f6536f10986695527e16b7b1e1e391
48a4d21a5b9c82c4bda4b48532965ecc561f32212403de37e2359e6ff7857071
Analyzer Verdict Alert quad9 Sinkholed
GET /analiz.gif?user=bookwormbilgeadam&wnos=99&wnobr=31&k=ccyes&agent=Mozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0%2529%2520Gecko/20100101%2520Firefox/105.0&l=http%3A//bookworm-bilgeadam.blogspot.com/2012/12/ne-talihli-basn-varms.html%3Fspref%3Dtw&w=1280&h=1024&n=1&ce=true&r=0.4849647014358577&ns=1 HTTP/1.1
Host: 217.195.203.216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 05:25:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Pragma: no-cache
Cache-Control: max-age=0, no-store, no-cache, must-revalidate
Expires: Thu, 1 Jan 1970 00:00:00 GMT
Connection: close
Vary: User-Agent
Content-Length: 43
Content-Type: image/gif
bumerangeski.boomads.com/showadvert.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074&ctype=58
213.243.16.160200 OK 339 B URL HTTP/1.1 bumerangeski.boomads.com/showadvert.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074&ctype=58
IP 213.243.16.160:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with no line terminators
Hash ad85ada71f79ce3d7f9287c6cb929636
a5fdd34a3d80b8a17b37ded463fec8cc6cdfd11d
f9f48eb70f0c6ad075c74703b78991a9572efd74f12b80e43ef0a2cc6b7befa5
GET /showadvert.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074&ctype=58 HTTP/1.1
Host: bumerangeski.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=windows-1254
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: HurriyetNewSiteUser=RequestURL=http://bumerangeski.boomads.com/showadvert.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074&ctype=58; expires=Tue, 06-Dec-2022 05:25:05 GMT; path=/
ASP.NET_SessionId=0qdsvilstq0xbvziwyp05ca4; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTEX=9b26f84b-dfe6-409c-b38f-da4814564074=1; expires=Thu, 08-Dec-2022 05:25:05 GMT; path=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Wed, 07 Dec 2022 05:25:05 GMT
Content-Length: 339
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1372
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Last-Modified: Wed, 07 Dec 2022 05:02:16 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 04:41:08 GMT
expires: Wed, 07 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 2640
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=7477769263351366370&zx=9ed5684f-5238-424b-bcd4-a34bec835351
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7477769263351366370&zx=9ed5684f-5238-424b-bcd4-a34bec835351
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=7477769263351366370&zx=9ed5684f-5238-424b-bcd4-a34bec835351 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Dec 2022 05:25:08 GMT
last-modified: Wed, 07 Dec 2022 05:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 05:25:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=bookworm-bilgeadam.blogspot.com&callback=_gfp_s_&client=ca-pub-7168214029370425&gpid_exp=1
216.58.207.194200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=bookworm-bilgeadam.blogspot.com&callback=_gfp_s_&client=ca-pub-7168214029370425&gpid_exp=1
IP 216.58.207.194:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 42546461e0be87da87ff5838222f671c
9f53254c289b2d50665aef0d7d8c560260c06f78
5cb9ffd447e1e6d9f79349e1d2e405e82b20e9e3cd7fa7af09ec0e3c31446034
GET /gampad/cookie.js?domain=bookworm-bilgeadam.blogspot.com&callback=_gfp_s_&client=ca-pub-7168214029370425&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 05:25:08 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 05:25:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bumerangeski.boomads.com/templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074
213.243.16.160200 OK 2.8 kB URL HTTP/1.1 bumerangeski.boomads.com/templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074
IP 213.243.16.160:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (1108), with CRLF line terminators
Hash b09f5628ac630cc5e74c6de39da18663
077b2bdf53b1ad12e650f600b1b5d6071eefdb80
946fd3cdf8fb1e7a307e8aa794d8b73eeeb33de9edeed63056ec5758c5488f8b
GET /templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074 HTTP/1.1
Host: bumerangeski.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bumerangeski.boomads.com/showadvert.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074&ctype=58
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=windows-1254
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
Set-Cookie: HurriyetNewSiteUser=RequestURL=http://bumerangeski.boomads.com/templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074; expires=Tue, 06-Dec-2022 05:25:05 GMT; path=/
ASP.NET_SessionId=1vm0heisqim4eixzhlxwnt0j; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Wed, 07 Dec 2022 05:25:05 GMT
Content-Length: 2825
bookworm-bilgeadam.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmC8I_eniVKavqXnGZBy3xuIZuMGuKrKsIJCKfkg_HB-QK913N-io5TNJWS_UmUShnXn36z0NIXkMe_YEUc3ni_kF5KDHA
172.217.21.161200 OK 251 B URL HTTP/1.1 bookworm-bilgeadam.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmC8I_eniVKavqXnGZBy3xuIZuMGuKrKsIJCKfkg_HB-QK913N-io5TNJWS_UmUShnXn36z0NIXkMe_YEUc3ni_kF5KDHA
IP 172.217.21.161:0
File type JSON data\012- , ASCII text, with very long lines (394), with no line terminators
Hash 3b85672fcf1fdc6e3d674caa72483d79
588a85424ebbe15f699431ae9b220eff933042c9
7794c41eb550b7ae4a246e445dcbd7f37b8e511cfaafc1161a32d555bbc85951
GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmC8I_eniVKavqXnGZBy3xuIZuMGuKrKsIJCKfkg_HB-QK913N-io5TNJWS_UmUShnXn36z0NIXkMe_YEUc3ni_kF5KDHA HTTP/1.1
Host: bookworm-bilgeadam.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/2012/12/ne-talihli-basn-varms.html?spref=tw
Cookie: cwou_bookwormbilgeadam=1670390708; bwou_bookwormbilgeadam=1670390708; woubookwormbilgeadam=t
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 05:25:08 GMT
Expires: Wed, 07 Dec 2022 05:25:08 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 251
Server: GSE
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /AKnMNb4W14ae5iu0hl1Rg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kx+i2X3JvFlDpOL2rf0CeGpoqME=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
216.58.207.228200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 216.58.207.228:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 07 Dec 2022 05:25:09 GMT
date: Wed, 07 Dec 2022 05:25:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+303; expires=Fri, 06-Dec-2024 05:25:09 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 05:25:09 GMT
cache-control: private
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=bookworm-bilgeadam.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 05:25:09 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bumerangeski.boomads.com/styles/ads.css
213.243.16.160200 OK 2.7 kB URL HTTP/1.1 bumerangeski.boomads.com/styles/ads.css
