dusunmekvepaylasmak.blogspot.ru/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
172.217.21.161302 Moved Temporarily 225 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.ru/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7a5567b456f3022d8e5d9e8784d0c630
5bd218ced6bef6c4212715ccbd262196485f1e12
c98d9266f443a92a9ccb06a4f07edb22c16a10416de411e5724a1273e4ddebb8
Analyzer Verdict Alert fortinet Malware
GET /search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://dusunmekvepaylasmak.blogspot.com/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 03:27:15 GMT
Expires: Mon, 05 Dec 2022 03:27:15 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 225
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5935
Expires: Mon, 05 Dec 2022 05:06:10 GMT
Date: Mon, 05 Dec 2022 03:27:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:15 GMT
Last-Modified: Mon, 05 Dec 2022 01:42:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 03:18:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 529
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7033
Expires: Mon, 05 Dec 2022 05:24:28 GMT
Date: Mon, 05 Dec 2022 03:27:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FHrp7z4EaTFmFypwMj+Y4CHygAYolzkUBS+6/ozHC8gcuuyqDZfdanSd2EkL2uqRLf1q2R7PrPk=
x-amz-request-id: VRYCPNW43WJ9W0EZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 02:47:13 GMT
age: 2402
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:27:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 03:08:58 GMT
cache-control: public,max-age=3600
age: 1097
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6298
Cache-Control: max-age=113074
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:15 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:51:49 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
dusunmekvepaylasmak.blogspot.com/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
172.217.21.161301 Moved Permanently 224 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 500daedbd39ed9d3226a3a5b9fd54c7c
d8f140c36b857b0fb456dc5c7669fe0ea07293dd
0d77a59632616ebf0096b2b3d138ad35bb1f794f567c2fa1b109bdae8c98ca33
Analyzer Verdict Alert fortinet Malware
GET /search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 03:27:15 GMT
Expires: Mon, 05 Dec 2022 03:27:15 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 224
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z8Q5EmryPeGQ1PJvNeut1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hzv3JWNzYRAB8f2Hiy86+BatHaE=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11209
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 03:27:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11209
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 03:27:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11209
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 03:27:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11209
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 03:27:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ee7Rihwq-F-zcJWcnxZtfzfmhrn0w3mub_5F4j8u0r2Uc91oXrKPzA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:17:01 GMT
age: 83416
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 2524
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6079166a1ed5bac7373183f03f33b84e
b0c9391b87a4560598e43d5084dda41e267974a9
3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oXeR8DTpEoK8E-BiI7gT4JEIdVBfiimfydNYIC62_rNLlTdem9Buig==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 20491
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:45:46 GMT
age: 85291
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 19456
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 20426
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6070
Cache-Control: max-age=105319
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Etag: "638c45c6-118"
Expires: Tue, 06 Dec 2022 08:42:36 GMT
Last-Modified: Sun, 04 Dec 2022 07:01:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
content-type: text/css
age: 452364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cd8c709d33861f92a8d0d016a198cd41
2b71fa86c94f5d50a8ce65d02b4c5b8d010eb2f2
a48025cdad584ab4cce456815b00f144c47df1f9a744dc962b4bdb33070a2827
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4484
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:24 GMT
expires: Tue, 22 Nov 2022 06:56:28 GMT
cache-control: public, max-age=86400, no-transform
age: 11273
etag: "v7fdb"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 198baf3f7d853bc634b438561c189896
63640490c23c9d452cb566e3c8d9cb29cb9bef37
5edbbfadba784c3a27259984b189817862e146c0c550b6854bd6175be846aa41
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4527
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:24 GMT
expires: Tue, 29 Nov 2022 20:30:05 GMT
cache-control: public, max-age=86400, no-transform
age: 11273
etag: "v71fc"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
142.250.74.161200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6242
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:24 GMT
expires: Tue, 29 Nov 2022 20:30:05 GMT
cache-control: public, max-age=86400, no-transform
age: 11273
etag: "v7d8d"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6070
Cache-Control: max-age=105319
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Etag: "638c45c6-118"
Expires: Tue, 06 Dec 2022 08:42:36 GMT
Last-Modified: Sun, 04 Dec 2022 07:01:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/w72-h72-p-k-no-nu/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/2 4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/w72-h72-p-k-no-nu/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1fb88aedadc72caa56cd793eabc62623
e8c2207b0aba853a5725322cd577174749c75dd6
311782b56080c358de1925a2c19e8154ce31a4b33d55b8c3c05032de16603409
GET /-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/w72-h72-p-k-no-nu/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3262
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:24 GMT
expires: Sun, 04 Dec 2022 18:09:31 GMT
cache-control: public, max-age=86400, no-transform
age: 11273
etag: "v1e5"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
104.18.11.207200 OK 6.8 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (28596)
Hash 9be5181c753306a374c56032728d2e2d
cd0c7082b9524d9a71a8dcc9e403af7de831eddb
d7fd5ec1df75df15af3b2b311fb8c97880cd656bf7e3ae22339ea3ca780a040d
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-03-10 20:26:25
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 9f906bfe8a0a96b9156c7a4ed4664168
cdn-cache: HIT
cf-cache-status: HIT
age: 19521626
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7749af677dccb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 04:46:35 GMT
expires: Thu, 30 Nov 2023 04:46:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 427242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Cookie: NID=511=Q6OyqiIHQqfVsuXBJ7eyX69u3CfFtkEy8eJURXR6J8BLGa1qAn86AhlDPan06LJCjIaJ8he3MN2sM1CM7JU-z0W6UrYVfCY1Xe_OlqAUrhldAcTItdlWgvb9RxIGuUo55xE6JcVYtOUdh7cgcsbQatpQFQ4zdlQqUYBSx9Y6OMM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 05 Dec 2022 03:27:17 GMT
expires: Mon, 05 Dec 2022 03:27:17 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dusunmekvepaylasmak.blogspot.com/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
172.217.21.161200 OK 120 kB URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526)
Size 120 kB (120488 bytes)
Hash dab9483e66360a25faf8b1f7134feca2
2e7ea212fec63b39615491e2280653d8fcfbff1d
2642c078663d238ebb2ed9e4e4080cfd0214535f5b879ade5669bde9a4b0cdd3
Analyzer Verdict Alert fortinet Malware
GET /search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.3.1990567275.1670210325; _gid=GA1.3.694570005.1670210325; __atuvc=1%7C49; __atuvs=638d6315ee44f8d2000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 05 Dec 2022 03:27:17 GMT
date: Mon, 05 Dec 2022 03:27:17 GMT
cache-control: private, max-age=0
last-modified: Tue, 29 Nov 2022 20:22:02 GMT
etag: W/"8ca8df289a2001deb99934e54cae67fa14d6127f41db94bab2f53714bb6870c1"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 120488
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/2 1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8ab41d14c1aa09a171e6f7fb8890d5c6
a8b93b1d387d1fbd63c629e849c332cc2b5406be
ef0d3d17010f324ae57a2ae20015c0d728f58c905b70a5518effa04ff160c982
GET /-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="10_aralik_insan_haklari_gunu.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3454
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:24 GMT
expires: Thu, 24 Nov 2022 17:28:00 GMT
cache-control: public, max-age=86400, no-transform
age: 11273
etag: "v1fe3"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1866a1eda8caaedee6e9021f426d9d21
050f44f27fb2164dd65c28a937a89d9f7aa87fd4
6fbe535d995be032754b848a23901cd0eea3d102e279f3cb3a0c881fa52eb4e7
GET /-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2591
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:24 GMT
expires: Thu, 01 Dec 2022 20:25:55 GMT
cache-control: public, max-age=86400, no-transform
age: 11273
etag: "v20fb"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
142.250.74.161200 OK 11 kB URL HTTP/2 1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 279edb5b823b4f55f7c83479a93225e3
01356acda7ff0acedb0051e71745fee61d67f62c
3935368604f5e255ee391a2f871167446fce3ed81b1df1fc7474b8e9cd358f17
GET /-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sa_l_kl__ya_am_sa_l_kl__beslenme.png";filename*=UTF-8''sa%C4%9Fl%C4%B1kl%C4%B1_ya%C5%9Fam_sa%C4%9Fl%C4%B1kl%C4%B1_beslenme.png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 10679
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:24 GMT
expires: Tue, 06 Dec 2022 00:19:24 GMT
cache-control: public, max-age=86400, no-transform
etag: "v13776"
content-type: image/png
age: 11273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rollercoin.com/static/img/public_img/gen2/w160h600.gif
104.26.14.99200 OK 3.9 kB URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 104.26.14.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f91fb184622c776de69f08e56b12601c
5800b6197cc43faa89c793e1aafe440e1da702d0
9056fe9741c4a058dc1111aac665ca879e406cdf4b44ac0f4fd64ebb7912202d
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:17 GMT
