Overview

URLe.unishoptr.com/p/be/cl/28c2b469-d347-413a-81c6-39a3c5fa16ce/qFadPU8V1IA2_p_l_GPHMf9sIJQ_s_l_qI2cFn_s_l_hNXXrSktM3ZetO8l7umw53cM_s_l_hJFqOrZkypeuaI_s_l_LPTlhKWbK_s_l_RACLO45YR3kbE2SOVhRVqFSc75Z1MDqh_p_l_1DI0NYJTHElMQvUdUfAn6gb5zrXMWomqpbmP_s_l_Ypnf19d2fcUGoPAfIDxW9vAQtplyiiKbL8R1Hg3G0IvLKT08k6pdl_p_l_HNyNiEZcuJI133TaHVWH9CT2cL3YA0_e_q_
IP 195.42.241.247 (United Kingdom)
ASN#51540 Fikri DAL
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-23 16:17:57 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (42)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.sectigo.com (9) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
dpm.demdex.net (3) 204 2018-07-06 04:53:56 UTC 2020-04-29 23:04:31 UTC 3.248.120.148
unilever.demdex.net (2) 68170 2018-09-04 11:14:24 UTC 2020-05-04 22:38:45 UTC 99.81.236.184
rt.visilabs.net (1) 65861 2017-01-03 14:03:58 UTC 2022-11-23 12:26:53 UTC 185.29.195.174
35814f2c-ba6f-70aa-0a4b-54b5d6a01a8e.dengagecdn.com (1) 0 No data No data 13.107.227.53 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 44.238.202.79
api.dataroid.com (5) 151333 2021-11-01 08:17:31 UTC 2022-11-22 11:25:10 UTC 44.193.88.32
static.rtbs.io (1) 0 No data No data 143.204.55.5 Unknown ranking
script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-11-23 12:06:27 UTC 143.204.55.46
core-internal.rtbs.io (5) 0 No data No data 143.204.55.19 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-23 10:22:58 UTC 142.250.74.10
cdn.dataroid.com (3) 267817 2021-06-22 19:40:30 UTC 2022-11-23 10:13:32 UTC 143.204.55.11
12057628.fls.doubleclick.net (1) 0 No data No data 142.250.74.70 Domain (doubleclick.net) ranked at: 2267
adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-11-23 12:22:40 UTC 142.250.74.162
core.rtbs.io (3) 0 No data No data 143.204.55.57 Unknown ranking
cdn.sgmntfy.com (1) 0 2022-06-14 04:56:35 UTC 2022-11-23 11:46:03 UTC 34.149.223.191 Unknown ranking
e.unishoptr.com (1) 0 2022-11-01 12:51:29 UTC 2022-11-12 12:51:46 UTC 195.42.241.247 Unknown ranking
avlsh.visilabs.net (1) 70906 No data No data 13.107.219.53
www.unishopturkiye.com (19) 0 No data No data 52.16.86.106 Unknown ranking
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-23 05:40:48 UTC 142.250.74.164
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-23 12:04:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
vsh.visilabs.net (1) 123161 2015-10-19 15:21:20 UTC 2022-11-23 13:01:10 UTC 185.29.195.172
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-23 05:36:31 UTC 34.102.187.140
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 54.230.111.113
s.visilabs.net (1) 67893 2014-12-31 09:00:19 UTC 2022-11-23 12:26:53 UTC 185.29.195.173
push.dengage.com (1) 70630 2020-04-05 09:48:14 UTC 2022-11-22 07:37:56 UTC 195.42.241.245