IP 213.243.16.160:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (545), with CRLF line terminators
Hash 7c6b613326b653f457ea18a1021d0787
e87ec524338257fd33b0680847c578e908b39cad
1dcd77f26a60f337ba20a8a54dd3c697e77ac54f07e7d48ddfab994e6a09cdc7
GET /styles/ads.css HTTP/1.1
Host: bumerangeski.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bumerangeski.boomads.com/templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sat, 22 Sep 2012 15:53:35 GMT
Accept-Ranges: bytes
ETag: "80693f6cda98cd1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Wed, 07 Dec 2022 05:25:05 GMT
Content-Length: 2725
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.78200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=PrfLuZdLrpKQlJWOL3NdkAg9sMEUD139vieD1WKBCFbZ7gC3zhX6nGKcomIYMZI04-kAKJDWIjE4fbisjqfiCbZH95fTQkXmFJ85ZWRiv7c0eXZOqcwhPbPSZkSlgcCnGhCxhDsQKa2Tg5Ih-bPXQl57FCTx-exFu8CFyPar6Tg; expires=Thu, 08-Jun-2023 05:25:09 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+632; expires=Fri, 06-Dec-2024 05:25:09 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 05:25:09 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bumerangeski.boomads.com/images/spacer.gif
213.243.16.160200 OK 43 B URL HTTP/1.1 bumerangeski.boomads.com/images/spacer.gif
IP 213.243.16.160:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /images/spacer.gif HTTP/1.1
Host: bumerangeski.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bumerangeski.boomads.com/templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Fri, 21 May 2010 06:38:30 GMT
Accept-Ranges: bytes
ETag: "9a3fe939b0f8ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Wed, 07 Dec 2022 05:25:05 GMT
Content-Length: 43
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b218837598d632ac2441c7b16dfdb86c
27c7aea0185cf6dafc8df7f701f56d7ef3d9c336
d2c3e31ab147455ca2b7f94249e880572a5ea592c38ca847b8def2d293975680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b218837598d632ac2441c7b16dfdb86c
27c7aea0185cf6dafc8df7f701f56d7ef3d9c336
d2c3e31ab147455ca2b7f94249e880572a5ea592c38ca847b8def2d293975680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bumerangeski.boomads.com/images/ads/s_yesil_02.gif
213.243.16.160200 OK 1.3 kB URL HTTP/1.1 bumerangeski.boomads.com/images/ads/s_yesil_02.gif
IP 213.243.16.160:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 1 x 24\012- data
Hash ef48574fa8efe62c1bad08f07e40424c
28abdbc5e24e5784223a13e4536e655e30cdfac1
81a64667790d4348f62efbb14029585678c18aab327c1ce902ffee4aa31097f2
GET /images/ads/s_yesil_02.gif HTTP/1.1
Host: bumerangeski.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bumerangeski.boomads.com/templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 18 Oct 2010 09:09:01 GMT
Accept-Ranges: bytes
ETag: "f6bbbc1aa46ecb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Wed, 07 Dec 2022 05:25:05 GMT
Content-Length: 1261
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 11:03:19 GMT
expires: Wed, 06 Dec 2023 11:03:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 66110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1532)
Hash 8b96e824b8c6b3b385a1876ef7973762
0ff92f9095d3945911b72a8259512a97967783a7
e707746d4baf394759dc9adb8839a736ae7fb901a8e9198c84277b0436f4eb4b
GET /pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7443
x-xss-protection: 0
date: Wed, 07 Dec 2022 01:58:12 GMT
expires: Wed, 21 Dec 2022 01:58:12 GMT
cache-control: public, max-age=1209600
age: 12417
etag: 629801499763588852
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bumerangeski.boomads.com/images/ads/s_yesil_bg.gif
213.243.16.160200 OK 4.0 kB URL HTTP/1.1 bumerangeski.boomads.com/images/ads/s_yesil_bg.gif
IP 213.243.16.160:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 180 x 29\012- data
Hash 1df7c6c630f84a791ecf18651b4429fb
26eee83128ab29845906e838298d2ef77c998ead
3badc27a242b146034883b5529d5e0ef713f45bd3246c43615ce32bf643b8037
GET /images/ads/s_yesil_bg.gif HTTP/1.1
Host: bumerangeski.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bumerangeski.boomads.com/templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 18 Oct 2010 09:09:01 GMT
Accept-Ranges: bytes
ETag: "b64cc61aa46ecb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Wed, 07 Dec 2022 05:25:05 GMT
Content-Length: 3993
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
172.217.21.161200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20221129/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Wed, 07 Dec 2022 01:59:49 GMT
expires: Wed, 21 Dec 2022 01:59:49 GMT
cache-control: public, max-age=1209600
age: 12320
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.98:0
File type ASCII text, with very long lines (3501)
Hash ef1c9435be063c9ab3d647cf9b724750
103489edc626e6284455cb8b90d2de205856e258
a9855ba62028cd8fad2000099280c6f494e443df6d4a728d4b9719437ffb32dd
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 47692
date: Wed, 07 Dec 2022 05:25:09 GMT
expires: Wed, 07 Dec 2022 05:25:09 GMT
cache-control: private, max-age=3000
etag: "1670243872199174"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bookworm-bilgeadam.blogspot.com/favicon.ico
172.217.21.161200 OK 412 B URL HTTP/1.1 bookworm-bilgeadam.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: bookworm-bilgeadam.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/2012/12/ne-talihli-basn-varms.html?spref=tw
Cookie: cwou_bookwormbilgeadam=1670390708; bwou_bookwormbilgeadam=1670390708; woubookwormbilgeadam=t; _ga=GA1.3.2118344880.1670390709; _gid=GA1.3.1644422984.1670390709; _gat=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Wed, 07 Dec 2022 05:25:09 GMT
Date: Wed, 07 Dec 2022 05:25:09 GMT
Cache-Control: private, max-age=86400
Last-Modified: Mon, 05 Dec 2022 13:01:25 GMT
ETag: W/"6d8aa58b1169bd06e1df3a22d5eeb2a76df61e12309cae748716b5102797e1ed"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bumerangeski.boomads.com/images/ads/buton_yesil_saglik.gif
213.243.16.160200 OK 3.3 kB URL HTTP/1.1 bumerangeski.boomads.com/images/ads/buton_yesil_saglik.gif
IP 213.243.16.160:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 180 x 28\012- data
Hash 504b338076be77e4a2bc400c79177fd0
d91f251482238fc3359e5855e95fb9b09efd5c66
073807612778e4fc61a6ab404ff1cd8b668a5028f74ddd372d5abdc721c8d2fa
GET /images/ads/buton_yesil_saglik.gif HTTP/1.1
Host: bumerangeski.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bumerangeski.boomads.com/templates/saglik_yesil_180x380.aspx?clientid=9b26f84b-dfe6-409c-b38f-da4814564074
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 18 Oct 2010 09:09:00 GMT
Accept-Ranges: bytes
ETag: "8662771aa46ecb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Wed, 07 Dec 2022 05:25:05 GMT
Content-Length: 3282
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 54db2aa5029ab3c4ca457cced55c1c4d
790becaae5da563169b3d4fc0ca6018e8ad56cd1
48d1473c9967a42f89d04d012071df7d1e50ee13abe4d7324f91f806fb4988e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6509