content-type: image/webp
content-length: 256868
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=323815
content-disposition: inline; filename="w160h600.webp"
etag: W/"4f0e7-18364eefb18"
last-modified: Thu, 22 Sep 2022 11:22:07 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: HIT
age: 5195062
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5bcS30CrxH3Ynvc7ulbz%2BJHF3bP3w8SBA2sap1ZiA1tobJ2syxU7hY670vUdGUMYKTQ5YsY3xfaUUJ2GVXSbU4TwTZH%2B4sw5cZfsFueI9ly7UGza05Be7WVxcagd9wu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7749af684f4db50c-OSL
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (4885)
Hash 7b98cd638f19344ee70cf46e666939d8
2ceed66ceca8e79cf508789a8d27c7bea81d34bd
2d1efaa9fbae0caa8893f8843ae3615288165bd120af1d73b2dffb154e6189fc
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 05 Dec 2022 03:27:17 GMT
expires: Mon, 05 Dec 2022 03:27:17 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2813048954113711548
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg
142.250.74.161200 OK 2.8 kB URL HTTP/2 1.bp.blogspot.com/-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d55d42497002238cef58073d9c761b05
4f9d7fb15fec1a928fb214ddc863962ae6f532a1
4bfb10d5a18713cb2911e63b1a36629868f87cea235bf04cffbcaee37508128e
GET /-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="4+4+4+egitim-sistemi.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2786
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:24 GMT
expires: Sat, 03 Dec 2022 02:04:03 GMT
cache-control: public, max-age=86400, no-transform
age: 11273
etag: "v20a4"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116388 bytes)
Hash fef08c9f8bacc1b0eed3950dbe7d0f87
e9a3b98cad1e2d58eab1e2cbaa51cb979dc45075
55b3d5b3acd46444cc1844a676c75ba25209ce371065791cd4fbdc9da60aea34
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116388
date: Mon, 05 Dec 2022 03:27:18 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 824e70f1edf0fb1b3cb27f712a854957
c0ed87d2b19b1b88b7cf6fc70b3cc1d8bf22cd96
066d71adcd5e89c667b03d80e4a253c2f12b4f4238b82af50709a0dbf99b640f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:27:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 09 Dec 2022 03:05:20 GMT
ETag: "c0ed87d2b19b1b88b7cf6fc70b3cc1d8bf22cd96"
Last-Modified: Mon, 05 Dec 2022 03:05:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 511
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7749af69baa9b4f9-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:45:39 GMT
expires: Thu, 30 Nov 2023 19:45:39 GMT
cache-control: public, max-age=31536000
age: 373299
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:42:14 GMT
expires: Thu, 30 Nov 2023 20:42:14 GMT
cache-control: public, max-age=31536000
age: 369904
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
216.58.207.227200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:43:30 GMT
expires: Wed, 29 Nov 2023 15:43:30 GMT
cache-control: public, max-age=31536000
age: 474228
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 374308
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 313077
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 374308
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 3
Date: Mon, 05 Dec 2022 03:27:16 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Cookie: IDE=AHWqTUlccNBi2aEByfFYcRocQifmAiooXh3uvO9jNU7uP3bP0QMeAApkMPR1eNs0v3Q
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:22:03 GMT
expires: Sun, 18 Dec 2022 15:22:03 GMT
cache-control: public, max-age=1209600
age: 43515
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 3
Date: Mon, 05 Dec 2022 03:27:16 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com&bust=31071035
142.250.74.162200 OK 119 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com&bust=31071035
IP 142.250.74.162:0
File type ASCII text, with very long lines (6148)
Size 119 kB (119174 bytes)
Hash dd7e3fe4d9f17d3eefbaabbdb1e464aa
1600feb3466444a33a647fb4e5dc24391d8826d9
a6b0943d85f4f1cb9d0037c1ae892cfd592a442ac991863c8fb52d666e753572
GET /pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com&bust=31071035 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 05 Dec 2022 03:27:18 GMT
expires: Mon, 05 Dec 2022 03:27:18 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 5275982403000160374
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=e0blx15s4xlhtw2tms1zb0eq; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Tue, 06-Dec-2022 04:27:16 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Mon, 05 Dec 2022 03:27:16 GMT
Content-Length: 318
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cb439dd80ba82164b879c340b9778147
2bbd26b48daa0b8d2a190f7e8857c716dea279ca
3ab3afbcebe7c744b6446fbb471bda45722313cae36b3020e152e75425a3f760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 464 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash 3b3854ffc7ec37148939b28239077145
1a362033e0b020680f3369be746b46994381151a
2a37ff9e03859728b9794da0932b972c34d04785835be5f59cab45839ab4c9be
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Cookie: NID=511=Q6OyqiIHQqfVsuXBJ7eyX69u3CfFtkEy8eJURXR6J8BLGa1qAn86AhlDPan06LJCjIaJ8he3MN2sM1CM7JU-z0W6UrYVfCY1Xe_OlqAUrhldAcTItdlWgvb9RxIGuUo55xE6JcVYtOUdh7cgcsbQatpQFQ4zdlQqUYBSx9Y6OMM
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 03:27:18 GMT
location: https://www.blogger.com/followers.g?blogID=5726965044016880204&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce--WQEQEHbslqpgIanCxjtIQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 464
server: GSE
set-cookie: __Host-GAPS=1:fPYWFjIEUjomd2Yh4RCEHJOA_3kFNA:y8HZT-cxnaHKtFKF;Path=/;Expires=Wed, 04-Dec-2024 03:27:18 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a2365b2356f35547e7a8a0eeac1a5e71
f070192cf1ad964c90dd00bdf6b04fa598618d61
50415514239bdc4345cb6f75e5aba42fe0f093aaf21de22276aaeceab84c0450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Cookie: NID=511=Q6OyqiIHQqfVsuXBJ7eyX69u3CfFtkEy8eJURXR6J8BLGa1qAn86AhlDPan06LJCjIaJ8he3MN2sM1CM7JU-z0W6UrYVfCY1Xe_OlqAUrhldAcTItdlWgvb9RxIGuUo55xE6JcVYtOUdh7cgcsbQatpQFQ4zdlQqUYBSx9Y6OMM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 03:27:18 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 279556
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 297996
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a/default-user=s45-c
142.250.74.97200 OK 316 B URL HTTP/2 lh3.googleusercontent.com/a/default-user=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 9fae1841320a0eaa434a022513f60859
245fac7a1ba86adda5bf5571babef7d5280672a4
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
GET /a/default-user=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 316
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:10:53 GMT
expires: Thu, 24 Nov 2022 03:05:41 GMT
cache-control: public, max-age=86400, no-transform
age: 986
etag: "v0"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c
142.250.74.97200 OK 677 B URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 80127b2ef0ff1a4d1172873896063ca1
89c3255969cda140c45f927fc5f2d0364df9b6e1
9435c16195af2f0b99e230108154228b63661029b39d6857f1aba97ca30e6a59
GET /a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 677
x-xss-protection: 0
date: Mon, 05 Dec 2022 00:19:26 GMT
expires: Tue, 06 Dec 2022 00:19:26 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/png
age: 11273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: IDE=AHWqTUlccNBi2aEByfFYcRocQifmAiooXh3uvO9jNU7uP3bP0QMeAApkMPR1eNs0v3Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:21:04 GMT
expires: Mon, 05 Dec 2022 03:36:04 GMT
cache-control: public, max-age=900
age: 375
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 67e8fed9092e88476cbeefc66a6cb069
ba8b0844a20242784ffb79ea9a7c367f8986e2e3
a376ed35f3eb2e1fc3e699a5d0748c47ed27a53dcf1565d7e4238a38137795b7
GET /p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v17f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 03:27:19 GMT
server: fife
content-length: 3831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
142.250.74.97200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 381e323dcc3c52d299f378cca24308c4
b3c153fe7a7f36ffea3888717dfddbb49d1d6db7
71f66f8405cfb78d7cee560d8f609e451ce1cb453b5b8a337e0045c559a5867f
GET /p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6dad"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 03:27:19 GMT
server: fife
content-length: 4723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Dec 2022 03:27:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11936, version 1.0\012- data
Hash 15d8ede0a816bc7a9838207747c6620c
f6e2e75f1277c66e282553ae6a22661e51f472b8
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 09:38:03 GMT
expires: Sat, 02 Dec 2023 09:38:03 GMT
cache-control: public, max-age=31536000
age: 236957
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0bb2ba70c162f5aa2606cdbd025d3bd9
85f33e3b45c02ef8a15f41cb3ece7c825dcbc2cf
ed6ac710041b73af3d53108e47b112106a27191542e830aa73f1d6d4e5740eb4
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 03:27:20 GMT
server: ESF
cache-control: private
content-length: 30912
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=41905
date: Mon, 05 Dec 2022 03:27:20 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33002e87ed87cec83ec76bdfe55cb33a
a2dafcefab949833412ab20508096c9974b9e359
f73d30247eb325d9dc9531381224e8942b39b56c264ade1618855f1fad9eda2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6208
Cache-Control: max-age=123428
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:20 GMT
Etag: "638c8bfc-1d7"
Expires: Tue, 06 Dec 2022 13:44:28 GMT
Last-Modified: Sun, 04 Dec 2022 12:01:00 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0c244629557856f731df6a3141c94929
965c50534cf2ad34cf0c9b85fc3dbaf90375489c
5155092a96a313754ed2332d9e9deb225fd276fe3b9952ddb94cc4ab9a017735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
142.250.74.182200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:18:48 GMT
expires: Mon, 05 Dec 2022 05:18:48 GMT
cache-control: public, max-age=7200
age: 512
etag: "1668598177"
content-type: image/webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 05 Dec 2022 03:27:21 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 594e945d8b9dc0bdeb0d0d642ed003d6
646720b2f827af5fab8070a628576ae43a01ad09