geolocation.onetrust.com (1) 802 2018-09-01 13:33:45 UTC 2022-11-23 09:32:00 UTC 104.18.26.85
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-23 05:36:46 UTC 34.117.237.239
adservice.google.no (1) 96969 2018-06-19 23:38:38 UTC 2020-05-14 07:59:11 UTC 142.250.74.98
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-11-23 10:12:01 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
cdn.cookielaw.org (11) 502 2014-05-20 23:23:17 UTC 2022-11-23 06:37:55 UTC 104.16.148.64
pcdn.dengage.com (1) 60655 2021-03-05 09:12:16 UTC 2022-11-22 09:17:27 UTC 13.107.227.53
event.dengage.com (1) 73924 2020-11-15 11:43:01 UTC 2022-11-16 12:09:03 UTC 195.42.242.247
per2.segmentify.com (3) 90645 2021-08-25 09:41:50 UTC 2022-11-21 19:39:48 UTC 95.214.74.46
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
ocsp.sca1b.amazontrust.com (7) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
ocsp.pki.goog (12) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
cdn.segmentify.com (1) 45412 2014-11-29 04:41:53 UTC 2022-11-23 11:46:03 UTC 34.120.65.227
lgr.visilabs.net (1) 65410 2017-01-03 14:03:58 UTC 2022-11-23 12:26:53 UTC 185.29.195.171
ocsp.digicert.com (7) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-23 2 sgmntfy.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 195.42.241.247
Date UQ / IDS / BL URL IP
2023-01-27 21:36:25 +0000 0 - 0 - 1 ct.network.com.tr/p/be/cl/1e6e0562-16c4-4afc- (...) 195.42.241.247
2022-11-23 16:17:57 +0000 0 - 0 - 1 e.unishoptr.com/p/be/cl/28c2b469-d347-413a-81 (...) 195.42.241.247


Last 5 reports on ASN: Fikri DAL
Date UQ / IDS / BL URL IP
2023-01-27 21:36:25 +0000 0 - 0 - 1 ct.network.com.tr/p/be/cl/1e6e0562-16c4-4afc- (...) 195.42.241.247
2023-01-27 12:38:34 +0000 0 - 0 - 3 46.31.148.75/ 46.31.148.75
2022-12-21 07:50:09 +0000 0 - 0 - 2 176.43.128.199/ 176.43.128.199
2022-11-23 16:17:57 +0000 0 - 0 - 1 e.unishoptr.com/p/be/cl/28c2b469-d347-413a-81 (...) 195.42.241.247
2022-09-15 16:08:04 +0000 0 - 0 - 1 erimti.com/userfiles/file/68645288587.pdf 185.198.197.125


Last 1 reports on domain: unishoptr.com
Date UQ / IDS / BL URL IP
2022-11-23 16:17:57 +0000 0 - 0 - 1 e.unishoptr.com/p/be/cl/28c2b469-d347-413a-81 (...) 195.42.241.247


Last 2 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-13 07:32:37 +0000 0 - 0 - 2 www.unishopturkiye.com/search/rinso 54.217.33.93
2022-12-13 07:32:09 +0000 0 - 0 - 1 www.unishopturkiye.com/search/domestos 54.246.242.59

JavaScript

Executed Scripts (43)

Executed Evals (12)
#1 JavaScript::Eval (size: 15595) - SHA256: a6ea689f7d9dad611f9b9128b7a88274629505eea048bdc0bfcf03552fec5d36
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var J = function(C) {
            return C
        },
        p = this || self,
        l = function(C, O) {
            if (!(C = (O = p.trustedTypes, null), O) || !O.createPolicy) return C;