Cache-Control: max-age=157001
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Etag: "638fcc91-139"
Expires: Fri, 09 Dec 2022 01:01:50 GMT
Last-Modified: Tue, 06 Dec 2022 23:13:21 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 54db2aa5029ab3c4ca457cced55c1c4d
790becaae5da563169b3d4fc0ca6018e8ad56cd1
48d1473c9967a42f89d04d012071df7d1e50ee13abe4d7324f91f806fb4988e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6509
Cache-Control: max-age=157001
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Etag: "638fcc91-139"
Expires: Fri, 09 Dec 2022 01:01:50 GMT
Last-Modified: Tue, 06 Dec 2022 23:13:21 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 65dd9712d87e7a840e2057ee76976b84
98b03bc02e7a34d1847febc10f4e1c041208b1a4
e4362245d8ef39cbce99f5fb82c2dab2f2d65393afbd75800dc907792fad50b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6509
Cache-Control: max-age=122422
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Etag: "638f457f-138"
Expires: Thu, 08 Dec 2022 15:25:31 GMT
Last-Modified: Tue, 06 Dec 2022 13:37:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 312
ads.eu.criteo.com/delivery/r/afr.php?z=Y5AjtQACHx4CHka9AAH1CJcv25KWlVdrr0FwSA&u=%7CPWEkdOdK4W1qmi5YZV9OcYZ%2BX%2FUYE3dz3F9SWghzT8o%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBixtKhM_jyzo_xAubNnrcrda4W2FONL_t8AMWBu9WI7xCPvXOX--s7DlvpGjJT3bUHY0M69PpHrtPyzItmmsaF0Z7AJZ45p2ARvEpVYN-Yi3NKgluVDidaIxuQYGjnDywWuNAFeiDXZUQasEY4gUcdLXAZ6CB-BKddaTPfIX-2U14latCf5AzvZOwi0LO9K7pA3StxwkuPEVsThm7z3NRkWiRqeoZ5sSa7rJrx4kUhoBss12AxhUmRyF0YlFbiYRBW0RI2QgwWPUgSvj5J6jDIqBshjjL2JmVWY8pAbGYCtY4MxD5ZZseMvNQ0phv7VOOqOwbYwEISicJ30WucI7Mut-oesRK0i28R0RdlGmu_Os-YQwq4zcQENwuWBNIrAs7pYXeMAXQhE2UrgSpBwEzK_c-ZlXtKGT4Sb0uUvKB_FSP2flQev-UjgWaR51Ra55ZzR5Eys9qnJ9g0cyA9pF-U4drwiWMu90qZzPhyWUtwNEoKY_nWGO7MnVF4UqrNrzyiq_x_Qb1v_WMlcqZgUehS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD_t7tSOQY56-CL2N-cAPiOqHgAXJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTcxNjgyMTQwMjkzNzA0MjXIAQmpAkACGojgkLE-qAMBqgSVAk_QJVd8k1Jl5AhWezQexNBMTO35b6OXdrO-LILNQHwaiyk7WVKMtfsnVr33KYOqCnAk2ezRiWcrsmOFtLMpXj9XOGwolNL0n8p6yS2gHagECZolVGtfMvMLlXeweZRiZORapRU8EFgYnKwYYBTzt0aXqJsm7cvZC_h4-0sqCEum2iwGXmM-fiRZ5zY9zn8ZmbIs17CjnV9kB4cZeXt4JJtHe2buFQbvZ4V1j_HaEaV7xYULkCB4PnfX_GMEZMLz0E1rQzELmTeM2ZJyiuvMbsIc5fJ6Uia_-gWw0MBBdl6NgmyWr7NGUZOgstYsX0NDXe7uL6WIOatEMpFPQw8g7sVF30jk0_8WDBt09z--qy9ORaPw4YuABriZt5b0-Iiu0wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NENrQx70YyOjfnScEteN4Pyys8g%26client%3Dca-pub-7168214029370425%26adurl%3D
178.250.2.65200 OK 43 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5AjtQACHx4CHka9AAH1CJcv25KWlVdrr0FwSA&u=%7CPWEkdOdK4W1qmi5YZV9OcYZ%2BX%2FUYE3dz3F9SWghzT8o%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBixtKhM_jyzo_xAubNnrcrda4W2FONL_t8AMWBu9WI7xCPvXOX--s7DlvpGjJT3bUHY0M69PpHrtPyzItmmsaF0Z7AJZ45p2ARvEpVYN-Yi3NKgluVDidaIxuQYGjnDywWuNAFeiDXZUQasEY4gUcdLXAZ6CB-BKddaTPfIX-2U14latCf5AzvZOwi0LO9K7pA3StxwkuPEVsThm7z3NRkWiRqeoZ5sSa7rJrx4kUhoBss12AxhUmRyF0YlFbiYRBW0RI2QgwWPUgSvj5J6jDIqBshjjL2JmVWY8pAbGYCtY4MxD5ZZseMvNQ0phv7VOOqOwbYwEISicJ30WucI7Mut-oesRK0i28R0RdlGmu_Os-YQwq4zcQENwuWBNIrAs7pYXeMAXQhE2UrgSpBwEzK_c-ZlXtKGT4Sb0uUvKB_FSP2flQev-UjgWaR51Ra55ZzR5Eys9qnJ9g0cyA9pF-U4drwiWMu90qZzPhyWUtwNEoKY_nWGO7MnVF4UqrNrzyiq_x_Qb1v_WMlcqZgUehS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD_t7tSOQY56-CL2N-cAPiOqHgAXJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTcxNjgyMTQwMjkzNzA0MjXIAQmpAkACGojgkLE-qAMBqgSVAk_QJVd8k1Jl5AhWezQexNBMTO35b6OXdrO-LILNQHwaiyk7WVKMtfsnVr33KYOqCnAk2ezRiWcrsmOFtLMpXj9XOGwolNL0n8p6yS2gHagECZolVGtfMvMLlXeweZRiZORapRU8EFgYnKwYYBTzt0aXqJsm7cvZC_h4-0sqCEum2iwGXmM-fiRZ5zY9zn8ZmbIs17CjnV9kB4cZeXt4JJtHe2buFQbvZ4V1j_HaEaV7xYULkCB4PnfX_GMEZMLz0E1rQzELmTeM2ZJyiuvMbsIc5fJ6Uia_-gWw0MBBdl6NgmyWr7NGUZOgstYsX0NDXe7uL6WIOatEMpFPQw8g7sVF30jk0_8WDBt09z--qy9ORaPw4YuABriZt5b0-Iiu0wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NENrQx70YyOjfnScEteN4Pyys8g%26client%3Dca-pub-7168214029370425%26adurl%3D
IP 178.250.2.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32011), with CRLF, LF line terminators
Hash 91fa6c97b24905c70b2bb42378ad4674
481f84fa26ac0acfdbb08ffd3238b740fadd3389
746e9f9d8d7aafd5647ee00e6049d7f9b14eb16afd4b996f243b1ab2d47e7897
GET /delivery/r/afr.php?z=Y5AjtQACHx4CHka9AAH1CJcv25KWlVdrr0FwSA&u=%7CPWEkdOdK4W1qmi5YZV9OcYZ%2BX%2FUYE3dz3F9SWghzT8o%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBixtKhM_jyzo_xAubNnrcrda4W2FONL_t8AMWBu9WI7xCPvXOX--s7DlvpGjJT3bUHY0M69PpHrtPyzItmmsaF0Z7AJZ45p2ARvEpVYN-Yi3NKgluVDidaIxuQYGjnDywWuNAFeiDXZUQasEY4gUcdLXAZ6CB-BKddaTPfIX-2U14latCf5AzvZOwi0LO9K7pA3StxwkuPEVsThm7z3NRkWiRqeoZ5sSa7rJrx4kUhoBss12AxhUmRyF0YlFbiYRBW0RI2QgwWPUgSvj5J6jDIqBshjjL2JmVWY8pAbGYCtY4MxD5ZZseMvNQ0phv7VOOqOwbYwEISicJ30WucI7Mut-oesRK0i28R0RdlGmu_Os-YQwq4zcQENwuWBNIrAs7pYXeMAXQhE2UrgSpBwEzK_c-ZlXtKGT4Sb0uUvKB_FSP2flQev-UjgWaR51Ra55ZzR5Eys9qnJ9g0cyA9pF-U4drwiWMu90qZzPhyWUtwNEoKY_nWGO7MnVF4UqrNrzyiq_x_Qb1v_WMlcqZgUehS&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD_t7tSOQY56-CL2N-cAPiOqHgAXJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTcxNjgyMTQwMjkzNzA0MjXIAQmpAkACGojgkLE-qAMBqgSVAk_QJVd8k1Jl5AhWezQexNBMTO35b6OXdrO-LILNQHwaiyk7WVKMtfsnVr33KYOqCnAk2ezRiWcrsmOFtLMpXj9XOGwolNL0n8p6yS2gHagECZolVGtfMvMLlXeweZRiZORapRU8EFgYnKwYYBTzt0aXqJsm7cvZC_h4-0sqCEum2iwGXmM-fiRZ5zY9zn8ZmbIs17CjnV9kB4cZeXt4JJtHe2buFQbvZ4V1j_HaEaV7xYULkCB4PnfX_GMEZMLz0E1rQzELmTeM2ZJyiuvMbsIc5fJ6Uia_-gWw0MBBdl6NgmyWr7NGUZOgstYsX0NDXe7uL6WIOatEMpFPQw8g7sVF30jk0_8WDBt09z--qy9ORaPw4YuABriZt5b0-Iiu0wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2NENrQx70YyOjfnScEteN4Pyys8g%26client%3Dca-pub-7168214029370425%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:08 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gv9K2NuImHtR1UybXS5KJUoyqcCXbriiLiRZF7CncuQg6n2sOTb5iZl-wnM7TYPgxEJTMANg2UUbWGEzP-2SpFDIdzIzSUhYdUHrJoWpqNfaj_yUIdzAnRRY94NiJIzIs2_gZQTJt-YUVkTr87kDRFdnyJddOznYGjVFRhVi9mekkrzR-bFwh9TJXJaeLALNWHoJ5jJQGoHAF_Py_GQyu0_0PwauUJXTKLnQOwxhJrN8Uwvn1tvIQWyVogCLiE6itfzydg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 55322022
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 65dd9712d87e7a840e2057ee76976b84
98b03bc02e7a34d1847febc10f4e1c041208b1a4
e4362245d8ef39cbce99f5fb82c2dab2f2d65393afbd75800dc907792fad50b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6509
Cache-Control: max-age=122422
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:09 GMT
Etag: "638f457f-138"
Expires: Thu, 08 Dec 2022 15:25:31 GMT
Last-Modified: Tue, 06 Dec 2022 13:37:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 312
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWawC-gGdg2ICAgAAAJxfQb2KCE9vELQjkGMekGZbdc6lHiyPZgASAAA&wp=Y5AjtQACHx4CHka9AAH1CJcv25KWlVdrr0FwSA
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWawC-gGdg2ICAgAAAJxfQb2KCE9vELQjkGMekGZbdc6lHiyPZgASAAA&wp=Y5AjtQACHx4CHka9AAH1CJcv25KWlVdrr0FwSA