d06a89242923ccf43740a1149dee517153483b05449aa0402c45bfd126a17048
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5296
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Last-Modified: Mon, 05 Dec 2022 01:59:05 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
m.addthis.com/live/red_lojson/300lo.json?si=638d6513640bb0a8&bkl=0&bl=1&pdt=2849&sid=638d6513640bb0a8&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1&fr=&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670210838461&jsl=1&uvs=638d6315ee44f8d2001&skipb=1&callback=addthis.cbs.jsonp__43706462685128510
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=638d6513640bb0a8&bkl=0&bl=1&pdt=2849&sid=638d6513640bb0a8&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1&fr=&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670210838461&jsl=1&uvs=638d6315ee44f8d2001&skipb=1&callback=addthis.cbs.jsonp__43706462685128510
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c9f294ebf03db26af76935a3b1ab4b69
a75fb51a32a310aad216cb0c70737bbd0ce0abda
b2bc4fab352ee00e3b6880196f62dba941218305914f8b86b39d0608b977f2ba
GET /live/red_lojson/300lo.json?si=638d6513640bb0a8&bkl=0&bl=1&pdt=2849&sid=638d6513640bb0a8&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1&fr=&of=2&pd=0&irt=1&vcl=1&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670210838461&jsl=1&uvs=638d6315ee44f8d2001&skipb=1&callback=addthis.cbs.jsonp__43706462685128510 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 05 Dec 2022 03:27:21 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a694f95cadca94d72398ae11daec93bf
18b761cf34636c0185e332dd76ff22b4f8c83518
5ce2d2c85324af69a70645caaecba846ab00bd9c606815b04fb330a4a25fa2ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4839
Cache-Control: max-age=127820
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Etag: "638ca27e-139"
Expires: Tue, 06 Dec 2022 14:57:41 GMT
Last-Modified: Sun, 04 Dec 2022 13:37:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3813
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Last-Modified: Mon, 05 Dec 2022 02:23:48 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQFmWNY7exnpo6DMOOQ49pABIAAA&wp=Y41lFwABXi4KGL_CAABiQtr4OSs_qQA9ecvglw
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQFmWNY7exnpo6DMOOQ49pABIAAA&wp=Y41lFwABXi4KGL_CAABiQtr4OSs_qQA9ecvglw
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kLnPC7OzWe0HfJ2DYgICAAAA0-wy0uAhG5EQFmWNY7exnpo6DMOOQ49pABIAAA&wp=Y41lFwABXi4KGL_CAABiQtr4OSs_qQA9ecvglw HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 244930
date: Mon, 05 Dec 2022 03:27:20 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6173
Cache-Control: max-age=158331
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Etag: "638d1477-13a"
Expires: Tue, 06 Dec 2022 23:26:12 GMT
Last-Modified: Sun, 04 Dec 2022 21:43:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6173
Cache-Control: max-age=158331
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Etag: "638d1477-13a"
Expires: Tue, 06 Dec 2022 23:26:12 GMT
Last-Modified: Sun, 04 Dec 2022 21:43:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
23.38.200.123200 OK 1.3 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (3821), with no line terminators
Hash 4adc016f0378d43b1e4d8a48395311fb
de42f6825c8d2ef4989b84479d9731baa195bbaa
70f1c455a93fbc3c54102023dd47c6bcc3ff290302ac6e517cd87b74e4efc205
GET /live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 1250
etag: 727245640--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=60, s-maxage=86400
date: Mon, 05 Dec 2022 03:27:21 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 468973
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 313079
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6173
Cache-Control: max-age=158331
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Etag: "638d1477-13a"
Expires: Tue, 06 Dec 2022 23:26:12 GMT
Last-Modified: Sun, 04 Dec 2022 21:43:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d1f33dd107e66ab22168618bc5b7614c
0d4ac80691c09ef344f806c42c307dcd48eb2fd4
a0ec42a5d446599e66565a3620547e2e9171a08de4839f481a221372130212a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4620
Cache-Control: max-age=104564
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Etag: "638c4881-13a"
Expires: Tue, 06 Dec 2022 08:30:05 GMT
Last-Modified: Sun, 04 Dec 2022 07:13:05 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Thu, 30 Nov 2023 03:27:21 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Thu, 30 Nov 2023 03:27:21 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0346d7fd06e31723aa4d91b652637808
13791c6b65cf8dbd68515e18eda658c41148855c
1fb355bd160bac617153c0a5a0a25807ce1fee3779a2a49c1c2fea23b1373680
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5922
Cache-Control: max-age=121708
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Etag: "638c8664-139"
Expires: Tue, 06 Dec 2022 13:15:49 GMT
Last-Modified: Sun, 04 Dec 2022 11:37:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0346d7fd06e31723aa4d91b652637808
13791c6b65cf8dbd68515e18eda658c41148855c
1fb355bd160bac617153c0a5a0a25807ce1fee3779a2a49c1c2fea23b1373680
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5801
Cache-Control: max-age=121588
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Etag: "638c8664-139"
Expires: Tue, 06 Dec 2022 13:13:49 GMT
Last-Modified: Sun, 04 Dec 2022 11:37:08 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0346d7fd06e31723aa4d91b652637808
13791c6b65cf8dbd68515e18eda658c41148855c
1fb355bd160bac617153c0a5a0a25807ce1fee3779a2a49c1c2fea23b1373680
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5922
Cache-Control: max-age=121708
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:21 GMT
Etag: "638c8664-139"
Expires: Tue, 06 Dec 2022 13:15:49 GMT
Last-Modified: Sun, 04 Dec 2022 11:37:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
pix.eu.criteo.net/img/img?h=244&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=e1wDaaVzF4znXpLenOdH3kqz
178.250.0.139200 OK 5.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=e1wDaaVzF4znXpLenOdH3kqz
IP 178.250.0.139:0
File type PNG image data, 196 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash c4629332e9ccf173a343c7af6f410673
525fd4a52468c13cc6f893468f4f4c1ed970d490
4e42791249590b18368971ae82944bfcec4ba471ca0d1a91c47e185d7aa8a42d
GET /img/img?h=244&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=e1wDaaVzF4znXpLenOdH3kqz HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=30686240
expires: Sat, 25 Nov 2023 07:24:42 GMT
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5473
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F11170080036_1.jpg%3Fref%3D0DBA9A35B5%26w%3D640%26h%3D914%26cb%3Dae7a5510aff39eafdd46d4eee4be8857&v=3&w=400&s=E2Q_ORhrPxLPbBBYH2RvmoMv&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F11170080036_1.jpg%3Fref%3D0DBA9A35B5%26w%3D640%26h%3D914%26cb%3Dae7a5510aff39eafdd46d4eee4be8857&v=3&w=400&s=E2Q_ORhrPxLPbBBYH2RvmoMv&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x334, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6afa2ee41edb51dc358c337c3f08a452
9d3cbe598e60dd6a33a9025ac434810942daeab2
da3221ea9b3dd2b4ed160bd2a1f468e7d60baec2ae19dd87c7734a6ded670247
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F11170080036_1.jpg%3Fref%3D0DBA9A35B5%26w%3D640%26h%3D914%26cb%3Dae7a5510aff39eafdd46d4eee4be8857&v=3&w=400&s=E2Q_ORhrPxLPbBBYH2RvmoMv&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31279302
expires: Sat, 02 Dec 2023 04:09:03 GMT
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12810
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10207590001_1.jpg%3Fref%3DE30E765DF2%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=400&s=y9KJZ1ht09x9sU4O3quF6plo&b=400
178.250.0.139200 OK 7.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10207590001_1.jpg%3Fref%3DE30E765DF2%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=400&s=y9KJZ1ht09x9sU4O3quF6plo&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x299, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ab2562cf5b43ecfe9519ad0bc90f1b19
a089c5a9e0866e119dec078c30b58ed06dc7c6c1
79d4f4580580fadefb8f565d80dcbcaffde0ee948a73baa32d59cd1ebe4afa68
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10207590001_1.jpg%3Fref%3DE30E765DF2%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=400&s=y9KJZ1ht09x9sU4O3quF6plo&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31079430
expires: Wed, 29 Nov 2023 20:37:52 GMT
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7210
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F11174140125_1.png%3Fref%3D8FDE07EC30%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=0NL6_mfEzasLmhJG5rdIKkCi&b=400
178.250.0.139200 OK 60 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F11174140125_1.png%3Fref%3D8FDE07EC30%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=0NL6_mfEzasLmhJG5rdIKkCi&b=400
IP 178.250.0.139:0
File type PNG image data, 400 x 367, 8-bit colormap, non-interlaced\012- data
Hash 2b3829bbb2e882d827c0b9e37bdfaa51
1a2f3bc7c10f1a0075c2d36a3956dde99c584b1b
e105b1021918a97bfe9f93dcc56436ccb57f51f48d7993573130073958e6572d
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F11174140125_1.png%3Fref%3D8FDE07EC30%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=0NL6_mfEzasLmhJG5rdIKkCi&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=28682486
expires: Thu, 02 Nov 2023 02:48:47 GMT
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 60125
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fshoot_odderoya_dsc_6176-1.jpg%3Fref%3D59337FAB47%26w%3D640%26h%3D914%26cb%3D48ab79b366910b7a5fab36589a82a9a7&v=3&w=400&s=0IgrZpH7m3mNkHDZgVOfxdfP&b=400
178.250.0.139200 OK 8.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fshoot_odderoya_dsc_6176-1.jpg%3Fref%3D59337FAB47%26w%3D640%26h%3D914%26cb%3D48ab79b366910b7a5fab36589a82a9a7&v=3&w=400&s=0IgrZpH7m3mNkHDZgVOfxdfP&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fe3bff2061f0bd2539c141bed21e8c4c
6070f7ec8984d034533cb20efdc84cf32ff71074
fd957bd3ca85afebdc7f5198a3636f9899895747c5d7997b880dda29c9df8d4d
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fshoot_odderoya_dsc_6176-1.jpg%3Fref%3D59337FAB47%26w%3D640%26h%3D914%26cb%3D48ab79b366910b7a5fab36589a82a9a7&v=3&w=400&s=0IgrZpH7m3mNkHDZgVOfxdfP&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31101523