            try {
                C = O.createPolicy("bg", {
                    createHTML: J,
                    createScript: J,
                    createScriptURL: J
                })
            } catch (v) {
                p.console && p.console.error(v.message)
            }
            return C
        };
    (0, eval)(function(C, O) {
        return (O = l()) && 1 === C.eval(O.createScript("1")) ? function(v) {
            return O.createScript(v)
        } : function(v) {
            return "" + v
        }
    }(p)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var A=function(C,O,J,p,L,v){if(C.C==C)for(L=w(C,J),9==J?(J=function(l,z,I,b){if(I=(b=L.length,(b|0)-4>>3),L.Fl!=I){I=(I<<3)-(z=[0,0,v[1],v[L.Fl=I,2]],4);try{L.G7=C8(z,Oc(I,L),Oc((I|0)+4,L))}catch(t){throw t;}}L.push(L.G7[b&7]^l)},v=w(C,498)):J=function(l){L.push(l)},p&&J(p&255),C=O.length,p=0;p<C;p++)J(O[p])},e=function(C,O){O.K.splice(0,0,C)},v_=function(C,O){return O=O.create().shift(),C.D.create().length||C.U.create().length||(C.D=void 0,C.U=void 0),O},Jx=function(C,O,J,p){for(p=(J=H(O),0);0<C;C--)p=p<<8|K(O);V(J,O,p)},n=function(C,O,J,p){for(p=(J=(O|0)-1,[]);0<=J;J--)p[(O|0)-1-(J|0)]=C>>8*J&255;return p},lo=function(C,O,J,p,L,v){function l(){if(p.C==p){if(p.X){var z=[Y,O,C,void 0,L,v,arguments];if(2==J)var I=W(p,(e(z,p),false),false);else if(1==J){var b=!p.K.length;e(z,p),b&&W(p,false,false)}else I=p8(z,p);return I}L&&v&&L.removeEventListener(v,l,G)}}return l},zN=function(C,O){return T[O](T.prototype,{prototype:C,pop:C,call:C,splice:C,floor:C,replace:C,propertyIsEnumerable:C,parent:C,length:C,stack:C,document:C,console:C})},N=function(C,O){for(O=[];C--;)O.push(255*Math.random()|0);return O},W=function(C,O,J,p,L,v){if(C.K.length){C.O=!(C.K3=(C.O&&0(),O),0);try{p=C.j(),C.o=p,C.R=p,C.u=0,v=$c(C,O),L=C.j()-C.o,C.J+=L,L<(J?0:10)||0>=C.S--||(L=Math.floor(L),C.W.push(254>=L?L:254))}finally{C.O=false}return v}},Ic=function(C,O,J,p,L,v){for(J=(L=((p=(O=C[L8]||{},H(C)),O).Xl=H(C),O.v=[],C).C==C?(K(C)|0)-1:1,H(C)),v=0;v<L;v++)O.v.push(H(C));for((O.i=w(C,p),O).C3=w(C,J);L--;)O.v[L]=w(C,O.v[L]);return O},P=function(C,O,J,p,L,v,l,z,I){if(C.C=(C.H+=((I=(l=(L=(O||C.u++,0<C.l&&C.O&&C.K3&&1>=C.P&&!C.D&&!C.B)&&(!O||1<C.Z-J)&&0==document.hidden,(v=4==C.u)||L?C.j():C.R),l)-C.R,z=I>>14,C).N&&(C.N^=z*(I<<2)),z),z||C.C),v||L)C.R=l,C.u=0;if(!L||l-C.o<C.l-(p?255:O?5:2))return false;return C.B=((V(286,(p=(C.Z=J,w(C,O?215:286)),C),C.F),C).K.push([bo,p,O?J+1:J]),E),true},wV=function(C,O){((O.push(C[0]<<24|C[1]<<16|C[2]<<8|C[3]),O).push(C[4]<<24|C[5]<<16|C[6]<<8|C[7]),O).push(C[8]<<24|C[9]<<16|C[10]<<8|C[11])},x=function(C,O,J,p,L,v){if(!J.I){if(3<(C=((0==(p=w(J,((v=void 0,C)&&C[0]===a&&(v=C[2],O=C[1],C=void 0),358)),p.length)&&(L=w(J,215)>>3,p.push(O,L>>8&255,L&255),void 0!