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kLnPC7OzWawC-gGdg2ICAgAAAJxfQb2KCE9vELQjkGMekGZbdc6lHiyPZgASAAA&wp=Y5AjtQACHx4CHka9AAH1CJcv25KWlVdrr0FwSA HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 297815
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWcAEmAKdg2ICAgAAAPL-iLEbJCucELQjkGPV9CBD6HP84OFByAASAAA&wp=Y5AjtQACSVcKwlxdAARVv_vF_BFIgHoGbp5cfQ
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWcAEmAKdg2ICAgAAAPL-iLEbJCucELQjkGPV9CBD6HP84OFByAASAAA&wp=Y5AjtQACSVcKwlxdAARVv_vF_BFIgHoGbp5cfQ
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kLnPC7OzWcAEmAKdg2ICAgAAAPL-iLEbJCucELQjkGPV9CBD6HP84OFByAASAAA&wp=Y5AjtQACSVcKwlxdAARVv_vF_BFIgHoGbp5cfQ HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 302741
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.25.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 471421
expires: Mon, 27 Nov 2023 05:25:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UT8JQv3MVWofuKkfrZ0F3P1p79CKDxJkDW5ooTENyWMu8UmXoJyPEDOGUkWzHKhg0nufHymYBfZ0QS1zsDnIC1CPi0eimsy1RNyPyJULxLrozy02hokJodEbPa5rl0tImIxlmoQU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775ad6d10a1f0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3a488fc3dcdaafb273e7c74bca56bb53
e04c3fa14a45cb81a4fa39085ae8504b63f31589
afa21e0ef1b2ca8bc6b71a0215fe0a27b9e6a4bed9e90031c8b90d434153ca7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1178
Cache-Control: max-age=146231
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:10 GMT
Etag: "638fb753-139"
Expires: Thu, 08 Dec 2022 22:02:21 GMT
Last-Modified: Tue, 06 Dec 2022 21:42:43 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3a488fc3dcdaafb273e7c74bca56bb53
e04c3fa14a45cb81a4fa39085ae8504b63f31589
afa21e0ef1b2ca8bc6b71a0215fe0a27b9e6a4bed9e90031c8b90d434153ca7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1178
Cache-Control: max-age=146231
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:10 GMT
Etag: "638fb753-139"
Expires: Thu, 08 Dec 2022 22:02:21 GMT
Last-Modified: Tue, 06 Dec 2022 21:42:43 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3a488fc3dcdaafb273e7c74bca56bb53
e04c3fa14a45cb81a4fa39085ae8504b63f31589
afa21e0ef1b2ca8bc6b71a0215fe0a27b9e6a4bed9e90031c8b90d434153ca7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1178
Cache-Control: max-age=146231
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:10 GMT
Etag: "638fb753-139"
Expires: Thu, 08 Dec 2022 22:02:21 GMT
Last-Modified: Tue, 06 Dec 2022 21:42:43 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWawC2ASdg2ICAgAAAGtD7PegAgx1ELUjkGMmAVDegGg9PlinAgASAAA&wp=Y5AjtQAFAgwCHkXMAAof66SyqUWn_YHg3BPPng
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKnZE7OzWawC2ASdg2ICAgAAAGtD7PegAgx1ELUjkGMmAVDegGg9PlinAgASAAA&wp=Y5AjtQAFAgwCHkXMAAof66SyqUWn_YHg3BPPng
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kKnZE7OzWawC2ASdg2ICAgAAAGtD7PegAgx1ELUjkGMmAVDegGg9PlinAgASAAA&wp=Y5AjtQAFAgwCHkXMAAof66SyqUWn_YHg3BPPng HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 258808
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:25:10 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sat, 02 Dec 2023 05:25:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:25:10 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sat, 02 Dec 2023 05:25:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2c8bf0b95c3409c9b57899ae2c35cc09
c484ae7b30b8247c336708a28e017f8f9d13c2f8
e225ee6a98adc371dc0978e305309247486741d30eb76b69fcb3d0fc733d5ec1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 790
Cache-Control: max-age=109505
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:10 GMT
Etag: "638f2961-13a"
Expires: Thu, 08 Dec 2022 11:50:15 GMT
Last-Modified: Tue, 06 Dec 2022 11:37:05 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2c8bf0b95c3409c9b57899ae2c35cc09
c484ae7b30b8247c336708a28e017f8f9d13c2f8
e225ee6a98adc371dc0978e305309247486741d30eb76b69fcb3d0fc733d5ec1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 748
Cache-Control: max-age=109462
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:10 GMT
Etag: "638f2961-13a"
Expires: Thu, 08 Dec 2022 11:49:32 GMT
Last-Modified: Tue, 06 Dec 2022 11:37:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pix.eu.criteo.net/img/img?h=76&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=596&s=l8EaH04wkMGeM1sWyXalJyfz
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=76&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=596&s=l8EaH04wkMGeM1sWyXalJyfz
IP 178.250.0.139:0
File type PNG image data, 364 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash a66de9ca8d8115343fb11bdb42041e53
f18e99c83599fbdbe440181a5617eb73125ef60e
1c817320a8f6b9476cd08d143a77e378865225eeebe81b9c65735757f576f88d
GET /img/img?h=76&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=596&s=l8EaH04wkMGeM1sWyXalJyfz HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30224617
expires: Wed, 22 Nov 2023 01:08:48 GMT
date: Wed, 07 Dec 2022 05:25:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10989
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=Dcy4Ek4Ux0g8y52zHcY8eAUg&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=Dcy4Ek4Ux0g8y52zHcY8eAUg&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b1cf292e7fa0a53d45a18fbe7d5ba48a
9750a23602768c45f3b0e02aa02195ce415a0e28
6b15cb3b11c7f84df416163f52f8c9bc62dc768eb78b6fd077445c9aa403c47e
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=Dcy4Ek4Ux0g8y52zHcY8eAUg&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30943064
expires: Thu, 30 Nov 2023 08:42:54 GMT
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14170
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=800&s=A-oGGCSaUEeusEpzyMPbuvqC&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=800&s=A-oGGCSaUEeusEpzyMPbuvqC&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b1cf292e7fa0a53d45a18fbe7d5ba48a
9750a23602768c45f3b0e02aa02195ce415a0e28
6b15cb3b11c7f84df416163f52f8c9bc62dc768eb78b6fd077445c9aa403c47e
GET /img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=800&s=A-oGGCSaUEeusEpzyMPbuvqC&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30943064
expires: Thu, 30 Nov 2023 08:42:54 GMT
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14170
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10972290001_1.jpg%3Fref%3D8839FC03DB%26w%3D640%26h%3D914%26cb%3D6851ba0e443a5863398953fd8783961c&v=3&w=800&s=xhU2dHCBo0aifbO2DAnKcCDd&b=400
178.250.0.139200 OK 9.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10972290001_1.jpg%3Fref%3D8839FC03DB%26w%3D640%26h%3D914%26cb%3D6851ba0e443a5863398953fd8783961c&v=3&w=800&s=xhU2dHCBo0aifbO2DAnKcCDd&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 286x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a4500665c100da645e8b296c2e9d75f8
00447e4794d220cb9c3d90a589596be791fa0390
711f75f282f721b532286c8d7d84708fcead5cbe9a99593d54d0d78c387e577b