expires: Thu, 30 Nov 2023 02:46:05 GMT
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8876
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=Dcy4Ek4Ux0g8y52zHcY8eAUg&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=Dcy4Ek4Ux0g8y52zHcY8eAUg&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b1cf292e7fa0a53d45a18fbe7d5ba48a
9750a23602768c45f3b0e02aa02195ce415a0e28
6b15cb3b11c7f84df416163f52f8c9bc62dc768eb78b6fd077445c9aa403c47e
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=Dcy4Ek4Ux0g8y52zHcY8eAUg&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31122932
expires: Thu, 30 Nov 2023 08:42:54 GMT
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14170
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
23.38.200.123200 OK 29 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash f4a430f112d94f56cbeddcde217f69b6
01c1580d462c4977c7194746540f813e6b5675ce
f8999cbfee6629cf5f2f77d325a508f30a1adc6f1ab7506c462bf467930f36da
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28570
date: Mon, 05 Dec 2022 03:27:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 79 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (63658)
Hash 1025a87759413268456339042ed7adc1
e9a7bd818611a3a0fd6330df99458fe0478958c7
7eccf8a42209125bb60374760a314ab1b059600eb8d155dc221b641ab474d3a6
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Thu, 30 Nov 2023 03:27:21 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/images/cvlbx/beachSummer.jpg
23.38.200.123200 OK 88 kB URL HTTP/2 s7.addthis.com/static/images/cvlbx/beachSummer.jpg
IP 23.38.200.123:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x800, components 3\012- data
Hash 2c026aa51bcd25d6b33218d4aa5f6d83
dc4d354fbae246e6f8e4f3d959720d2f006adb33
2e8cb0f4f4f8506bfeb3a39189a6b975e80018e5aa8cd49ed48cb9c4219a8958
GET /static/images/cvlbx/beachSummer.jpg HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/jpeg
content-length: 88467
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-15993"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 05 Dec 2022 03:27:22 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
23.38.200.123200 OK 394 B URL HTTP/2 s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (564), with no line terminators
Hash 09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Mon, 05 Dec 2022 03:27:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
23.38.200.123200 OK 127 B URL HTTP/2 s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c16f2b8f73dfadd8068f3f840cdf7bc5
48f837510b3e187dde91ce56bdd8453830ce64b2
aa41e2ad8da9c442cc1c812d157425bdb3e7e9ff2aec76ee3ac41bbfec720a0e
GET /static/208.92c9dfa16a7b958c8a95.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-70"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 127
date: Mon, 05 Dec 2022 03:27:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=R9S-bkjUU4w10y2K4wh4drFUuEXE9bvrDATKJ2XoabPZxCCwPcPg6RYnOrWFZLvjerLUUR4eZxOB3A-z3KXAPQSdm7Qm7BZOCri1OXqDxgQERVBxBIMKpj84vplxVbb5Q2iB8cKgVI1ai3hD8dzBkut6euesHAtFQZnOZ39FMXkJ5CyYa_3Zf7onNlQVAkVUwnA4gNKjGFTxS4p6AXie6Bm0vRScdC7Tzd5RqulsCPj4etlELZtZXFCztb9jVDs4O4Ae7tYhrDBsVBMcBBRlmaO8-p93rEZESY6D_tU99tXoyfx8vKzs9zeJgzdlkqJUVNNt9HQhagwXCYtUvLlO44dYbR8hz32aPqeKF1RjljLJgBUZ55_B6h9M4oXwWsS_jFw1yh_EqJvL4aqTuKEdU7rKxuGespXAZPZUAhTEU0fj-2MyYXnu4mpAZdCrQjc8qq47Og
178.250.0.160200 OK 341 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=R9S-bkjUU4w10y2K4wh4drFUuEXE9bvrDATKJ2XoabPZxCCwPcPg6RYnOrWFZLvjerLUUR4eZxOB3A-z3KXAPQSdm7Qm7BZOCri1OXqDxgQERVBxBIMKpj84vplxVbb5Q2iB8cKgVI1ai3hD8dzBkut6euesHAtFQZnOZ39FMXkJ5CyYa_3Zf7onNlQVAkVUwnA4gNKjGFTxS4p6AXie6Bm0vRScdC7Tzd5RqulsCPj4etlELZtZXFCztb9jVDs4O4Ae7tYhrDBsVBMcBBRlmaO8-p93rEZESY6D_tU99tXoyfx8vKzs9zeJgzdlkqJUVNNt9HQhagwXCYtUvLlO44dYbR8hz32aPqeKF1RjljLJgBUZ55_B6h9M4oXwWsS_jFw1yh_EqJvL4aqTuKEdU7rKxuGespXAZPZUAhTEU0fj-2MyYXnu4mpAZdCrQjc8qq47Og
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 2956787b09fc07fd6a868422e64649ac
e942181f93163835c7fd07feb91c39746f26f35f
f51f7437c3e3f0b3d7d1046ae150d75e75473770a9f5a1f4d8d4745ae09946e7
GET /delivery/lg.php?cppv=3&cpp=R9S-bkjUU4w10y2K4wh4drFUuEXE9bvrDATKJ2XoabPZxCCwPcPg6RYnOrWFZLvjerLUUR4eZxOB3A-z3KXAPQSdm7Qm7BZOCri1OXqDxgQERVBxBIMKpj84vplxVbb5Q2iB8cKgVI1ai3hD8dzBkut6euesHAtFQZnOZ39FMXkJ5CyYa_3Zf7onNlQVAkVUwnA4gNKjGFTxS4p6AXie6Bm0vRScdC7Tzd5RqulsCPj4etlELZtZXFCztb9jVDs4O4Ae7tYhrDBsVBMcBBRlmaO8-p93rEZESY6D_tU99tXoyfx8vKzs9zeJgzdlkqJUVNNt9HQhagwXCYtUvLlO44dYbR8hz32aPqeKF1RjljLJgBUZ55_B6h9M4oXwWsS_jFw1yh_EqJvL4aqTuKEdU7rKxuGespXAZPZUAhTEU0fj-2MyYXnu4mpAZdCrQjc8qq47Og HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3290434
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEBlljWPsHJztQ5dnjrYh7QASAAA&wp=Y41lGgAAqZoKmqdBAAZwPzZ0XtQc-Q80SGkuXg
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEBlljWPsHJztQ5dnjrYh7QASAAA&wp=Y41lGgAAqZoKmqdBAAZwPzZ0XtQc-Q80SGkuXg
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kLnPC7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEBlljWPsHJztQ5dnjrYh7QASAAA&wp=Y41lGgAAqZoKmqdBAAZwPzZ0XtQc-Q80SGkuXg HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 167144
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=O51feMmid3SWHkEb_lo0AuIohqudJ5LDgE4QQd3ZlW30lHNJ2VP7792ExPb0gjXStudPrlChdJXvxBykLlCQL1BwZbyXg2QsXxLTYWSq4W1B4TbX1zcGXJnxj8yiYoUnvK7YxQkIJwlBSND7MUj9z3vYomeh-eNeG-pdmAA8IfIbjU3cXlYaszLGd2FmWQrpmBHK43Ud4rTvFo9QK55nDywdUPyr3UjnDktKAW7rMsyQ8BLdlIhvbcRGFHYCDEL80_M51kvKjZhZH8iV&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=O51feMmid3SWHkEb_lo0AuIohqudJ5LDgE4QQd3ZlW30lHNJ2VP7792ExPb0gjXStudPrlChdJXvxBykLlCQL1BwZbyXg2QsXxLTYWSq4W1B4TbX1zcGXJnxj8yiYoUnvK7YxQkIJwlBSND7MUj9z3vYomeh-eNeG-pdmAA8IfIbjU3cXlYaszLGd2FmWQrpmBHK43Ud4rTvFo9QK55nDywdUPyr3UjnDktKAW7rMsyQ8BLdlIhvbcRGFHYCDEL80_M51kvKjZhZH8iV&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=O51feMmid3SWHkEb_lo0AuIohqudJ5LDgE4QQd3ZlW30lHNJ2VP7792ExPb0gjXStudPrlChdJXvxBykLlCQL1BwZbyXg2QsXxLTYWSq4W1B4TbX1zcGXJnxj8yiYoUnvK7YxQkIJwlBSND7MUj9z3vYomeh-eNeG-pdmAA8IfIbjU3cXlYaszLGd2FmWQrpmBHK43Ud4rTvFo9QK55nDywdUPyr3UjnDktKAW7rMsyQ8BLdlIhvbcRGFHYCDEL80_M51kvKjZhZH8iV&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=1&uvs=638d6315ee44f8d2&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
23.38.200.123204 No Content 0 B URL HTTP/2 m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=1&uvs=638d6315ee44f8d2&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
IP 23.38.200.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=1&uvs=638d6315ee44f8d2&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
expires: Mon, 05 Dec 2022 03:27:22 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 03:27:22 GMT
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10285595791_1.jpg%3Fref%3D978FF2CE0D%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=nIHJa9v5NZytEgC8Tx67UOEg&b=400
178.250.0.139200 OK 19 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10285595791_1.jpg%3Fref%3D978FF2CE0D%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=nIHJa9v5NZytEgC8Tx67UOEg&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 374x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 602278ceeef050d522f1db1381af963a
cd92f508e8ad6da5af869304266d0e1e05eea0dc
79635d549fc3397c08031371eed8026c5791145ef9702c1efd8ccc0aa01d976e
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10285595791_1.jpg%3Fref%3D978FF2CE0D%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&v=3&w=400&s=nIHJa9v5NZytEgC8Tx67UOEg&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31079446
expires: Wed, 29 Nov 2023 20:38:08 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 19112
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F21458.jpg%3Fref%3DE551B25C49%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=400&s=Y591FXaTk8-Bva3XCkvY_kRZ&b=400
178.250.0.139200 OK 4.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F21458.jpg%3Fref%3DE551B25C49%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=400&s=Y591FXaTk8-Bva3XCkvY_kRZ&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 242x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b7c4958901781feec321c11ee7552bce
30268f7778cf6f803379848545b10353b51fb7e5
fbdff235ff5740c1f5e174f8476e8f74c855da3f4cc60a99e6fede8086a39846
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F21458.jpg%3Fref%3DE551B25C49%26w%3D640%26h%3D914%26cb%3Dd00c3a11acbde76f73e9e9c404840f00&v=3&w=400&s=Y591FXaTk8-Bva3XCkvY_kRZ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31111559
expires: Thu, 30 Nov 2023 05:33:22 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4066
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fnissedal_dunjakke_og_topplia_ullue_barn_1.jpg%3Fref%3DE5F9C94E84%26w%3D640%26h%3D914%26cb%3De80dd9b0ee65c84d3249bd260f3e9754&v=3&w=400&s=D9AE_uYvv1TuXi0dtFSgczrn&b=400
178.250.0.139200 OK 19 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fnissedal_dunjakke_og_topplia_ullue_barn_1.jpg%3Fref%3DE5F9C94E84%26w%3D640%26h%3D914%26cb%3De80dd9b0ee65c84d3249bd260f3e9754&v=3&w=400&s=D9AE_uYvv1TuXi0dtFSgczrn&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b06a96db92243c65177a952a5c9a81d
069f869b8dd535d9490d935896cc733b0085dde8
9ef4ef91328bc0e7d88a84b71af7f11497a0d8c3b8714bcddd6a5cd4368433ac
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fnissedal_dunjakke_og_topplia_ullue_barn_1.jpg%3Fref%3DE5F9C94E84%26w%3D640%26h%3D914%26cb%3De80dd9b0ee65c84d3249bd260f3e9754&v=3&w=400&s=D9AE_uYvv1TuXi0dtFSgczrn&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31297627
expires: Sat, 02 Dec 2023 09:14:29 GMT
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 18812
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10942795008_1.jpg%3Fref%3D0206A177E6%26w%3D640%26h%3D914%26cb%3De80dd9b0ee65c84d3249bd260f3e9754&v=3&w=400&s=HJHTCpPBzsBQjWR4GrdbYgjp&b=400
178.250.0.139200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10942795008_1.jpg%3Fref%3D0206A177E6%26w%3D640%26h%3D914%26cb%3De80dd9b0ee65c84d3249bd260f3e9754&v=3&w=400&s=HJHTCpPBzsBQjWR4GrdbYgjp&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 283x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 37917909accee02449e0a8640c60e91c
4bd47cd9ba36c82d9347f9573401ee9a22a014ae
55ffc62561c9a242e913955a091ea76cb04e4f9b0c43ad306d58ce18f14a5a55
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10942795008_1.jpg%3Fref%3D0206A177E6%26w%3D640%26h%3D914%26cb%3De80dd9b0ee65c84d3249bd260f3e9754&v=3&w=400&s=HJHTCpPBzsBQjWR4GrdbYgjp&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31079609