=v&&p.push(v&255)),O="",C)&&(C.message&&(O+=C.message),C.stack&&(O+=":"+C.stack)),w(J,430)),C)){J.C=(v=(O=(C-=(O=O.slice(0,(C|0)-3),O.length|0)+3,Ax(O)),J.C),J);try{A(J,n(O.length,2).concat(O),9,9)}finally{J.C=v}}V(430,J,C)}},tx=function(C,O,J,p,L,v){if(!C.Y){C.P++;try{for(p=(v=0,void 0),J=C.F;--O;)try{if((L=void 0,C).D)p=v_(C,C.D);else{if(v=w(C,286),v>=J)break;p=w(C,(L=(V(215,C,v),H(C)),L))}(p&&p[ew]&2048?p(C,O):x([a,21,L],0,C),P)(C,false,O,false)}catch(l){w(C,391)?x(l,22,C):V(391,C,l)}if(!O){if(C.Da){C.P--,tx(C,261929697120);return}x([a,33],0,C)}}catch(l){try{x(l,22,C)}catch(z){m(z,C)}}C.P--}},$c=function(C,O,J,p){for(;C.K.length;){p=(C.B=null,C.K.pop());try{J=p8(p,C)}catch(L){m(L,C)}if(O&&C.B){(O=C.B,O)(function(){W(C,true,true)});break}}return J},B_=function(C,O,J,p){function L(){}return p=H_(C,function(v){L&&(O&&E(O),J=v,L(),L=void 0)},(J=void 0,!!O))[0],{invoke:function(v,l,z,I){function b(){J(function(t){E(function(){v(t)})},z)}if(!l)return l=p(z),v&&v(l),l;J?b():(I=L,L=function(){E((I(),b))})}}},Qz=function(C,O){if(!(O=(C=null,c.trustedTypes),O)||!O.createPolicy)return C;try{C=O.createPolicy("bg",{createHTML:f8,createScript:f8,createScriptURL:f8})}catch(J){c.console&&c.console.error(J.message)}return C},rV=function(C,O,J){if("object"==(O=typeof C,O))if(C){if(C instanceof Array)return"array";if(C instanceof Object)return O;if("[object Window]"==(J=Object.prototype.toString.call(C),J))return"object";if("[object Array]"==J||"number"==typeof C.length&&"undefined"!=typeof C.splice&&"undefined"!=typeof C.propertyIsEnumerable&&!C.propertyIsEnumerable("splice"))return"array";if("[object Function]"==J||"undefined"!=typeof C.call&&"undefined"!=typeof C.propertyIsEnumerable&&!C.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==O&&"undefined"==typeof C.call)return"object";return O},Oc=function(C,O){return O[C]<<24|O[(C|0)+1]<<16|O[(C|0)+2]<<8|O[(C|0)+3]},K8=function(C,O,J,p){A(O,n((p=H((J=H(O),O)),w(O,J)),C),p)},G={passive:true,capture:true},Ax=function(C,O,J,p,L){for(C=C.replace(/\\r\\n/g,"\\n"),O=[],p=L=0;L<C.length;L++)J=C.charCodeAt(L),128>J?O[p++]=J:(2048>J?O[p++]=J>>6|192:(55296==(J&64512)&&L+1<C.length&&56320==(C.charCodeAt(L+1)&64512)?(J=65536+((J&1023)<<10)+(C.charCodeAt(++L)&1023),O[p++]=J>>18|240,O[p++]=J>>12&63|128):O[p++]=J>>12|224,O[p++]=J>>6&63|128),O[p++]=J&63|128);return O},H=function(C,O){if(C.D)return v_(C,C.U);return(O=D(true,C,8),O)&128&&(O^=128,C=D(true,C,2),O=(O<<2)+(C|0)),O},sc=function(C,O,J){if(3==C.length){for(J=0;3>J;J++)O[J]+=C[J];for(J=(C=0,[13,8,13,12,16,5,3,10,15]);9>C;C++)O[3](O,C%3,J[C])}},Vz=function(C,O,J,p,L){J=w(O,(L=H((J=(C&=(p=C&3,4),H(O)),O)),J)),C&&(J=Ax(""+J)),p&&A(O,n(J.length,2),L),A(O,J,L)},TN=function(C,O,J,p,L){for(L=(p=(O.j8=(O.wZ=zN({get:(O.El=(O.NL=O[R],O.c6=Yc,n8),function(){return