GET /img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10972290001_1.jpg%3Fref%3D8839FC03DB%26w%3D640%26h%3D914%26cb%3D6851ba0e443a5863398953fd8783961c&v=3&w=800&s=xhU2dHCBo0aifbO2DAnKcCDd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30899594
expires: Wed, 29 Nov 2023 20:38:25 GMT
date: Wed, 07 Dec 2022 05:25:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9100
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 05:25:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pix.eu.criteo.net/img/img?h=556&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=4i-5aqjDGdXgKJz45bOww0KV
178.250.0.139200 OK 5.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=556&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=4i-5aqjDGdXgKJz45bOww0KV
IP 178.250.0.139:0
File type PNG image data, 196 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash c4629332e9ccf173a343c7af6f410673
525fd4a52468c13cc6f893468f4f4c1ed970d490
4e42791249590b18368971ae82944bfcec4ba471ca0d1a91c47e185d7aa8a42d
GET /img/img?h=556&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=4i-5aqjDGdXgKJz45bOww0KV HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30224617
expires: Wed, 22 Nov 2023 01:08:48 GMT
date: Wed, 07 Dec 2022 05:25:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5473
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F5034-0.jpg%3Fcb%3D62efeea0293b15c22308baa4152d343b&v=3&w=800&s=WDVa2rdfq32-jzSpwZobm9RY&b=400
178.250.0.139200 OK 9.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F5034-0.jpg%3Fcb%3D62efeea0293b15c22308baa4152d343b&v=3&w=800&s=WDVa2rdfq32-jzSpwZobm9RY&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 230x234, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5a3629a59a7dfdfeff84a6f3c1bd08ec
5e280d02eab39274ee1e00603d6f6a7c22e46cac
28f0f8f2d4a446213c382b40bf1b6caba2d1549199b2c33ff947c2d2fd24491d
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F5034-0.jpg%3Fcb%3D62efeea0293b15c22308baa4152d343b&v=3&w=800&s=WDVa2rdfq32-jzSpwZobm9RY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29044246
expires: Wed, 08 Nov 2023 09:15:57 GMT
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9276
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x358, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b4a8b65dd45b5caaf05d7af1a012c211
2d76450cb9247fc5eb904e3d6db3c051c26226ae
bdeedcf8ba166914065e069ca9514b3020cfe22d1239cb8ec86495c301108540
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F3%2F139200-2.jpg%3Fcb%3Df4bbfffcc691f0d09fed11ab574d2c15&v=3&w=800&s=ELGNwAEysDJJFXqMz4SRd9vY&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30159367
expires: Tue, 21 Nov 2023 07:01:17 GMT
date: Wed, 07 Dec 2022 05:25:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10926
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=0WEOyaPIeLI9dzM1iljWSFG3
178.250.0.139200 OK 2.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=0WEOyaPIeLI9dzM1iljWSFG3
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 364x104, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d68f0c206fbc43640d87acd8ac358d0d
de93fb8fc26a456bec0e842b9a5aeb47c139f771
e783cf1e10a4ab2295be2903a3d7f198ace6c2c239152780a75aabd2cab5ac91
GET /img/img?h=104&m=0&partner=12017&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12018%2F220214%2Fe8c42282818a4114a6e91079f2fbb54a_chanti-logo.jpeg&v=3&w=596&s=0WEOyaPIeLI9dzM1iljWSFG3 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29618334
expires: Wed, 15 Nov 2023 00:44:04 GMT
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2194
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F9%2F199217-0.jpg%3Fcb%3D47dbfbf4f03c12e4fad3262b52cc498f&v=3&w=800&s=zmBiqudPSUEDt_IcffN7S8Jr&b=400
178.250.0.139200 OK 4.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F9%2F199217-0.jpg%3Fcb%3D47dbfbf4f03c12e4fad3262b52cc498f&v=3&w=800&s=zmBiqudPSUEDt_IcffN7S8Jr&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 274x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4f5eb42d3a4558a7c995710ff437cb0
1f73d7b42b3e1f5b8754e62b1ff933f2e69f3d1c
c33b7e6d19155abc7f2ad85172e017a537e0cd29f15fc2cce401bb9f87ec2193
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F1%2F9%2F199217-0.jpg%3Fcb%3D47dbfbf4f03c12e4fad3262b52cc498f&v=3&w=800&s=zmBiqudPSUEDt_IcffN7S8Jr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31117608
expires: Sat, 02 Dec 2023 09:11:58 GMT
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4298
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F50143-0.jpg%3Fcb%3Dd2c3bbd8a87287702ebdd2254af1a9c0&v=3&w=800&s=462CsdT9Pw9uo-KmK4_6O75N&b=400
178.250.0.139200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F50143-0.jpg%3Fcb%3Dd2c3bbd8a87287702ebdd2254af1a9c0&v=3&w=800&s=462CsdT9Pw9uo-KmK4_6O75N&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x307, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 439a54c2eb38e1ebac67ec975d668919
db8607b9c7f1ed5a71395b766c6364eef68d5940
180a3f43ce5c9bac1ce8eb00e9d5c9b00035db506d76a0b462b10fd830616578
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F5%2F0%2F50143-0.jpg%3Fcb%3Dd2c3bbd8a87287702ebdd2254af1a9c0&v=3&w=800&s=462CsdT9Pw9uo-KmK4_6O75N&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30945134
expires: Thu, 30 Nov 2023 09:17:24 GMT
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7998
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745307-0.jpg%3Fcb%3D3b6e63c6c03955e41433c1de103aa97f&v=3&w=800&s=cqGhdu3ASkw0cr0qNHvEyN2h&b=400
178.250.0.139200 OK 7.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745307-0.jpg%3Fcb%3D3b6e63c6c03955e41433c1de103aa97f&v=3&w=800&s=cqGhdu3ASkw0cr0qNHvEyN2h&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 237x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9b573fc470ef8cbc89f1035de8aa998a
3a192b5f9758318437a3d4f5be68f5051af46039
dcc9f88d2c0d057159015782eca9a29d97bd98bcf43565a43c0dddc9a0287fa4
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F8%2F7%2F8745307-0.jpg%3Fcb%3D3b6e63c6c03955e41433c1de103aa97f&v=3&w=800&s=cqGhdu3ASkw0cr0qNHvEyN2h&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31446156
expires: Wed, 06 Dec 2023 04:27:47 GMT
date: Wed, 07 Dec 2022 05:25:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7586
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F5%2F355108-0.jpg%3Fcb%3Df38a9887d70fe8a67810b481f0a291d6&v=3&w=800&s=ekWzKlSihnPPhhiVOAr6Oc6b&b=400
178.250.0.139200 OK 8.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F5%2F355108-0.jpg%3Fcb%3Df38a9887d70fe8a67810b481f0a291d6&v=3&w=800&s=ekWzKlSihnPPhhiVOAr6Oc6b&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4467a9ae13171b5f3278e6d2ce727bf2
7a21d7b0cd66f63d7e8b4c66be59f97f3368c44e
17f148460d5036a7ab08c77538b8899d3aa8a5e65c77cbcc51ba01539b1a7d09