expires: Wed, 29 Nov 2023 20:40:51 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 9968
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10364160013_10pk.jpg%3Fref%3D87FF40C646%26w%3D640%26h%3D914%26cb%3D3d695d4e27073e1588dd24b2f5904d8e&v=3&w=400&s=W3FJogUvVmKGxxScZjM46gG1&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10364160013_10pk.jpg%3Fref%3D87FF40C646%26w%3D640%26h%3D914%26cb%3D3d695d4e27073e1588dd24b2f5904d8e&v=3&w=400&s=W3FJogUvVmKGxxScZjM46gG1&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 280x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eed72afa39cbd9862fcc7342e36c4454
6f70dceeee4752e64fbe5660b99b3317b076a17b
25292fea87bcdb457120e374a16c33a6fb4358aa4783c0a65be94657b480363f
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10364160013_10pk.jpg%3Fref%3D87FF40C646%26w%3D640%26h%3D914%26cb%3D3d695d4e27073e1588dd24b2f5904d8e&v=3&w=400&s=W3FJogUvVmKGxxScZjM46gG1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31079430
expires: Wed, 29 Nov 2023 20:37:53 GMT
date: Mon, 05 Dec 2022 03:27:21 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13484
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fgilde-turmat-biffgryte-500g-no026019.jpg%3Fref%3DBBFF0C730E%26w%3D640%26h%3D914%26cb%3D6851ba0e443a5863398953fd8783961c&v=3&w=400&s=Ecb4Hr2TYRvcUlxC6AaXcn5n&b=400
178.250.0.139200 OK 19 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fgilde-turmat-biffgryte-500g-no026019.jpg%3Fref%3DBBFF0C730E%26w%3D640%26h%3D914%26cb%3D6851ba0e443a5863398953fd8783961c&v=3&w=400&s=Ecb4Hr2TYRvcUlxC6AaXcn5n&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 336x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 58e722ff310580c40b227fc54e5a7006
6675eac6730d1dec56708c62fa6c4de20deb4c04
93803e44a278ab3c14bf3deecfb35435789056054663baeb85c7eda3118af842
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fgilde-turmat-biffgryte-500g-no026019.jpg%3Fref%3DBBFF0C730E%26w%3D640%26h%3D914%26cb%3D6851ba0e443a5863398953fd8783961c&v=3&w=400&s=Ecb4Hr2TYRvcUlxC6AaXcn5n&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31130668
expires: Thu, 30 Nov 2023 10:51:51 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 18588
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10198690022_1.jpg%3Fref%3DAC0CCE7285%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=BPmIo1qi72WcJ7E4UNpAuGyd&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10198690022_1.jpg%3Fref%3DAC0CCE7285%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=BPmIo1qi72WcJ7E4UNpAuGyd&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 216x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a052b46694ce5995693e38080ceb7cf0
5a676fae7d386713647760b0a9399f2ab5e3273f
8d175c45cf80fb4ec5dea51a984b0a052617d25602578c7e8ac6a54129bce711
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10198690022_1.jpg%3Fref%3DAC0CCE7285%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=BPmIo1qi72WcJ7E4UNpAuGyd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31079574
expires: Wed, 29 Nov 2023 20:40:16 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13078
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=360&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=P706VZ9Cssk-uBTsoQlbVQpR
178.250.0.139200 OK 5.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=360&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=P706VZ9Cssk-uBTsoQlbVQpR
IP 178.250.0.139:0
File type PNG image data, 196 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash c4629332e9ccf173a343c7af6f410673
525fd4a52468c13cc6f893468f4f4c1ed970d490
4e42791249590b18368971ae82944bfcec4ba471ca0d1a91c47e185d7aa8a42d
GET /img/img?h=360&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=196&s=P706VZ9Cssk-uBTsoQlbVQpR HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30686239
expires: Sat, 25 Nov 2023 07:24:42 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5473
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10138090001_1.jpg%3Fref%3D1ACCED61AC%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=Oisis7MNTWYmliGW6yta7aft&b=400
178.250.0.139200 OK 4.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10138090001_1.jpg%3Fref%3D1ACCED61AC%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=Oisis7MNTWYmliGW6yta7aft&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x385, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d3bc3f5e42e38a8a9de7238dc1218f69
da5da1ddda0a6935abf87440966d85c275a85f1e
f63bcbb66d0b248b9a362ff97f8b7756dd88223c7be0b127e1ca2d1061c5a9de
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10138090001_1.jpg%3Fref%3D1ACCED61AC%26w%3D640%26h%3D914%26cb%3Dcae9b0664bba52b0ae03cd36f40ae8ff&v=3&w=400&s=Oisis7MNTWYmliGW6yta7aft&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31298014
expires: Sat, 02 Dec 2023 09:20:57 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4360
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://dusunmekvepaylasmak.blogspot.com/search/label/sava%C5%9F%20%C3%A7%C4%B1kar%20m%C4%B1
last-modified: Mon, 05 Dec 2022 03:00:00 GMT
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 05 Dec 2022 03:27:22 GMT
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 10 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1740)
Hash 83219fdf846d9d10d627e23d0982ae2d
3802c4bd4bb5b85ad3edf002c2871dbd13e1aedb
2cf33e9ff4eaaa59941df43eb1956bf505768a4cca86b341fc4143862e976470
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Thu, 30 Nov 2023 03:27:21 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 5.8 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
File type ASCII text, with very long lines (12706), with no line terminators
Hash 8d87c4a19fd7827f1e70fbd057836f8c
55a1fd1ade37d1b5a7bae5d934e8002953b94ff7
4ef77ab7e87a647dec7ba4d28a6724891da588f158b391502d4681a1d03e228c
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Thu, 30 Nov 2023 03:27:21 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1&callback=_ate.cbs.rcb_9sm10
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1&callback=_ate.cbs.rcb_9sm10
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 6578fc39e8340f16577bade708b0c1ea
4103198ca0c81a0cc9783c762b5bffda5dd7ec08
5f6463ee2134954e97e11224e56d88473e43121b3fc17a35ab3a8f2e00eeae73
GET /url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fsava%25C5%259F%2520%25C3%25A7%25C4%25B1kar%2520m%25C4%25B1&callback=_ate.cbs.rcb_9sm10 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/sava%c5%9f%20%c3%a7%c4%b1kar%20m%c4%b1
last-modified: Mon, 05 Dec 2022 03:27:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Mon, 05 Dec 2022 03:27:22 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/151.67aec2e0546e639563bb.js
23.38.200.123200 OK 815 B URL HTTP/2 s7.addthis.com/static/151.67aec2e0546e639563bb.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (1679), with no line terminators
Hash 8c45a93a76f9e93cb7fe7a8dce9e1dbf
6604f1a4e77d07d55298cecc9c93e0e22e73a616
aa24ec471544fe8d4f18d29ba153a281c809ace19fcd29cdbaac9ed4c2254d92
GET /static/151.67aec2e0546e639563bb.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-68f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 815
date: Mon, 05 Dec 2022 03:27:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7WzWQAAnYNiAgIAAAC_oV1-pfcQ9BAZZY1j3efP3XFA-j-eHo0AEgMB&wp=Y41lGgAHOR0Km42MAAdulDN0pl5wYqlH8_koow
178.250.2.129200 OK 0 B URL HTTP/2 rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7WzWQAAnYNiAgIAAAC_oV1-pfcQ9BAZZY1j3efP3XFA-j-eHo0AEgMB&wp=Y41lGgAHOR0Km42MAAdulDN0pl5wYqlH8_koow
IP 178.250.2.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kLnPC7WzWQAAnYNiAgIAAAC_oV1-pfcQ9BAZZY1j3efP3XFA-j-eHo0AEgMB&wp=Y41lGgAHOR0Km42MAAdulDN0pl5wYqlH8_koow HTTP/1.1
Host: rtb.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 259802
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&ups=1&v=3&w=800&s=FQ2pF18N1eqmQc9QvJ6k6ily
178.250.0.139200 OK 37 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&ups=1&v=3&w=800&s=FQ2pF18N1eqmQc9QvJ6k6ily
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 560x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2d1a91968b407566ae9371331e901a6d
72c9f920cf29364686b038791951e57a4e710bb8
e47c19c5fbb121bcdee4bc5bfbeba5feb019fed73ca91161b56ed55d17bb9527
GET /img/img?c=3&cq=256&h=800&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2F10971197608_4.jpg%3Fref%3DB0F2D1B836%26w%3D640%26h%3D914%26cb%3D7981c8bf03559fccd2e2d03e4f776243&ups=1&v=3&w=800&s=FQ2pF18N1eqmQc9QvJ6k6ily HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31122931
expires: Thu, 30 Nov 2023 08:42:54 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 37228
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
q.addthis.com/feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0
23.38.200.123200 OK 67 B URL HTTP/2 q.addthis.com/feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c6791512135509ec6dd306203d09476c
e6ea311e67849b7d8d5e5d6692e11cb988d6ad7a
e051890e4ff2c7b299923692470a2e02268124b6d9b5128ec9cc4868773437fa
GET /feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0 HTTP/1.1
Host: q.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript;charset=UTF-8
surrogate-key: ra-58e226eb29c11f6c
cache-tag: ra-58e226eb29c11f6c
cache-control: max-age=0, s-maxage=3600
last-modified: Mon, 05 Dec 2022 03:18:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 67
date: Mon, 05 Dec 2022 03:27:23 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=TUHNrMmid3SWHkEb7cUGRXbF44M86Cdy2h5hHxhuddqs4Vy4Q1RDJ7_watPIi7W9FzPbr9uJDaRSkVHoHCIOFQysQpZFcmr_lKjYywprJodhvPtPMvv75RN3aZSqumsW4ASQczu6B7d_NsnThPWcmPbgMMy4ANdcd-ohGQgFI0zkxxOTszBrkI09VE8G-o9M0gTaNQEg386E_8z7d6Uxf96pXVLBqmO-vy19hrrCjOoVdJB-vQi_UCNdGEJAK8DXapwbPg&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=TUHNrMmid3SWHkEb7cUGRXbF44M86Cdy2h5hHxhuddqs4Vy4Q1RDJ7_watPIi7W9FzPbr9uJDaRSkVHoHCIOFQysQpZFcmr_lKjYywprJodhvPtPMvv75RN3aZSqumsW4ASQczu6B7d_NsnThPWcmPbgMMy4ANdcd-ohGQgFI0zkxxOTszBrkI09VE8G-o9M0gTaNQEg386E_8z7d6Uxf96pXVLBqmO-vy19hrrCjOoVdJB-vQi_UCNdGEJAK8DXapwbPg&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=TUHNrMmid3SWHkEb7cUGRXbF44M86Cdy2h5hHxhuddqs4Vy4Q1RDJ7_watPIi7W9FzPbr9uJDaRSkVHoHCIOFQysQpZFcmr_lKjYywprJodhvPtPMvv75RN3aZSqumsW4ASQczu6B7d_NsnThPWcmPbgMMy4ANdcd-ohGQgFI0zkxxOTszBrkI09VE8G-o9M0gTaNQEg386E_8z7d6Uxf96pXVLBqmO-vy19hrrCjOoVdJB-vQi_UCNdGEJAK8DXapwbPg&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/js/rum.js