GET /img/img?c=3&cq=256&h=800&m=0&partner=12017&q=80&r=0&u=https%3A%2F%2Fwww.chanti.no%2Fmedia%2Fcatalog%2Fproduct%2F3%2F5%2F355108-0.jpg%3Fcb%3Df38a9887d70fe8a67810b481f0a291d6&v=3&w=800&s=ekWzKlSihnPPhhiVOAr6Oc6b&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29735453
expires: Thu, 16 Nov 2023 09:16:03 GMT
date: Wed, 07 Dec 2022 05:25:10 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8504
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5072
Expires: Wed, 07 Dec 2022 06:49:42 GMT
Date: Wed, 07 Dec 2022 05:25:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5072
Expires: Wed, 07 Dec 2022 06:49:42 GMT
Date: Wed, 07 Dec 2022 05:25:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 12:25:50 GMT
age: 61160
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cefc5a863db79a7a8acd7366322ea34d
ec084f21bd0bcf5c101366e5732421835b3230d3
ee5a022da888181060a9d4ac8ab18fb8e35143b5f046f905d38553b9552f0bbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3175
x-amzn-requestid: 3b5ffd5c-a8a5-40d8-b370-c13b0da5f543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csXJEF0hIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6bd3-40d73fc5702a607c4ef71574;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ltw2ovrQ4bRR1LL2qVEls_GK9w7PmSjA44rasHU5PfqroV2-WRWx_w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 17:22:47 GMT
age: 43343
etag: "ec084f21bd0bcf5c101366e5732421835b3230d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e3174edbfe337cc29266cc38abb51e
80283cb298a1b2326620be406ee3daa42ee0b3ef
520858a9d9540d5768988d0ebb04f0162ded5eb9cd8f4718989b033d04702111
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8116e95d-8c6c-4a81-8560-89710dcf8c9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 3b64a1cf-0ad7-4ecf-a25e-ca65c06330ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVFcECMoAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6889-42dde2da60f083383ab06b82;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z3yEknYzqJG3oEe-t3nxHYkDXSYGdWkRdbB1V4ixYcJjV5DjxzLzEA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 09:19:50 GMT
age: 72320
etag: "80283cb298a1b2326620be406ee3daa42ee0b3ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d237b386960b3fbbcfdde0d2f0179ca
46c6733ae3f0c01f1ec1f71790d71cac9797fcd2
4a86ff99f57d9dea3d7f2f22a02f54f3e9bfbdfca07722d1a7c3d25a1dc5160c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5704
x-amzn-requestid: 7b87f011-2d7b-41fc-9897-358e5d1a3e5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cc4a2FrvIAMF5tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63883aab-32ed5f3631606c622938642e;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 05:24:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TdQ61Y7uA27y4OllBFy0cyFxVJ6oD-dOJxL_B2rpmsz0xvN-VD9FhQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:56:55 GMT
age: 26895
etag: "46c6733ae3f0c01f1ec1f71790d71cac9797fcd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10207590001_1.jpg%3Fref%3DE30E765DF2%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=800&s=pSI1nElhdwuCOzZFNvJQaX5D&b=400
178.250.0.139200 OK 6.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10207590001_1.jpg%3Fref%3DE30E765DF2%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=800&s=pSI1nElhdwuCOzZFNvJQaX5D&b=400
IP 178.250.0.139:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10207590001_1.jpg%3Fref%3DE30E765DF2%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=800&s=pSI1nElhdwuCOzZFNvJQaX5D&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30899561
expires: Wed, 29 Nov 2023 20:37:52 GMT
date: Wed, 07 Dec 2022 05:25:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7210
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d0219e6bee2a28f003f396f872eecf0
b3d22d146c6094cb539de40a72b9c5a140802ee5
41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 02299a39-6804-49ae-b415-313b6e06b2ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfj24G39oAMF25Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63894cf8-5f578e3f211063bd125b645a;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 00:55:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uMTaiFjrcbJxWm4M7BuSHPu0BFUMp9UIpMvnvlLs_dajlM0_iObY2A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:52 GMT
age: 26838
etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y5AjtQACSVcKwlxdAARVv_vF_BFIgHoGbp5cfQ&u=%7CPWEkdOdK4W2xAHVt%2BtCGRLBMeoVskA3D23%2BFLqn1YxY%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBixtKhM_jyzsHcwU-psHOEZ7yqIAGS504XeXu_ImOEc9U9Vnz5LgDirkw5EctjBe0Ke2si3EN2jk3wmHJkWml-gnbloA8J_jkSgbvWp1q1iOdnjRSel0rNowmj_LdbWU1-Fx5xfC_vYmpzzriNgbXGRAaEaRjALO0ML7o9R6FDJuhovWDl5turwjRN2Zecn4ZtHnG8o6ijBZat1djeneVrZmBfYkguStp2j9LGSahjVPPFRwnUfOHTcIiSBfavVGAKeJe9aTZxhwC-nmiOoQgcPJhEGfG2b7RxzDJ-ESd6U2Om6AEbqGxaS7WzsIvxxjLlErgnFAeI0YoqW2DZg8iD8HFfEIdWXoJgwKoGTwxpaYEd7Gd_lHmRF7TRgZkWTDtZ1FzGXOzpPtKsOtJmvGhnyH8lCifBT7kHxEJ9FraLgCuSWc4qs81iPVYdILQ74ZsdI6kOuymR92dnQe1ln0fhpykzNBz8kYlzdH7e0AWJvuEatUUXyYHPTR3fCTImI05nddoyKuQMeYwmbJDfxpSk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx34DtSOQY9eSCd24iQa_q5GwBcme0rFc1fbi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTcxNjgyMTQwMjkzNzA0MjXIAQmpAkACGojgkLE-qAMBqgSOAk_Qc_Tbv6mg9ZkrO_LMVKtJTCLO2CXc44ZZm-Zc7JS8lro66bM9nsnDBPBbSzPufMz5wh6p68PM_HkTxheRN0LyhK0zPqbx6-K-JIQZFZV5qYS0JSkB3V4uoHomkWqRcU5LUjnOIbcHrVYBKzodP9YYGuiK9UUdrsrpspdH2Eg2CghauhywEkqsnWWjXhXsfzuXE91yWBMkx5rzvM5W-yqfla3NGQVZuqFN9SQwmqfUNp6Y6WRAMcgJQmuxrkGhopzAxKirdrE_Vj5tAOnKAKdZMRWryMmZv4pqgdtHLvO7kgbtJvXC-4Ckbi1OQku8Hi6MBetRKvdRCNOd3UNNLeIjpGn6Wgd8-zv8gqDRDIAGuJm3lvT4iK7TAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_19ZMp6feRZSua3O31ruAbyP0ehOw%26client%3Dca-pub-7168214029370425%26adurl%3D
178.250.2.65200 OK 142 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y5AjtQACSVcKwlxdAARVv_vF_BFIgHoGbp5cfQ&u=%7CPWEkdOdK4W2xAHVt%2BtCGRLBMeoVskA3D23%2BFLqn1YxY%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBixtKhM_jyzsHcwU-psHOEZ7yqIAGS504XeXu_ImOEc9U9Vnz5LgDirkw5EctjBe0Ke2si3EN2jk3wmHJkWml-gnbloA8J_jkSgbvWp1q1iOdnjRSel0rNowmj_LdbWU1-Fx5xfC_vYmpzzriNgbXGRAaEaRjALO0ML7o9R6FDJuhovWDl5turwjRN2Zecn4ZtHnG8o6ijBZat1djeneVrZmBfYkguStp2j9LGSahjVPPFRwnUfOHTcIiSBfavVGAKeJe9aTZxhwC-nmiOoQgcPJhEGfG2b7RxzDJ-ESd6U2Om6AEbqGxaS7WzsIvxxjLlErgnFAeI0YoqW2DZg8iD8HFfEIdWXoJgwKoGTwxpaYEd7Gd_lHmRF7TRgZkWTDtZ1FzGXOzpPtKsOtJmvGhnyH8lCifBT7kHxEJ9FraLgCuSWc4qs81iPVYdILQ74ZsdI6kOuymR92dnQe1ln0fhpykzNBz8kYlzdH7e0AWJvuEatUUXyYHPTR3fCTImI05nddoyKuQMeYwmbJDfxpSk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx34DtSOQY9eSCd24iQa_q5GwBcme0rFc1fbi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTcxNjgyMTQwMjkzNzA0MjXIAQmpAkACGojgkLE-qAMBqgSOAk_Qc_Tbv6mg9ZkrO_LMVKtJTCLO2CXc44ZZm-Zc7JS8lro66bM9nsnDBPBbSzPufMz5wh6p68PM_HkTxheRN0LyhK0zPqbx6-K-JIQZFZV5qYS0JSkB3V4uoHomkWqRcU5LUjnOIbcHrVYBKzodP9YYGuiK9UUdrsrpspdH2Eg2CghauhywEkqsnWWjXhXsfzuXE91yWBMkx5rzvM5W-yqfla3NGQVZuqFN9SQwmqfUNp6Y6WRAMcgJQmuxrkGhopzAxKirdrE_Vj5tAOnKAKdZMRWryMmZv4pqgdtHLvO7kgbtJvXC-4Ckbi1OQku8Hi6MBetRKvdRCNOd3UNNLeIjpGn6Wgd8-zv8gqDRDIAGuJm3lvT4iK7TAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_19ZMp6feRZSua3O31ruAbyP0ehOw%26client%3Dca-pub-7168214029370425%26adurl%3D