142.250.74.130200 OK 23 kB URL HTTP/2 securepubads.g.doubleclick.net/pagead/js/rum.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (2630)
Hash 386bf13e36d0ef9668428e339e3523e1
8a7f261b30687603b07e5bff14c386f6840f3069
1d78c761e78c16e5a5ceb3a722231b5e2a688df8163fd7c083f10d14b33cc290
GET /pagead/js/rum.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Cookie: IDE=AHWqTUlccNBi2aEByfFYcRocQifmAiooXh3uvO9jNU7uP3bP0QMeAApkMPR1eNs0v3Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 23357
x-xss-protection: 0
date: Mon, 05 Dec 2022 03:12:26 GMT
expires: Mon, 05 Dec 2022 04:12:26 GMT
cache-control: public, max-age=3600
age: 897
etag: 901223051904315509
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=ASiUe0E0WZqWxyMVg5Lt2Rq--Bjj8718D-bU86Nim8cmGjtfLOh7KIgX3oAvyDdV21HS2gqiOIKYTWqSrJP9NLLbSf5BcWUZ2xKi5QoozpfkJVlml7P2VRxc3-nTo6mfp8_QeCPSkOyeADayVWW_aoZg_lnz26VejrZtiEOeSvGmxVFX6SXKXc02hsEiH-iCtYHxrwDnCSrUlC0ljAxUJ4Quedk5Ex7_pcYILi8mYBrYPcUQ9EddbBYn7uZDQHNghBLHhqKG-Z8OarDqW0aqNkQl1QYmNiw7LIRam6S6sVIjNTA7DStF6ccPxKjPg5BwjxyDJpyZBazRqvAadu519qKfWbASvHC16-9ca8krAToyGHRx3YIbH4qunGvuo4M8kYG6K8pU5O888hTeSGMDh58ccWAvanCxsPFtBcTEDt9Rp_zPXlmOUHOVSSaF3GuW_n-h5bIJ1yHhzLnkzIoNBl1bQPEYLhqwp7z2yv3NTVizS8lWrUFXTtrDdiFTDc95-CPPpCSjuvibMariwJLmZhbNsjc&z=Y41lGgAHOR0Km42MAAdulDN0pl5wYqlH8_koow
178.250.2.148200 OK 74 B URL HTTP/2 cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=ASiUe0E0WZqWxyMVg5Lt2Rq--Bjj8718D-bU86Nim8cmGjtfLOh7KIgX3oAvyDdV21HS2gqiOIKYTWqSrJP9NLLbSf5BcWUZ2xKi5QoozpfkJVlml7P2VRxc3-nTo6mfp8_QeCPSkOyeADayVWW_aoZg_lnz26VejrZtiEOeSvGmxVFX6SXKXc02hsEiH-iCtYHxrwDnCSrUlC0ljAxUJ4Quedk5Ex7_pcYILi8mYBrYPcUQ9EddbBYn7uZDQHNghBLHhqKG-Z8OarDqW0aqNkQl1QYmNiw7LIRam6S6sVIjNTA7DStF6ccPxKjPg5BwjxyDJpyZBazRqvAadu519qKfWbASvHC16-9ca8krAToyGHRx3YIbH4qunGvuo4M8kYG6K8pU5O888hTeSGMDh58ccWAvanCxsPFtBcTEDt9Rp_zPXlmOUHOVSSaF3GuW_n-h5bIJ1yHhzLnkzIoNBl1bQPEYLhqwp7z2yv3NTVizS8lWrUFXTtrDdiFTDc95-CPPpCSjuvibMariwJLmZhbNsjc&z=Y41lGgAHOR0Km42MAAdulDN0pl5wYqlH8_koow
IP 178.250.2.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3bbc4cb7b383ac3f5445aa69b4905fad
f2680be0e18b7ecbdc089cad174818b015a1fdc5
7985af12d93d4ce0484cc36a53a954ace33629fdaa0354f5bfa39031edecf45b
GET /delivery/lgn.php?cppv=3&cpp=ASiUe0E0WZqWxyMVg5Lt2Rq--Bjj8718D-bU86Nim8cmGjtfLOh7KIgX3oAvyDdV21HS2gqiOIKYTWqSrJP9NLLbSf5BcWUZ2xKi5QoozpfkJVlml7P2VRxc3-nTo6mfp8_QeCPSkOyeADayVWW_aoZg_lnz26VejrZtiEOeSvGmxVFX6SXKXc02hsEiH-iCtYHxrwDnCSrUlC0ljAxUJ4Quedk5Ex7_pcYILi8mYBrYPcUQ9EddbBYn7uZDQHNghBLHhqKG-Z8OarDqW0aqNkQl1QYmNiw7LIRam6S6sVIjNTA7DStF6ccPxKjPg5BwjxyDJpyZBazRqvAadu519qKfWbASvHC16-9ca8krAToyGHRx3YIbH4qunGvuo4M8kYG6K8pU5O888hTeSGMDh58ccWAvanCxsPFtBcTEDt9Rp_zPXlmOUHOVSSaF3GuW_n-h5bIJ1yHhzLnkzIoNBl1bQPEYLhqwp7z2yv3NTVizS8lWrUFXTtrDdiFTDc95-CPPpCSjuvibMariwJLmZhbNsjc&z=Y41lGgAHOR0Km42MAAdulDN0pl5wYqlH8_koow HTTP/1.1
Host: cat.nl.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:22 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2796975
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWawC2ASdg2ICAgAAALQtmre-JuykEBpljWOJzhZMHZ0tOMc9HQASAAA&wp=Y41lGwAAas8Kms0UAAMPYSKHHOFVaCo0NMKBbA
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kLnPC7OzWawC2ASdg2ICAgAAALQtmre-JuykEBpljWOJzhZMHZ0tOMc9HQASAAA&wp=Y41lGwAAas8Kms0UAAMPYSKHHOFVaCo0NMKBbA
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kLnPC7OzWawC2ASdg2ICAgAAALQtmre-JuykEBpljWOJzhZMHZ0tOMc9HQASAAA&wp=Y41lGwAAas8Kms0UAAMPYSKHHOFVaCo0NMKBbA HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 233930
date: Mon, 05 Dec 2022 03:27:23 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=O51feMmid3SWHkEb_lo0AuIohqudJ5LDgE4QQd3ZlW30lHNJ2VP7792ExPb0gjXStudPrlChdJXvxBykLlCQL1BwZbyXg2QsXxLTYWSq4W1B4TbX1zcGXJnxj8yiYoUnvK7YxQkIJwlBSND7MUj9z3vYomeh-eNeG-pdmAA8IfIbjU3cXlYaszLGd2FmWQrpmBHK43Ud4rTvFo9QK55nDywdUPyr3UjnDktKAW7rMsyQ8BLdlIhvbcRGFHYCDEL80_M51kvKjZhZH8iV&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=O51feMmid3SWHkEb_lo0AuIohqudJ5LDgE4QQd3ZlW30lHNJ2VP7792ExPb0gjXStudPrlChdJXvxBykLlCQL1BwZbyXg2QsXxLTYWSq4W1B4TbX1zcGXJnxj8yiYoUnvK7YxQkIJwlBSND7MUj9z3vYomeh-eNeG-pdmAA8IfIbjU3cXlYaszLGd2FmWQrpmBHK43Ud4rTvFo9QK55nDywdUPyr3UjnDktKAW7rMsyQ8BLdlIhvbcRGFHYCDEL80_M51kvKjZhZH8iV&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=O51feMmid3SWHkEb_lo0AuIohqudJ5LDgE4QQd3ZlW30lHNJ2VP7792ExPb0gjXStudPrlChdJXvxBykLlCQL1BwZbyXg2QsXxLTYWSq4W1B4TbX1zcGXJnxj8yiYoUnvK7YxQkIJwlBSND7MUj9z3vYomeh-eNeG-pdmAA8IfIbjU3cXlYaszLGd2FmWQrpmBHK43Ud4rTvFo9QK55nDywdUPyr3UjnDktKAW7rMsyQ8BLdlIhvbcRGFHYCDEL80_M51kvKjZhZH8iV&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fnew-classic-neon-tape-stor.jpg%3Fref%3D808D7A5048%26w%3D640%26h%3D914%26cb%3Dde4cd4689772736fd242255fdbed7527&v=3&w=400&s=1w_wnE2xignHgyQXkuRENkMy&b=400
178.250.0.139200 OK 7.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fnew-classic-neon-tape-stor.jpg%3Fref%3D808D7A5048%26w%3D640%26h%3D914%26cb%3Dde4cd4689772736fd242255fdbed7527&v=3&w=400&s=1w_wnE2xignHgyQXkuRENkMy&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 365x282, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2dec483defa2f5bd3001a8d8a054da9
aa416a5889c301769da95591a5abdcc2454e8f51
46d9560ee5d23ebb84fac8a9b7d90ef365e5022c756696e61cca31c7b59dc1e2
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fnew-classic-neon-tape-stor.jpg%3Fref%3D808D7A5048%26w%3D640%26h%3D914%26cb%3Dde4cd4689772736fd242255fdbed7527&v=3&w=400&s=1w_wnE2xignHgyQXkuRENkMy&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31388995
expires: Sun, 03 Dec 2023 10:37:18 GMT
date: Mon, 05 Dec 2022 03:27:23 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7720
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=z7jnjCuLxbOzHLJ8Iptuoa5F_GSlZ0FV1UGOq3k5yapiulmwDzTC7ExOtdZY6KPFbkDyiuHZ1KUXlKnEfMxeRlBZ0wm880aWFpOswI4b2k4DogtLhYfAqFqgfYj_1rBIocUmBLzNrleCYmoRYiMaWZoC2SeMe1YKL-n_zxj9qCdySvsCT5QlwR-d58MOxrOYR1w5Ra-lWlYrI7F-lXfLdOkBvneUH3_2oNGH_-0Ga-4smshSlwsXEiHmYTB1IHae9K8WKBrdoaM_nlipYOoeJ7Vat41qF5YdYo65QJez2YGXCsjtIy-MsWUvPvtExtZm7QijcMvDkgBj9obAJjyb_kH5LXFtxTz5e8PJPuwIqa8mWB2DGHfVE_nEAUU5EeMvaiLv7ng_nD18FwB1yHPwYvyJIQWebQo7PhbwyuRxseQI4Iu2
178.250.0.160200 OK 11 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=z7jnjCuLxbOzHLJ8Iptuoa5F_GSlZ0FV1UGOq3k5yapiulmwDzTC7ExOtdZY6KPFbkDyiuHZ1KUXlKnEfMxeRlBZ0wm880aWFpOswI4b2k4DogtLhYfAqFqgfYj_1rBIocUmBLzNrleCYmoRYiMaWZoC2SeMe1YKL-n_zxj9qCdySvsCT5QlwR-d58MOxrOYR1w5Ra-lWlYrI7F-lXfLdOkBvneUH3_2oNGH_-0Ga-4smshSlwsXEiHmYTB1IHae9K8WKBrdoaM_nlipYOoeJ7Vat41qF5YdYo65QJez2YGXCsjtIy-MsWUvPvtExtZm7QijcMvDkgBj9obAJjyb_kH5LXFtxTz5e8PJPuwIqa8mWB2DGHfVE_nEAUU5EeMvaiLv7ng_nD18FwB1yHPwYvyJIQWebQo7PhbwyuRxseQI4Iu2
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 03ae7a2ca57a10d3073a6f93ca2f0e63
c4e99815958b4440c9d47143995701f6aac18ca9
2b4a2a79de438b922d3f4962eab472b8000fc95698e64442dce81d160387c40c
GET /delivery/lg.php?cppv=3&cpp=z7jnjCuLxbOzHLJ8Iptuoa5F_GSlZ0FV1UGOq3k5yapiulmwDzTC7ExOtdZY6KPFbkDyiuHZ1KUXlKnEfMxeRlBZ0wm880aWFpOswI4b2k4DogtLhYfAqFqgfYj_1rBIocUmBLzNrleCYmoRYiMaWZoC2SeMe1YKL-n_zxj9qCdySvsCT5QlwR-d58MOxrOYR1w5Ra-lWlYrI7F-lXfLdOkBvneUH3_2oNGH_-0Ga-4smshSlwsXEiHmYTB1IHae9K8WKBrdoaM_nlipYOoeJ7Vat41qF5YdYo65QJez2YGXCsjtIy-MsWUvPvtExtZm7QijcMvDkgBj9obAJjyb_kH5LXFtxTz5e8PJPuwIqa8mWB2DGHfVE_nEAUU5EeMvaiLv7ng_nD18FwB1yHPwYvyJIQWebQo7PhbwyuRxseQI4Iu2 HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:23 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3471081
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=596&s=ZMyCyv20k0BcWZzOX1ZKijJE
178.250.0.139200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=596&s=ZMyCyv20k0BcWZzOX1ZKijJE
IP 178.250.0.139:0
File type PNG image data, 498 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash b4851d76e05e49c0867bb6d2be540e81
f413ed69eab81ecb8f91701ffc9b7353972f3127
dbe17c87815b2f0d2edf215dcc1b483aa1c6d4e071a94079999a887eba28afbc
GET /img/img?h=104&m=0&partner=37478&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F38356%2F180503%2Fd6f8e0942e444bd499149d6c84be7ac5_logo1.png&v=3&w=596&s=ZMyCyv20k0BcWZzOX1ZKijJE HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30686238
expires: Sat, 25 Nov 2023 07:24:42 GMT
date: Mon, 05 Dec 2022 03:27:22 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15094
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fkattetoalett-savic-gizmo-bla.jpg%3Fref%3D634ED46F28%26w%3D640%26h%3D914%26cb%3Dc66e2a405d1ac22a4592de1586ef54f7&v=3&w=400&s=tyLPzhYe5oRUoRPXr1P34NZu&b=400
178.250.0.139200 OK 4.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fkattetoalett-savic-gizmo-bla.jpg%3Fref%3D634ED46F28%26w%3D640%26h%3D914%26cb%3Dc66e2a405d1ac22a4592de1586ef54f7&v=3&w=400&s=tyLPzhYe5oRUoRPXr1P34NZu&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x253, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5762315f62b2fd280850f0ecb52c22ba
87561500a6835d130e9a53832afe8dc844c5a55b
eeb4a51712dc9c68f9522bac67516bb326a1df004fbfd96d31548f6d02d36175
GET /img/img?c=3&cq=256&h=400&m=0&partner=37478&q=80&r=0&u=https%3A%2F%2Fwww.stormberg.com%2Fglobalassets%2Fproductimages%2Fkattetoalett-savic-gizmo-bla.jpg%3Fref%3D634ED46F28%26w%3D640%26h%3D914%26cb%3Dc66e2a405d1ac22a4592de1586ef54f7&v=3&w=400&s=tyLPzhYe5oRUoRPXr1P34NZu&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31196055
expires: Fri, 01 Dec 2023 05:01:38 GMT
date: Mon, 05 Dec 2022 03:27:23 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4846
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~lba8esro&e=21060101&ctx=2&gqid=GmWNY_eYHIGSiM0PqZWiuA8&qqid=CJ3n3J_E4fsCFYyNmwodlG4HXw&met.4=fb.7c~lb.bv~ol.jb~bdt.-3rj~bpp.-3bz~idt.-e~dtd.0~dt.-3c1&met.3=733.cd~742.cd~748.e2_1~739.fl_1~738.is_3~749.iv_g~736.jx_2~735.ka_3~113.rf_7~112.re_8&met.1=1.lba8es09~6.0~7.0~8.0~9.0~10.0~11.0~12.1h~13.65~14.6b~15.6h~16.fc~17.fk~18.fm~19.io~20.io~21.jb~23.a0&met.7=CBsQBxgBIIQCKIQCML8CODs~CBwQChgBIIUCKIUCMLgCODNorAJwtgJ4-AuAAeIFiAGRDLABAbgBAw~CB4QChgBIIYCKIYCMLYCODBohgJwrwKAAdQJiAGBFbABAbgBAQ~CBwQChgBIIYCKIYCMLgCODJohgJwsQKAAaI6iAH4jAGwAQG4AQE~CBsQChgBIIYCKIYCMMoCOEQ~CAkQChgBIIYCKIYCMNECOEtosgJwywJ46k-AAdRJiAH6ugGwAQG4AQM~CCoQChgBIIcCKIcCMLkCODI~CBsQBhgBIIcCKIcCMNUCOE4~CBsQAiD2AjjaAQ~CBsQBiCYAzj4AQ~CCEQBhgBIJkDKJkDML8DOCZoqANwvgN4iAWwAQG4AQM~CBsQBiCZAzi1AQ~CCEQBhgBIJsDKJsDMMEDOCZoqgNwwQN4iAWwAQG4AQM~CBsQBhgBIKoDKKoDMMIDOBg~CCgQChgBIL4FKL4FMLAGOHJAzQVI7gVQ7wVYmAZg-QVomAZwrwZ49bwBgAG9tgGIAefuA7ABAbgBAw~CAUQCBgBMOMBOLgFaDVw3AF4gbsBgAGetgGIAaawBLABAbgBAw