IP 178.250.2.65:0
Size 142 kB (141908 bytes)
Hash 32e2cafdbbe465f07a2da348e94ff824
48e0ea3bfbbb5f42d74c5429aa08dcfb10963161
a50dce18fee972679cf3aadccc06b6896ba1f0418e6efe3e80ec16aa8fdb80b7
GET /delivery/r/afr.php?z=Y5AjtQACSVcKwlxdAARVv_vF_BFIgHoGbp5cfQ&u=%7CPWEkdOdK4W2xAHVt%2BtCGRLBMeoVskA3D23%2BFLqn1YxY%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiBixtKhM_jyzsHcwU-psHOEZ7yqIAGS504XeXu_ImOEc9U9Vnz5LgDirkw5EctjBe0Ke2si3EN2jk3wmHJkWml-gnbloA8J_jkSgbvWp1q1iOdnjRSel0rNowmj_LdbWU1-Fx5xfC_vYmpzzriNgbXGRAaEaRjALO0ML7o9R6FDJuhovWDl5turwjRN2Zecn4ZtHnG8o6ijBZat1djeneVrZmBfYkguStp2j9LGSahjVPPFRwnUfOHTcIiSBfavVGAKeJe9aTZxhwC-nmiOoQgcPJhEGfG2b7RxzDJ-ESd6U2Om6AEbqGxaS7WzsIvxxjLlErgnFAeI0YoqW2DZg8iD8HFfEIdWXoJgwKoGTwxpaYEd7Gd_lHmRF7TRgZkWTDtZ1FzGXOzpPtKsOtJmvGhnyH8lCifBT7kHxEJ9FraLgCuSWc4qs81iPVYdILQ74ZsdI6kOuymR92dnQe1ln0fhpykzNBz8kYlzdH7e0AWJvuEatUUXyYHPTR3fCTImI05nddoyKuQMeYwmbJDfxpSk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx34DtSOQY9eSCd24iQa_q5GwBcme0rFc1fbi1pMBwI23ARABIABgw4SAgJgYggEXY2EtcHViLTcxNjgyMTQwMjkzNzA0MjXIAQmpAkACGojgkLE-qAMBqgSOAk_Qc_Tbv6mg9ZkrO_LMVKtJTCLO2CXc44ZZm-Zc7JS8lro66bM9nsnDBPBbSzPufMz5wh6p68PM_HkTxheRN0LyhK0zPqbx6-K-JIQZFZV5qYS0JSkB3V4uoHomkWqRcU5LUjnOIbcHrVYBKzodP9YYGuiK9UUdrsrpspdH2Eg2CghauhywEkqsnWWjXhXsfzuXE91yWBMkx5rzvM5W-yqfla3NGQVZuqFN9SQwmqfUNp6Y6WRAMcgJQmuxrkGhopzAxKirdrE_Vj5tAOnKAKdZMRWryMmZv4pqgdtHLvO7kgbtJvXC-4Ckbi1OQku8Hi6MBetRKvdRCNOd3UNNLeIjpGn6Wgd8-zv8gqDRDIAGuJm3lvT4iK7TAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_19ZMp6feRZSua3O31ruAbyP0ehOw%26client%3Dca-pub-7168214029370425%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:08 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KN8Mt9uImHtR1UybXucjGJsRAobmra7wdFF-owzjb6g5Tft_sGJmkwdMIJtpXoleeCrSs__hM9pA9U9RiYeOTg71KIGPkMAtkAaV26kdDls3Nve9CeqBmzBfuyJTIbdLnxrn_cUxdygvBBI4gxl52nNTweW0iZeQ8qYtuDj_FJSqduhUc2lSo_Z4Z-cCFkNOgA0k9U6XCikeq0XyH_I0ZE0sfUHi5bcsOxe-FtsxKLFjITa97TdKN-3Qh6wVPhAeij4afQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 67162331
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:11:08 GMT
expires: Wed, 06 Dec 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 44042
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 492948
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 459427
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 477867
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 1.2 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- assembler source, ASCII text, with very long lines (1423)
Hash 7227d716254b4008693fe3b204489576
e9f788811aceae4c2e5dbcd85bd76b866773f30d
f4c392397bca2c0303630d8de36b106117a08d5b40f1c86d2e62e456c51509c6
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:25:10 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sat, 02 Dec 2023 05:25:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=gv9K2NuImHtR1UybXS5KJUoyqcCXbriiLiRZF7CncuQg6n2sOTb5iZl-wnM7TYPgxEJTMANg2UUbWGEzP-2SpFDIdzIzSUhYdUHrJoWpqNfaj_yUIdzAnRRY94NiJIzIs2_gZQTJt-YUVkTr87kDRFdnyJddOznYGjVFRhVi9mekkrzR-bFwh9TJXJaeLALNWHoJ5jJQGoHAF_Py_GQyu0_0PwauUJXTKLnQOwxhJrN8Uwvn1tvIQWyVogCLiE6itfzydg&sds=2&rev=83862&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=gv9K2NuImHtR1UybXS5KJUoyqcCXbriiLiRZF7CncuQg6n2sOTb5iZl-wnM7TYPgxEJTMANg2UUbWGEzP-2SpFDIdzIzSUhYdUHrJoWpqNfaj_yUIdzAnRRY94NiJIzIs2_gZQTJt-YUVkTr87kDRFdnyJddOznYGjVFRhVi9mekkrzR-bFwh9TJXJaeLALNWHoJ5jJQGoHAF_Py_GQyu0_0PwauUJXTKLnQOwxhJrN8Uwvn1tvIQWyVogCLiE6itfzydg&sds=2&rev=83862&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=gv9K2NuImHtR1UybXS5KJUoyqcCXbriiLiRZF7CncuQg6n2sOTb5iZl-wnM7TYPgxEJTMANg2UUbWGEzP-2SpFDIdzIzSUhYdUHrJoWpqNfaj_yUIdzAnRRY94NiJIzIs2_gZQTJt-YUVkTr87kDRFdnyJddOznYGjVFRhVi9mekkrzR-bFwh9TJXJaeLALNWHoJ5jJQGoHAF_Py_GQyu0_0PwauUJXTKLnQOwxhJrN8Uwvn1tvIQWyVogCLiE6itfzydg&sds=2&rev=83862&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:10 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 947 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1397)
Hash fbfc432630ade396cef4b2ebd6c931ea
579b9155027a4c95fee33001d6e2cc209feab4c4
0cc5ac7cd37e8ea85f549c8c648c1505385554a69c8457f286301825545b1789
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:25:10 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sat, 02 Dec 2023 05:25:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=nMGXrNuImHtR1UybEACI-RLCuwC6ta8yZwAp2-HCvp5yKGdwmWOd2pUHw9UWFkMQirm1gOmh3kSgW7qt3ASn1obJvlNS1a9693ouyclGdiVAGYK6XRIwg8KafXK_i5gVqDs4uhWvleLX3DRr9nF4EIY5cVNNnaracjhpNHcQeI21MAr7DuHhlAvAFFQa2FSB6GGrtCb9Zll0qddLtJqnRsi1dyVFpGEa1yO8VRY2SB9c-T5PH_u0za3ULE9VHBIdfIWCmA&sds=2&rev=83862&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=nMGXrNuImHtR1UybEACI-RLCuwC6ta8yZwAp2-HCvp5yKGdwmWOd2pUHw9UWFkMQirm1gOmh3kSgW7qt3ASn1obJvlNS1a9693ouyclGdiVAGYK6XRIwg8KafXK_i5gVqDs4uhWvleLX3DRr9nF4EIY5cVNNnaracjhpNHcQeI21MAr7DuHhlAvAFFQa2FSB6GGrtCb9Zll0qddLtJqnRsi1dyVFpGEa1yO8VRY2SB9c-T5PH_u0za3ULE9VHBIdfIWCmA&sds=2&rev=83862&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=nMGXrNuImHtR1UybEACI-RLCuwC6ta8yZwAp2-HCvp5yKGdwmWOd2pUHw9UWFkMQirm1gOmh3kSgW7qt3ASn1obJvlNS1a9693ouyclGdiVAGYK6XRIwg8KafXK_i5gVqDs4uhWvleLX3DRr9nF4EIY5cVNNnaracjhpNHcQeI21MAr7DuHhlAvAFFQa2FSB6GGrtCb9Zll0qddLtJqnRsi1dyVFpGEa1yO8VRY2SB9c-T5PH_u0za3ULE9VHBIdfIWCmA&sds=2&rev=83862&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:10 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sayac.onlinewebstats.com/logo/s.gif
217.195.203.216200 OK 1.1 kB URL HTTP/1.1 sayac.onlinewebstats.com/logo/s.gif
IP 217.195.203.216:0
ASN #20649 FS Veri Merkezi Internet Teknolojileri Limited Sirketi
File type GIF image data, version 89a, 90 x 30\012- data
Hash 86b20fb84a3c460bb5b6f28e1fc58a8f
be37c58c27b312e1b8445d446d5e9008843fc8d0
16c7fd0e2962fbb0f79e261c14b3e89f71af00413c77ce6c284c2aabdad557f3
GET /logo/s.gif HTTP/1.1
Host: sayac.onlinewebstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 05:25:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Thu, 17 Aug 2006 22:15:44 GMT
ETag: "4a6-41b3dfc23c400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1127
Connection: close
Content-Type: image/gif
csm.eu.criteo.net/all?cppv=3&cpp=gv9K2NuImHtR1UybXS5KJUoyqcCXbriiLiRZF7CncuQg6n2sOTb5iZl-wnM7TYPgxEJTMANg2UUbWGEzP-2SpFDIdzIzSUhYdUHrJoWpqNfaj_yUIdzAnRRY94NiJIzIs2_gZQTJt-YUVkTr87kDRFdnyJddOznYGjVFRhVi9mekkrzR-bFwh9TJXJaeLALNWHoJ5jJQGoHAF_Py_GQyu0_0PwauUJXTKLnQOwxhJrN8Uwvn1tvIQWyVogCLiE6itfzydg&sds=2&rev=83862&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=gv9K2NuImHtR1UybXS5KJUoyqcCXbriiLiRZF7CncuQg6n2sOTb5iZl-wnM7TYPgxEJTMANg2UUbWGEzP-2SpFDIdzIzSUhYdUHrJoWpqNfaj_yUIdzAnRRY94NiJIzIs2_gZQTJt-YUVkTr87kDRFdnyJddOznYGjVFRhVi9mekkrzR-bFwh9TJXJaeLALNWHoJ5jJQGoHAF_Py_GQyu0_0PwauUJXTKLnQOwxhJrN8Uwvn1tvIQWyVogCLiE6itfzydg&sds=2&rev=83862&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=gv9K2NuImHtR1UybXS5KJUoyqcCXbriiLiRZF7CncuQg6n2sOTb5iZl-wnM7TYPgxEJTMANg2UUbWGEzP-2SpFDIdzIzSUhYdUHrJoWpqNfaj_yUIdzAnRRY94NiJIzIs2_gZQTJt-YUVkTr87kDRFdnyJddOznYGjVFRhVi9mekkrzR-bFwh9TJXJaeLALNWHoJ5jJQGoHAF_Py_GQyu0_0PwauUJXTKLnQOwxhJrN8Uwvn1tvIQWyVogCLiE6itfzydg&sds=2&rev=83862&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:11 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=nMGXrNuImHtR1UybEACI-RLCuwC6ta8yZwAp2-HCvp5yKGdwmWOd2pUHw9UWFkMQirm1gOmh3kSgW7qt3ASn1obJvlNS1a9693ouyclGdiVAGYK6XRIwg8KafXK_i5gVqDs4uhWvleLX3DRr9nF4EIY5cVNNnaracjhpNHcQeI21MAr7DuHhlAvAFFQa2FSB6GGrtCb9Zll0qddLtJqnRsi1dyVFpGEa1yO8VRY2SB9c-T5PH_u0za3ULE9VHBIdfIWCmA&sds=2&rev=83862&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=nMGXrNuImHtR1UybEACI-RLCuwC6ta8yZwAp2-HCvp5yKGdwmWOd2pUHw9UWFkMQirm1gOmh3kSgW7qt3ASn1obJvlNS1a9693ouyclGdiVAGYK6XRIwg8KafXK_i5gVqDs4uhWvleLX3DRr9nF4EIY5cVNNnaracjhpNHcQeI21MAr7DuHhlAvAFFQa2FSB6GGrtCb9Zll0qddLtJqnRsi1dyVFpGEa1yO8VRY2SB9c-T5PH_u0za3ULE9VHBIdfIWCmA&sds=2&rev=83862&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=nMGXrNuImHtR1UybEACI-RLCuwC6ta8yZwAp2-HCvp5yKGdwmWOd2pUHw9UWFkMQirm1gOmh3kSgW7qt3ASn1obJvlNS1a9693ouyclGdiVAGYK6XRIwg8KafXK_i5gVqDs4uhWvleLX3DRr9nF4EIY5cVNNnaracjhpNHcQeI21MAr7DuHhlAvAFFQa2FSB6GGrtCb9Zll0qddLtJqnRsi1dyVFpGEa1yO8VRY2SB9c-T5PH_u0za3ULE9VHBIdfIWCmA&sds=2&rev=83862&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:11 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=KN8Mt9uImHtR1UybXucjGJsRAobmra7wdFF-owzjb6g5Tft_sGJmkwdMIJtpXoleeCrSs__hM9pA9U9RiYeOTg71KIGPkMAtkAaV26kdDls3Nve9CeqBmzBfuyJTIbdLnxrn_cUxdygvBBI4gxl52nNTweW0iZeQ8qYtuDj_FJSqduhUc2lSo_Z4Z-cCFkNOgA0k9U6XCikeq0XyH_I0ZE0sfUHi5bcsOxe-FtsxKLFjITa97TdKN-3Qh6wVPhAeij4afQ&sds=2&rev=83862&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=KN8Mt9uImHtR1UybXucjGJsRAobmra7wdFF-owzjb6g5Tft_sGJmkwdMIJtpXoleeCrSs__hM9pA9U9RiYeOTg71KIGPkMAtkAaV26kdDls3Nve9CeqBmzBfuyJTIbdLnxrn_cUxdygvBBI4gxl52nNTweW0iZeQ8qYtuDj_FJSqduhUc2lSo_Z4Z-cCFkNOgA0k9U6XCikeq0XyH_I0ZE0sfUHi5bcsOxe-FtsxKLFjITa97TdKN-3Qh6wVPhAeij4afQ&sds=2&rev=83862&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=KN8Mt9uImHtR1UybXucjGJsRAobmra7wdFF-owzjb6g5Tft_sGJmkwdMIJtpXoleeCrSs__hM9pA9U9RiYeOTg71KIGPkMAtkAaV26kdDls3Nve9CeqBmzBfuyJTIbdLnxrn_cUxdygvBBI4gxl52nNTweW0iZeQ8qYtuDj_FJSqduhUc2lSo_Z4Z-cCFkNOgA0k9U6XCikeq0XyH_I0ZE0sfUHi5bcsOxe-FtsxKLFjITa97TdKN-3Qh6wVPhAeij4afQ&sds=2&rev=83862&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:11 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 05:25:10 GMT
date: Wed, 07 Dec 2022 05:25:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.renklidergi.com/upload/20100227144708917.jpg
52.71.57.184404 Not Found 0 B URL HTTP/1.0 www.renklidergi.com/upload/20100227144708917.jpg
IP 52.71.57.184:0
GET /upload/20100227144708917.jpg HTTP/1.1
Host: www.renklidergi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bookworm-bilgeadam.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:25:10 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sat, 02 Dec 2023 05:25:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:25:10 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sat, 02 Dec 2023 05:25:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bWKSGyuLxbOzHLJ8Iptuoa5F_GScskypcLaaq77Ct6xmOUvih1xxcJh6Ik9tz5cDh6hV9hn1dJKJ3Ed_d7mPVPu6FUYC13c0mb0qXo0_ZXI1vvIvJqkX68QZO1kXxp5R-LBuw-r17rou-BHAuSBwyXnEOCfp0ILV5f4YDdnyk9pUzXxk896SLts6ZdqqmNABa1eALvDWVyj49zvVyUE21H8GtrwyOL8dDefNWs82WG2HUPyI-206bZ_JwJdxmyqAULsefnCyxXqO2tbjRZHj8EFyE2m966fRkQKGFzGahv5xfLHDJ3uEdqseGqEvBanCPDeTeoL51wHJBLARE7Q0BHNOJ1FdEVkgd1GLs6fBGtNydExvLlhZFP-tJM-2VVNcb_RiqDnkIGJQPwui-ivYmPIedkXfVcRRMAgOmymanf3okdPjNBl1KCRbzEmLk8znBO_Y7g
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=bWKSGyuLxbOzHLJ8Iptuoa5F_GScskypcLaaq77Ct6xmOUvih1xxcJh6Ik9tz5cDh6hV9hn1dJKJ3Ed_d7mPVPu6FUYC13c0mb0qXo0_ZXI1vvIvJqkX68QZO1kXxp5R-LBuw-r17rou-BHAuSBwyXnEOCfp0ILV5f4YDdnyk9pUzXxk896SLts6ZdqqmNABa1eALvDWVyj49zvVyUE21H8GtrwyOL8dDefNWs82WG2HUPyI-206bZ_JwJdxmyqAULsefnCyxXqO2tbjRZHj8EFyE2m966fRkQKGFzGahv5xfLHDJ3uEdqseGqEvBanCPDeTeoL51wHJBLARE7Q0BHNOJ1FdEVkgd1GLs6fBGtNydExvLlhZFP-tJM-2VVNcb_RiqDnkIGJQPwui-ivYmPIedkXfVcRRMAgOmymanf3okdPjNBl1KCRbzEmLk8znBO_Y7g
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=bWKSGyuLxbOzHLJ8Iptuoa5F_GScskypcLaaq77Ct6xmOUvih1xxcJh6Ik9tz5cDh6hV9hn1dJKJ3Ed_d7mPVPu6FUYC13c0mb0qXo0_ZXI1vvIvJqkX68QZO1kXxp5R-LBuw-r17rou-BHAuSBwyXnEOCfp0ILV5f4YDdnyk9pUzXxk896SLts6ZdqqmNABa1eALvDWVyj49zvVyUE21H8GtrwyOL8dDefNWs82WG2HUPyI-206bZ_JwJdxmyqAULsefnCyxXqO2tbjRZHj8EFyE2m966fRkQKGFzGahv5xfLHDJ3uEdqseGqEvBanCPDeTeoL51wHJBLARE7Q0BHNOJ1FdEVkgd1GLs6fBGtNydExvLlhZFP-tJM-2VVNcb_RiqDnkIGJQPwui-ivYmPIedkXfVcRRMAgOmymanf3okdPjNBl1KCRbzEmLk8znBO_Y7g HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:09 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2736899
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 05:25:10 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sat, 02 Dec 2023 05:25:10 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=aN4FWyuLxbOzHLJ8Iptuoa5F_GToksfjTQ_x3k9wgemErrGp0wf3KK-JLczw7KENPpI405ZElXMpWbRWkMqGnJKfuZezrV7Jmn15hKYVarYT8NiX59iWCcMWP4BVB6CmxfpSwhmjWBiGfyt3yF9YCtU5U-_JJd_fT6hO1E5ArB-XaM1oM-XD1A2xmywzcQQgTCfa_2h-ktSviA2FT8CWfLfsGXDwSt7cpAKSqMOmK5HrmYj3y39XfArJtdycWP_3bTRkGai-Or85uDGpqeQlH-Imzp5Y9x9ogzah9bf-aNNxYhQGClGQMz38vkHlO2rU4ZCpDcT-CVgWMPo7Jq3FiF2z5Cd59ni_SioVqxxPvysjZqZlER6O0Tl3O8rXAPI5EzvHNpkpzy9xiiXPtm-gZlwHRey3LQODGLGulWnorYJK3byA
178.250.2.148200 OK 0 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=aN4FWyuLxbOzHLJ8Iptuoa5F_GToksfjTQ_x3k9wgemErrGp0wf3KK-JLczw7KENPpI405ZElXMpWbRWkMqGnJKfuZezrV7Jmn15hKYVarYT8NiX59iWCcMWP4BVB6CmxfpSwhmjWBiGfyt3yF9YCtU5U-_JJd_fT6hO1E5ArB-XaM1oM-XD1A2xmywzcQQgTCfa_2h-ktSviA2FT8CWfLfsGXDwSt7cpAKSqMOmK5HrmYj3y39XfArJtdycWP_3bTRkGai-Or85uDGpqeQlH-Imzp5Y9x9ogzah9bf-aNNxYhQGClGQMz38vkHlO2rU4ZCpDcT-CVgWMPo7Jq3FiF2z5Cd59ni_SioVqxxPvysjZqZlER6O0Tl3O8rXAPI5EzvHNpkpzy9xiiXPtm-gZlwHRey3LQODGLGulWnorYJK3byA
IP 178.250.2.148:0
GET /delivery/lg.php?cppv=3&cpp=aN4FWyuLxbOzHLJ8Iptuoa5F_GToksfjTQ_x3k9wgemErrGp0wf3KK-JLczw7KENPpI405ZElXMpWbRWkMqGnJKfuZezrV7Jmn15hKYVarYT8NiX59iWCcMWP4BVB6CmxfpSwhmjWBiGfyt3yF9YCtU5U-_JJd_fT6hO1E5ArB-XaM1oM-XD1A2xmywzcQQgTCfa_2h-ktSviA2FT8CWfLfsGXDwSt7cpAKSqMOmK5HrmYj3y39XfArJtdycWP_3bTRkGai-Or85uDGpqeQlH-Imzp5Y9x9ogzah9bf-aNNxYhQGClGQMz38vkHlO2rU4ZCpDcT-CVgWMPo7Jq3FiF2z5Cd59ni_SioVqxxPvysjZqZlER6O0Tl3O8rXAPI5EzvHNpkpzy9xiiXPtm-gZlwHRey3LQODGLGulWnorYJK3byA HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 05:25:10 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2891281
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
IP 142.250.74.106:0
GET /css?family=Lato:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 05:25:10 GMT
date: Wed, 07 Dec 2022 05:25:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2