173.194.196.94204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~lba8esro&e=21060101&ctx=2&gqid=GmWNY_eYHIGSiM0PqZWiuA8&qqid=CJ3n3J_E4fsCFYyNmwodlG4HXw&met.4=fb.7c~lb.bv~ol.jb~bdt.-3rj~bpp.-3bz~idt.-e~dtd.0~dt.-3c1&met.3=733.cd~742.cd~748.e2_1~739.fl_1~738.is_3~749.iv_g~736.jx_2~735.ka_3~113.rf_7~112.re_8&met.1=1.lba8es09~6.0~7.0~8.0~9.0~10.0~11.0~12.1h~13.65~14.6b~15.6h~16.fc~17.fk~18.fm~19.io~20.io~21.jb~23.a0&met.7=CBsQBxgBIIQCKIQCML8CODs~CBwQChgBIIUCKIUCMLgCODNorAJwtgJ4-AuAAeIFiAGRDLABAbgBAw~CB4QChgBIIYCKIYCMLYCODBohgJwrwKAAdQJiAGBFbABAbgBAQ~CBwQChgBIIYCKIYCMLgCODJohgJwsQKAAaI6iAH4jAGwAQG4AQE~CBsQChgBIIYCKIYCMMoCOEQ~CAkQChgBIIYCKIYCMNECOEtosgJwywJ46k-AAdRJiAH6ugGwAQG4AQM~CCoQChgBIIcCKIcCMLkCODI~CBsQBhgBIIcCKIcCMNUCOE4~CBsQAiD2AjjaAQ~CBsQBiCYAzj4AQ~CCEQBhgBIJkDKJkDML8DOCZoqANwvgN4iAWwAQG4AQM~CBsQBiCZAzi1AQ~CCEQBhgBIJsDKJsDMMEDOCZoqgNwwQN4iAWwAQG4AQM~CBsQBhgBIKoDKKoDMMIDOBg~CCgQChgBIL4FKL4FMLAGOHJAzQVI7gVQ7wVYmAZg-QVomAZwrwZ49bwBgAG9tgGIAefuA7ABAbgBAw~CAUQCBgBMOMBOLgFaDVw3AF4gbsBgAGetgGIAaawBLABAbgBAw
IP 173.194.196.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=pagead&action=csi_pagead&puid=1~lba8esro&e=21060101&ctx=2&gqid=GmWNY_eYHIGSiM0PqZWiuA8&qqid=CJ3n3J_E4fsCFYyNmwodlG4HXw&met.4=fb.7c~lb.bv~ol.jb~bdt.-3rj~bpp.-3bz~idt.-e~dtd.0~dt.-3c1&met.3=733.cd~742.cd~748.e2_1~739.fl_1~738.is_3~749.iv_g~736.jx_2~735.ka_3~113.rf_7~112.re_8&met.1=1.lba8es09~6.0~7.0~8.0~9.0~10.0~11.0~12.1h~13.65~14.6b~15.6h~16.fc~17.fk~18.fm~19.io~20.io~21.jb~23.a0&met.7=CBsQBxgBIIQCKIQCML8CODs~CBwQChgBIIUCKIUCMLgCODNorAJwtgJ4-AuAAeIFiAGRDLABAbgBAw~CB4QChgBIIYCKIYCMLYCODBohgJwrwKAAdQJiAGBFbABAbgBAQ~CBwQChgBIIYCKIYCMLgCODJohgJwsQKAAaI6iAH4jAGwAQG4AQE~CBsQChgBIIYCKIYCMMoCOEQ~CAkQChgBIIYCKIYCMNECOEtosgJwywJ46k-AAdRJiAH6ugGwAQG4AQM~CCoQChgBIIcCKIcCMLkCODI~CBsQBhgBIIcCKIcCMNUCOE4~CBsQAiD2AjjaAQ~CBsQBiCYAzj4AQ~CCEQBhgBIJkDKJkDML8DOCZoqANwvgN4iAWwAQG4AQM~CBsQBiCZAzi1AQ~CCEQBhgBIJsDKJsDMMEDOCZoqgNwwQN4iAWwAQG4AQM~CBsQBhgBIKoDKKoDMMIDOBg~CCgQChgBIL4FKL4FMLAGOHJAzQVI7gVQ7wVYmAZg-QVomAZwrwZ49bwBgAG9tgGIAefuA7ABAbgBAw~CAUQCBgBMOMBOLgFaDVw3AF4gbsBgAGetgGIAaawBLABAbgBAw HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Mon, 05 Dec 2022 03:27:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Dec 2022 03:27:24 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash aa12d758d302ab37e60a29d1ff43ddba
8b0176b8023e7664d5a1bdef4c01d87dc835e34e
2d913a5936a41fbd55603b3e1fd9102f560760a93e46c94a314450779c9c4834
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1031
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 03:27:24 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=iSdsvcmid3SWHkEbWvZAqwRNMBRkLS70wnpSMwQIM3HyAQoVjx3qsTXR3u2Q_uSoX6Z8yUeMsa4gkc0MfDAoMYbD0_BVYhswXtjstR1C62OKEaUtrMe2nyH23NBfYiB59v_80wA4pJ4uYjDB-HNMn4U5clZFau7SKW1_52DITSbOM9NMrcVK11MIkEJgrSuYF30mbHwFx42dNYkVVkw1pAKCofLr8YwV6ap2twCViDsgaXWuCYWKJtTdZ7USXHNgR-5QuA&sds=2&rev=83599&sendBeacon=true
178.250.2.150200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=iSdsvcmid3SWHkEbWvZAqwRNMBRkLS70wnpSMwQIM3HyAQoVjx3qsTXR3u2Q_uSoX6Z8yUeMsa4gkc0MfDAoMYbD0_BVYhswXtjstR1C62OKEaUtrMe2nyH23NBfYiB59v_80wA4pJ4uYjDB-HNMn4U5clZFau7SKW1_52DITSbOM9NMrcVK11MIkEJgrSuYF30mbHwFx42dNYkVVkw1pAKCofLr8YwV6ap2twCViDsgaXWuCYWKJtTdZ7USXHNgR-5QuA&sds=2&rev=83599&sendBeacon=true
IP 178.250.2.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=iSdsvcmid3SWHkEbWvZAqwRNMBRkLS70wnpSMwQIM3HyAQoVjx3qsTXR3u2Q_uSoX6Z8yUeMsa4gkc0MfDAoMYbD0_BVYhswXtjstR1C62OKEaUtrMe2nyH23NBfYiB59v_80wA4pJ4uYjDB-HNMn4U5clZFau7SKW1_52DITSbOM9NMrcVK11MIkEJgrSuYF30mbHwFx42dNYkVVkw1pAKCofLr8YwV6ap2twCViDsgaXWuCYWKJtTdZ7USXHNgR-5QuA&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:23 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:27:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1990567275.1670210325&jid=789407011&_u=QACAAUAAAAAAACAAI~&z=768564673
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1990567275.1670210325&jid=789407011&_u=QACAAUAAAAAAACAAI~&z=768564673
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=1990567275.1670210325&jid=789407011&_u=QACAAUAAAAAAACAAI~&z=768564673 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 03:27:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Es1RHyuLxbOzHLJ8Iptuoa5F_GTaeJRYfxKPuIbQxq0BXEFR9Zz_SlTf93_ex86I5mo1U_FJvwigMtQkaPuJm1OR6BCoLj9MPF3XHSqUJV2G9ZYvDnZajl-9JoUXNw3G37ZRRuM2P186oYShwqnExXkmjKoXJMaJgDNsWqLWntONOHacpmGKyYEYynsBiI7KKvpfbJYZOEIQWxorPhTipYQ-Gl7b9Oc8f33eXFKuTOGh7o7TUl9jGAgd7yP-rolFWhYWYkBSp3BGYw3jJ9j7tnNCD5dpPnbGT0ItfoILFNjL-TaETRwb_17ySbXJNGs7Thtj6AkvjmkpQ3WlPlfMcMI1LT89NGg9EHrTM7l0oTMk9qaGOcGwjAK3VhGYnDgenWB439RHxoi4UZMN0JTRfH906r8zl3svqaaswPmcw0oikzJ1NxpBnOr-ZdX3GJ9Zon5lsQ
178.250.0.160200 OK 3.8 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Es1RHyuLxbOzHLJ8Iptuoa5F_GTaeJRYfxKPuIbQxq0BXEFR9Zz_SlTf93_ex86I5mo1U_FJvwigMtQkaPuJm1OR6BCoLj9MPF3XHSqUJV2G9ZYvDnZajl-9JoUXNw3G37ZRRuM2P186oYShwqnExXkmjKoXJMaJgDNsWqLWntONOHacpmGKyYEYynsBiI7KKvpfbJYZOEIQWxorPhTipYQ-Gl7b9Oc8f33eXFKuTOGh7o7TUl9jGAgd7yP-rolFWhYWYkBSp3BGYw3jJ9j7tnNCD5dpPnbGT0ItfoILFNjL-TaETRwb_17ySbXJNGs7Thtj6AkvjmkpQ3WlPlfMcMI1LT89NGg9EHrTM7l0oTMk9qaGOcGwjAK3VhGYnDgenWB439RHxoi4UZMN0JTRfH906r8zl3svqaaswPmcw0oikzJ1NxpBnOr-ZdX3GJ9Zon5lsQ
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 850311ac38f78176974b3ac9a453525a
126945cbb6042cc40cf63ee5b63f750a577cd6f2
dd47046e8e09f3a6f6a731c7585935d35d30d580a956e3455d0f70ab826c6a4f
GET /delivery/lg.php?cppv=3&cpp=Es1RHyuLxbOzHLJ8Iptuoa5F_GTaeJRYfxKPuIbQxq0BXEFR9Zz_SlTf93_ex86I5mo1U_FJvwigMtQkaPuJm1OR6BCoLj9MPF3XHSqUJV2G9ZYvDnZajl-9JoUXNw3G37ZRRuM2P186oYShwqnExXkmjKoXJMaJgDNsWqLWntONOHacpmGKyYEYynsBiI7KKvpfbJYZOEIQWxorPhTipYQ-Gl7b9Oc8f33eXFKuTOGh7o7TUl9jGAgd7yP-rolFWhYWYkBSp3BGYw3jJ9j7tnNCD5dpPnbGT0ItfoILFNjL-TaETRwb_17ySbXJNGs7Thtj6AkvjmkpQ3WlPlfMcMI1LT89NGg9EHrTM7l0oTMk9qaGOcGwjAK3VhGYnDgenWB439RHxoi4UZMN0JTRfH906r8zl3svqaaswPmcw0oikzJ1NxpBnOr-ZdX3GJ9Zon5lsQ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:22 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3279171
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y41lGwAAas8Kms0UAAMPYSKHHOFVaCo0NMKBbA&u=%7CeTB6b8fid6bAuEhmAROfE6M%2FX9rujDEXsyMEH%2B9CUwE%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6qsL6Xc-Nj9XhTTAdqTq0uSo4v5KQ3Hb5jMOLi2q0VsIwVkXo3Rz0hUd0P_CF7yya67MY7KLr_FhtAFlGF4Ac7cxNlBD_-F0kuk69LhlpC2RKrCWCpjdh9TIf2d-lQJWdOKM81sv0s1y1ugy1ILS8K5VAkmOkJnPryggrYmUAAjQdVJR5NizvLayhDvMeXYg2T9-AT89sZBC95-X7cUJxFBDJTudCq9FqIKy0EuLg7jRMRxvGtwHOq5XIPIOul_BmWFmCfHn5Xgva55_N02rcfSOOfg3hJwBK3nq-ptxNr8Qi4tUNjd2SQ8LYrhAAvlkIsxpTWhPOLoolJqc5wPYAJe39RaHcZE-ShR6KuPydZwoBO_jT-Y7b2JzQHT77mmxB-eUVLv1A6IpX5u7WTILkcjC6AEuFzrmmQO1lXL1m613tNuzXQ0gOOJV39A-WNXEaZu3l0wu086L10FjmZ7fNUVpsyWbPt2zzmPZGVBvhTLqrvKAuoL_X5qCLpUxDxDQcsWW__ZG2648XhezLW5LcSqiaRgKQiVIK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4COsG2WNY8_VAZSa6wThnowYyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEv7Qal6yxPqgDAaoEowJP0NUPZ8_thKBhESsxwvPgymmlQuJjk9TKSQP7Xv3qqNB3YvQtLZdCeY9maQ9_5h8AKMVOYLUYnyCd-NCP8VlUlmGI_5osI7NZzUeBlqc3hPnJ-e_1Nn2K_pT2lRUfxMvyYdaHoc5bXrrNLC683Qx11BA5oj4MmnghUo1cmw0ETpKfMko5AhDp4DHmTSTksJI9b6isDO9bfKFVd6dZpexIdA4qdP33NdlofBVHj6JuZctYXcx3XLpeT4m6wzlFGzeysOJc2z7UEpWQPzWFkyo049Q7G8yBs9z7dp-JcJZmHTJmXahU2YgPqeg5Qw7mFEqK4nWr5TqvQxpcjTCwxuwSXbaiHriRmftsx9vTNgLW2YDsio_2XMQAGwVcZ0ukkn4vKhiABriZt5b0-Iiu0wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1grnBomQykzu10uB6D0CW3arT1Yw%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 85 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y41lGwAAas8Kms0UAAMPYSKHHOFVaCo0NMKBbA&u=%7CeTB6b8fid6bAuEhmAROfE6M%2FX9rujDEXsyMEH%2B9CUwE%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6qsL6Xc-Nj9XhTTAdqTq0uSo4v5KQ3Hb5jMOLi2q0VsIwVkXo3Rz0hUd0P_CF7yya67MY7KLr_FhtAFlGF4Ac7cxNlBD_-F0kuk69LhlpC2RKrCWCpjdh9TIf2d-lQJWdOKM81sv0s1y1ugy1ILS8K5VAkmOkJnPryggrYmUAAjQdVJR5NizvLayhDvMeXYg2T9-AT89sZBC95-X7cUJxFBDJTudCq9FqIKy0EuLg7jRMRxvGtwHOq5XIPIOul_BmWFmCfHn5Xgva55_N02rcfSOOfg3hJwBK3nq-ptxNr8Qi4tUNjd2SQ8LYrhAAvlkIsxpTWhPOLoolJqc5wPYAJe39RaHcZE-ShR6KuPydZwoBO_jT-Y7b2JzQHT77mmxB-eUVLv1A6IpX5u7WTILkcjC6AEuFzrmmQO1lXL1m613tNuzXQ0gOOJV39A-WNXEaZu3l0wu086L10FjmZ7fNUVpsyWbPt2zzmPZGVBvhTLqrvKAuoL_X5qCLpUxDxDQcsWW__ZG2648XhezLW5LcSqiaRgKQiVIK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4COsG2WNY8_VAZSa6wThnowYyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEv7Qal6yxPqgDAaoEowJP0NUPZ8_thKBhESsxwvPgymmlQuJjk9TKSQP7Xv3qqNB3YvQtLZdCeY9maQ9_5h8AKMVOYLUYnyCd-NCP8VlUlmGI_5osI7NZzUeBlqc3hPnJ-e_1Nn2K_pT2lRUfxMvyYdaHoc5bXrrNLC683Qx11BA5oj4MmnghUo1cmw0ETpKfMko5AhDp4DHmTSTksJI9b6isDO9bfKFVd6dZpexIdA4qdP33NdlofBVHj6JuZctYXcx3XLpeT4m6wzlFGzeysOJc2z7UEpWQPzWFkyo049Q7G8yBs9z7dp-JcJZmHTJmXahU2YgPqeg5Qw7mFEqK4nWr5TqvQxpcjTCwxuwSXbaiHriRmftsx9vTNgLW2YDsio_2XMQAGwVcZ0ukkn4vKhiABriZt5b0-Iiu0wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1grnBomQykzu10uB6D0CW3arT1Yw%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15915), with CRLF, LF line terminators
Hash c744f5b1c873d46ef6d5e0385d0d4e7f
8fbcd898079b9aed452f2ad1fe334f6d46307dbb
606800b3df72a04ada1906a9ff566c4235306c354a8ca1550686cba27a094ef5
GET /delivery/r/afr.php?z=Y41lGwAAas8Kms0UAAMPYSKHHOFVaCo0NMKBbA&u=%7CeTB6b8fid6bAuEhmAROfE6M%2FX9rujDEXsyMEH%2B9CUwE%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6qsL6Xc-Nj9XhTTAdqTq0uSo4v5KQ3Hb5jMOLi2q0VsIwVkXo3Rz0hUd0P_CF7yya67MY7KLr_FhtAFlGF4Ac7cxNlBD_-F0kuk69LhlpC2RKrCWCpjdh9TIf2d-lQJWdOKM81sv0s1y1ugy1ILS8K5VAkmOkJnPryggrYmUAAjQdVJR5NizvLayhDvMeXYg2T9-AT89sZBC95-X7cUJxFBDJTudCq9FqIKy0EuLg7jRMRxvGtwHOq5XIPIOul_BmWFmCfHn5Xgva55_N02rcfSOOfg3hJwBK3nq-ptxNr8Qi4tUNjd2SQ8LYrhAAvlkIsxpTWhPOLoolJqc5wPYAJe39RaHcZE-ShR6KuPydZwoBO_jT-Y7b2JzQHT77mmxB-eUVLv1A6IpX5u7WTILkcjC6AEuFzrmmQO1lXL1m613tNuzXQ0gOOJV39A-WNXEaZu3l0wu086L10FjmZ7fNUVpsyWbPt2zzmPZGVBvhTLqrvKAuoL_X5qCLpUxDxDQcsWW__ZG2648XhezLW5LcSqiaRgKQiVIK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4COsG2WNY8_VAZSa6wThnowYyZ7SsVzVnZH3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEv7Qal6yxPqgDAaoEowJP0NUPZ8_thKBhESsxwvPgymmlQuJjk9TKSQP7Xv3qqNB3YvQtLZdCeY9maQ9_5h8AKMVOYLUYnyCd-NCP8VlUlmGI_5osI7NZzUeBlqc3hPnJ-e_1Nn2K_pT2lRUfxMvyYdaHoc5bXrrNLC683Qx11BA5oj4MmnghUo1cmw0ETpKfMko5AhDp4DHmTSTksJI9b6isDO9bfKFVd6dZpexIdA4qdP33NdlofBVHj6JuZctYXcx3XLpeT4m6wzlFGzeysOJc2z7UEpWQPzWFkyo049Q7G8yBs9z7dp-JcJZmHTJmXahU2YgPqeg5Qw7mFEqK4nWr5TqvQxpcjTCwxuwSXbaiHriRmftsx9vTNgLW2YDsio_2XMQAGwVcZ0ukkn4vKhiABriZt5b0-Iiu0wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1grnBomQykzu10uB6D0CW3arT1Yw%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:23 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=iSdsvcmid3SWHkEbWvZAqwRNMBRkLS70wnpSMwQIM3HyAQoVjx3qsTXR3u2Q_uSoX6Z8yUeMsa4gkc0MfDAoMYbD0_BVYhswXtjstR1C62OKEaUtrMe2nyH23NBfYiB59v_80wA4pJ4uYjDB-HNMn4U5clZFau7SKW1_52DITSbOM9NMrcVK11MIkEJgrSuYF30mbHwFx42dNYkVVkw1pAKCofLr8YwV6ap2twCViDsgaXWuCYWKJtTdZ7USXHNgR-5QuA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 81926383
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Thu, 30 Nov 2023 03:27:21 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
4.bp.blogspot.com/-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png
142.250.74.161404 Not Found 0 B URL HTTP/2 4.bp.blogspot.com/-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png
IP 142.250.74.161:0
GET /-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 03:27:17 GMT
server: fife
content-length: 1742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y41lFwABXi4KGL_CAABiQtr4OSs_qQA9ecvglw&u=%7ChLd1%2FQgIWQVjYOaRWhKnq5fPjgVuCM99YweI%2FDM2DCQ%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiA8oAgUDjoKrPrQfSxveGcR-9zwa9X07qvkJCfVMA3Wap-1jXF31yG2vZJuOlPDH7Hf7Fu7bkgQ_ss6CvbqD7qVbr0eqjbDmkj7J75TpIDqExjnfZ_4TynNYGOrw6GGowzoR8OLDlR9MsnSVxiZjoYXwa91gFpWASkxjnJfVCF9yBzKcVfZEpIATwHbncSsUoC9W6djZrXjDigXhdBMWMBZTox7b8A1KC8DWO_e1Py16s2Tc8oStZvGUucSETMB3cg9UyRqydibyAs9gPjgqm9rioLE_M_c2FPCulGRqRH-JAS1QMlGFIu2AMEYtYmcFyemBXJ1HtCtmoOTtmQMnYATzFfBpaDCH5otUaRJfkM5hrtBxscUrs8-zxJ9Vqnav-MuOpWz5zXUxn-gphnUCemD4-fCxalntbtzRqwveN2c-oWBdnSJ1_zUurVMlf8GahimxfhB45Makwxdh2Ot8HU7ICKo802H49eaLW6o7bNGNz7RFLad8RcUtm2ORsPIRZVEd7sAW0892QqeHctRPHmM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJfQF2WNY668BcL_YsLEgagByZ7SsVyVopf3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEv7Qal6yxPqgDAaoEngJP0MirVhQ6GUxcGkw67ZkGT65nr6lxjYUKkFawhBpyUfOK0QZpIFqS9oLwWEOS2WogKDeDfap8PPJo3AKVmPE0WIzEyTtVKjIDilhNsQ7b5jWoW5qKpmnnOAQTTUlj_jmoPtOfKTknBMyaOwzRcqDqNHojOl9kzos1jI5eKWNyck6Kkq1lzt9xrf9_AapNGa7B_hI3YPm2Dyt7n3rPrZSFrApfCbevVxaCbQC0PSw5tEaMbhHupwDDbxwFNPHhDnvQehqzEyreSx6qtsCAzpkaRxwCrflg1aPXouraE8g8QzcYeY8O3kGPul-nN-v3EJEcBX6KGiZf3-SZ_JUuNOl2GgHNATtnJlOaPLoNRSg2Ha5cOZKNpTDhCYMHa1tggAa4mbeW9PiIrtMBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2oePySmoJo1SgNwsHy0OGtW1puKw%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y41lFwABXi4KGL_CAABiQtr4OSs_qQA9ecvglw&u=%7ChLd1%2FQgIWQVjYOaRWhKnq5fPjgVuCM99YweI%2FDM2DCQ%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiA8oAgUDjoKrPrQfSxveGcR-9zwa9X07qvkJCfVMA3Wap-1jXF31yG2vZJuOlPDH7Hf7Fu7bkgQ_ss6CvbqD7qVbr0eqjbDmkj7J75TpIDqExjnfZ_4TynNYGOrw6GGowzoR8OLDlR9MsnSVxiZjoYXwa91gFpWASkxjnJfVCF9yBzKcVfZEpIATwHbncSsUoC9W6djZrXjDigXhdBMWMBZTox7b8A1KC8DWO_e1Py16s2Tc8oStZvGUucSETMB3cg9UyRqydibyAs9gPjgqm9rioLE_M_c2FPCulGRqRH-JAS1QMlGFIu2AMEYtYmcFyemBXJ1HtCtmoOTtmQMnYATzFfBpaDCH5otUaRJfkM5hrtBxscUrs8-zxJ9Vqnav-MuOpWz5zXUxn-gphnUCemD4-fCxalntbtzRqwveN2c-oWBdnSJ1_zUurVMlf8GahimxfhB45Makwxdh2Ot8HU7ICKo802H49eaLW6o7bNGNz7RFLad8RcUtm2ORsPIRZVEd7sAW0892QqeHctRPHmM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJfQF2WNY668BcL_YsLEgagByZ7SsVyVopf3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEv7Qal6yxPqgDAaoEngJP0MirVhQ6GUxcGkw67ZkGT65nr6lxjYUKkFawhBpyUfOK0QZpIFqS9oLwWEOS2WogKDeDfap8PPJo3AKVmPE0WIzEyTtVKjIDilhNsQ7b5jWoW5qKpmnnOAQTTUlj_jmoPtOfKTknBMyaOwzRcqDqNHojOl9kzos1jI5eKWNyck6Kkq1lzt9xrf9_AapNGa7B_hI3YPm2Dyt7n3rPrZSFrApfCbevVxaCbQC0PSw5tEaMbhHupwDDbxwFNPHhDnvQehqzEyreSx6qtsCAzpkaRxwCrflg1aPXouraE8g8QzcYeY8O3kGPul-nN-v3EJEcBX6KGiZf3-SZ_JUuNOl2GgHNATtnJlOaPLoNRSg2Ha5cOZKNpTDhCYMHa1tggAa4mbeW9PiIrtMBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2oePySmoJo1SgNwsHy0OGtW1puKw%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y41lFwABXi4KGL_CAABiQtr4OSs_qQA9ecvglw&u=%7ChLd1%2FQgIWQVjYOaRWhKnq5fPjgVuCM99YweI%2FDM2DCQ%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiA8oAgUDjoKrPrQfSxveGcR-9zwa9X07qvkJCfVMA3Wap-1jXF31yG2vZJuOlPDH7Hf7Fu7bkgQ_ss6CvbqD7qVbr0eqjbDmkj7J75TpIDqExjnfZ_4TynNYGOrw6GGowzoR8OLDlR9MsnSVxiZjoYXwa91gFpWASkxjnJfVCF9yBzKcVfZEpIATwHbncSsUoC9W6djZrXjDigXhdBMWMBZTox7b8A1KC8DWO_e1Py16s2Tc8oStZvGUucSETMB3cg9UyRqydibyAs9gPjgqm9rioLE_M_c2FPCulGRqRH-JAS1QMlGFIu2AMEYtYmcFyemBXJ1HtCtmoOTtmQMnYATzFfBpaDCH5otUaRJfkM5hrtBxscUrs8-zxJ9Vqnav-MuOpWz5zXUxn-gphnUCemD4-fCxalntbtzRqwveN2c-oWBdnSJ1_zUurVMlf8GahimxfhB45Makwxdh2Ot8HU7ICKo802H49eaLW6o7bNGNz7RFLad8RcUtm2ORsPIRZVEd7sAW0892QqeHctRPHmM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOJfQF2WNY668BcL_YsLEgagByZ7SsVyVopf3cMCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQJEv7Qal6yxPqgDAaoEngJP0MirVhQ6GUxcGkw67ZkGT65nr6lxjYUKkFawhBpyUfOK0QZpIFqS9oLwWEOS2WogKDeDfap8PPJo3AKVmPE0WIzEyTtVKjIDilhNsQ7b5jWoW5qKpmnnOAQTTUlj_jmoPtOfKTknBMyaOwzRcqDqNHojOl9kzos1jI5eKWNyck6Kkq1lzt9xrf9_AapNGa7B_hI3YPm2Dyt7n3rPrZSFrApfCbevVxaCbQC0PSw5tEaMbhHupwDDbxwFNPHhDnvQehqzEyreSx6qtsCAzpkaRxwCrflg1aPXouraE8g8QzcYeY8O3kGPul-nN-v3EJEcBX6KGiZf3-SZ_JUuNOl2GgHNATtnJlOaPLoNRSg2Ha5cOZKNpTDhCYMHa1tggAa4mbeW9PiIrtMBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2oePySmoJo1SgNwsHy0OGtW1puKw%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=O51feMmid3SWHkEb_lo0AuIohqudJ5LDgE4QQd3ZlW30lHNJ2VP7792ExPb0gjXStudPrlChdJXvxBykLlCQL1BwZbyXg2QsXxLTYWSq4W1B4TbX1zcGXJnxj8yiYoUnvK7YxQkIJwlBSND7MUj9z3vYomeh-eNeG-pdmAA8IfIbjU3cXlYaszLGd2FmWQrpmBHK43Ud4rTvFo9QK55nDywdUPyr3UjnDktKAW7rMsyQ8BLdlIhvbcRGFHYCDEL80_M51kvKjZhZH8iV"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 63411529
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:27:21 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Thu, 30 Nov 2023 03:27:21 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y41lGgAAqZoKmqdBAAZwPzZ0XtQc-Q80SGkuXg&u=%7CdNMOiQjvAS0btcjM73Ckxm%2BspvWUL6n8LXW%2Fx6hlPyk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAPbm-rooFeUocRf6mlZU6E1Ybmp-w9jgVxZNJR8udxFBVkmFjee5KYnFUDakciXkSfrQjRYkpCMHPRWOnWoVwSRbXVNcfFwIkq5EgjJ6IlhmLlPtsje-2YCGxzlHB-j6KQ0T8lNYO4cyNPODucX4tn0RZHmRx_hCBJDlXeFmlR_FAi_3Rq4r9fSBiTOpWp61A5zkwWOnrzIHYxm-ZIS_YmTmjS6CtdPfNbdjcxWr72oPSGyZQkVTA05ecwKD5_19_CBtx6NYzDUVdJNfhBeyTa20A8N1-NLWYTPn6yvQljTmqeojRIhVjyba6Ly59RAv0HexgndD9lV-TaLWYaNy0_0shVVYSvLCYpRxvrB-WZUenU2cEWKV35autifqo-dRfZMrowmjlmg4s8K5-iVrOkjhIAnyV3-Fuwo_hTxMXvMbXxv8OmaRLBAurHUiw9M72pNL8s-2rp8y3GMC077k302WQM6MJHeAkMMpk5RjFZ0LY4-rrMX_wJARgespJ1c-qcmoNGvRJqnA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsZtaGmWNY5rTAsHO6gS_4JmQCsme0rFcvemV93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ0CT9D_9N1_tZdMD8I2kVa1PY9tFfXQqLkhu8tRVQlufPgDoIOLr8k_Yhr83UzvVO_ripucEjXBxRdl4niTT_Gz9uvpbbt7QT5IFBK5kihG6WcF3iwE_s8HkCpgwjDCMVgIx6GYn6qraSC9tokIDwu7DXgMv_G8vIkPsabWaRw2EsNBEhC-eGgy5woyNiOQRK89MM-wzW64sl6kjTf9WeM7lD2tMCbH7tRCOhyuT9u33axkL9zxxm5JbeSRJkNwXxq_7Vus-Q5uc6rgGZtJH_EeeKBawoEbrED4wUOReE2rZFZj6fwcssiqmdAbHyllFDgCcxMre-nZQIl7RuBQAZYNSHPqa-IyvEMhpopHYGdTSYucSwCI3bcGvRSIMnYngAa4mbeW9PiIrtMBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1DEIVbxLL-XFYWe0VRWm2jMRaq_g%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y41lGgAAqZoKmqdBAAZwPzZ0XtQc-Q80SGkuXg&u=%7CdNMOiQjvAS0btcjM73Ckxm%2BspvWUL6n8LXW%2Fx6hlPyk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAPbm-rooFeUocRf6mlZU6E1Ybmp-w9jgVxZNJR8udxFBVkmFjee5KYnFUDakciXkSfrQjRYkpCMHPRWOnWoVwSRbXVNcfFwIkq5EgjJ6IlhmLlPtsje-2YCGxzlHB-j6KQ0T8lNYO4cyNPODucX4tn0RZHmRx_hCBJDlXeFmlR_FAi_3Rq4r9fSBiTOpWp61A5zkwWOnrzIHYxm-ZIS_YmTmjS6CtdPfNbdjcxWr72oPSGyZQkVTA05ecwKD5_19_CBtx6NYzDUVdJNfhBeyTa20A8N1-NLWYTPn6yvQljTmqeojRIhVjyba6Ly59RAv0HexgndD9lV-TaLWYaNy0_0shVVYSvLCYpRxvrB-WZUenU2cEWKV35autifqo-dRfZMrowmjlmg4s8K5-iVrOkjhIAnyV3-Fuwo_hTxMXvMbXxv8OmaRLBAurHUiw9M72pNL8s-2rp8y3GMC077k302WQM6MJHeAkMMpk5RjFZ0LY4-rrMX_wJARgespJ1c-qcmoNGvRJqnA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsZtaGmWNY5rTAsHO6gS_4JmQCsme0rFcvemV93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ0CT9D_9N1_tZdMD8I2kVa1PY9tFfXQqLkhu8tRVQlufPgDoIOLr8k_Yhr83UzvVO_ripucEjXBxRdl4niTT_Gz9uvpbbt7QT5IFBK5kihG6WcF3iwE_s8HkCpgwjDCMVgIx6GYn6qraSC9tokIDwu7DXgMv_G8vIkPsabWaRw2EsNBEhC-eGgy5woyNiOQRK89MM-wzW64sl6kjTf9WeM7lD2tMCbH7tRCOhyuT9u33axkL9zxxm5JbeSRJkNwXxq_7Vus-Q5uc6rgGZtJH_EeeKBawoEbrED4wUOReE2rZFZj6fwcssiqmdAbHyllFDgCcxMre-nZQIl7RuBQAZYNSHPqa-IyvEMhpopHYGdTSYucSwCI3bcGvRSIMnYngAa4mbeW9PiIrtMBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1DEIVbxLL-XFYWe0VRWm2jMRaq_g%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y41lGgAAqZoKmqdBAAZwPzZ0XtQc-Q80SGkuXg&u=%7CdNMOiQjvAS0btcjM73Ckxm%2BspvWUL6n8LXW%2Fx6hlPyk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAPbm-rooFeUocRf6mlZU6E1Ybmp-w9jgVxZNJR8udxFBVkmFjee5KYnFUDakciXkSfrQjRYkpCMHPRWOnWoVwSRbXVNcfFwIkq5EgjJ6IlhmLlPtsje-2YCGxzlHB-j6KQ0T8lNYO4cyNPODucX4tn0RZHmRx_hCBJDlXeFmlR_FAi_3Rq4r9fSBiTOpWp61A5zkwWOnrzIHYxm-ZIS_YmTmjS6CtdPfNbdjcxWr72oPSGyZQkVTA05ecwKD5_19_CBtx6NYzDUVdJNfhBeyTa20A8N1-NLWYTPn6yvQljTmqeojRIhVjyba6Ly59RAv0HexgndD9lV-TaLWYaNy0_0shVVYSvLCYpRxvrB-WZUenU2cEWKV35autifqo-dRfZMrowmjlmg4s8K5-iVrOkjhIAnyV3-Fuwo_hTxMXvMbXxv8OmaRLBAurHUiw9M72pNL8s-2rp8y3GMC077k302WQM6MJHeAkMMpk5RjFZ0LY4-rrMX_wJARgespJ1c-qcmoNGvRJqnA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsZtaGmWNY5rTAsHO6gS_4JmQCsme0rFcvemV93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ0CT9D_9N1_tZdMD8I2kVa1PY9tFfXQqLkhu8tRVQlufPgDoIOLr8k_Yhr83UzvVO_ripucEjXBxRdl4niTT_Gz9uvpbbt7QT5IFBK5kihG6WcF3iwE_s8HkCpgwjDCMVgIx6GYn6qraSC9tokIDwu7DXgMv_G8vIkPsabWaRw2EsNBEhC-eGgy5woyNiOQRK89MM-wzW64sl6kjTf9WeM7lD2tMCbH7tRCOhyuT9u33axkL9zxxm5JbeSRJkNwXxq_7Vus-Q5uc6rgGZtJH_EeeKBawoEbrED4wUOReE2rZFZj6fwcssiqmdAbHyllFDgCcxMre-nZQIl7RuBQAZYNSHPqa-IyvEMhpopHYGdTSYucSwCI3bcGvRSIMnYngAa4mbeW9PiIrtMBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1DEIVbxLL-XFYWe0VRWm2jMRaq_g%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:27:22 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TUHNrMmid3SWHkEb7cUGRXbF44M86Cdy2h5hHxhuddqs4Vy4Q1RDJ7_watPIi7W9FzPbr9uJDaRSkVHoHCIOFQysQpZFcmr_lKjYywprJodhvPtPMvv75RN3aZSqumsW4ASQczu6B7d_NsnThPWcmPbgMMy4ANdcd-ohGQgFI0zkxxOTszBrkI09VE8G-o9M0gTaNQEg386E_8z7d6Uxf96pXVLBqmO-vy19hrrCjOoVdJB-vQi_UCNdGEJAK8DXapwbPg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 98142781
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2