this.concat()})},O.G),T[O.G](O.wZ,{value:{value:{}}})),0),[]);128>p;p++)L[p]=String.fromCharCode(p);W(O,true,(e(((e([(F((V((V(107,O,(V(443,O,(F(O,40,(V(430,(F(O,35,(F((F(O,(F(O,(V(9,(F(O,(V(265,O,(V(358,O,(F(O,(V(466,(F((F(O,387,(F(O,(F((F(O,(F(O,489,(F(O,((F(O,(F(O,457,(F(O,64,(F(O,261,(F(((F(O,287,(F(O,485,(V((F(O,477,(V(391,(F((F(O,(V(22,(F(O,496,(F(O,(V(498,O,(V(215,(V(286,((O.f3=function(v){this.C=v},O.H=(O.Y=void 0,O.l=0,p=window.performance||{},O.K=[],1),O).X=(O.W=[],O.L=void 0,O.I=false,(O.h=void 0,O).J=(O.K3=(O.S=25,O.D=void 0,false),O.B=null,O.C=O,O.Yx=(O.O=false,[]),(O.Z=8001,O.o=0,O).A=[],0),O.P=0,(O.F=0,O).g=(O.sl=(O.U=void 0,0),[]),O.R=0,O.u=(O.N=void 0,void 0),[]),O.hU=p.timeOrigin||(p.timing||{}).navigationStart||0,O),0),O),0),[0,0,0])),411),function(v,l,z,I,b,t,B,Q,r,Z,q,f){function k(u,S){for(;Z<u;)f|=K(v)<<Z,Z+=8;return f>>=(Z-=u,S=f&(1<<u)-1,u),S}for(Q=(z=(r=(f=Z=(t=H(v),0),(k(3)|0)+1),l=k(5),0),[]),I=0;z<l;z++)B=k(1),Q.push(B),I+=B?0:1;for(q=(z=((I|0)-1).toString(2).length,[]),I=0;I<l;I++)Q[I]||(q[I]=k(z));for(z=0;z<l;z++)Q[z]&&(q[z]=H(v));for(b=[];r--;)b.push(w(v,H(v)));F(v,t,function(u,S,io,d,y){for(io=(d=(S=0,[]),[]);S<l;S++){if(!(y=q[S],Q)[S]){for(;y>=d.length;)d.push(H(u));y=d[y]}io.push(y)}u.U=(u.D=uo(u,b.slice()),uo(u,io))})}),function(v,l){(v=(l=H(v),w(v.C,l)),v[0]).removeEventListener(v[1],v[2],G)})),O),{}),68),function(v){K8(4,v)}),O),230,function(v,l,z,I,b){0!==(l=w(v,(z=(I=w(v,(b=(l=(I=H((z=(b=H(v),H)(v),v)),H(v)),w(v.C,b)),I)),w(v,z)),l)),b)&&(l=lo(l,I,1,v,b,z),b.addEventListener(z,l,G),V(471,v,[b,z,l]))}),O),677),function(v,l,z,I){(I=(l=(z=H(v),K)(v),H)(v),V)(I,v,w(v,z)>>>l)})),417),O,[]),function(v,l){W_((l=w(v,H(v)),l),v.C)})),function(v,l,z,I){!P(v,true,l,false)&&(l=Ic(v),z=l.i,I=l.C3,v.C==v||z==v.f3&&I==v)&&(V(l.Xl,v,z.apply(I,l.v)),v.R=v.j())})),O).xx=0,O),3,function(v){K8(1,v)}),function(v,l,z,I,b){(l=H((b=(z=H(v),H(v)),v)),v.C==v)&&(I=w(v,z),l=w(v,l),b=w(v,b),I[b]=l,373==z&&(v.h=void 0,2==b&&(v.N=D(false,v,32),v.h=void 0)))})),function(v,l,z){(l=H((z=H(v),v)),V)(l,v,""+w(v,z))})),function(v,l,z,I){V((l=w(v,(I=w(v,(l=H((I=H(v),v)),z=H(v),I)),l)),z),v,+(I==l))})),O.gZ=0,347),function(v,l,z,I){V((l=w(v,(I=w((z=(I=H(v),H(v)),v),I),z)),z),v,l+I)}),O).bm=0,112),function(v){Jx(4,v)}),function(v,l,z,I){if(l=v.Yx.pop()){for(z=K(v);0<z;z--)I=H(v),l[I]=v.X[I];v.X=(l[l[358]=v.X[358],430]=v.X[430],l)}else V(286,v,v.F)})),17),function(v,l,z,I,b){for(l=(I=GN((b=H(v),v)),z=0,[]);z<I;z++)l.push(K(v));V(b,v,l)}),O),181,function(v){Vz(4,v)}),376),function(v,l,z,I,b,t){P(v,true,l,false)||(b=Ic(v.C),l=b.Xl,z=b.i,t=b.C3,b=b.v,I=b.length,z=0==I?new t[z]:1==I?new t[z](b[0]):2==I?new t[z](b[0],b[1]):3==I?new t[z](b[0],b[1],b[2]):4==I?new t[z](b[0],b[1],b[2],b[3]):2(),V(l,v,z))}),function(v,l,z,I){V((l=w((z=(I=(l=(z=H(v),H(v)),H)(v),w(v,z)),v),l),I),v,z in l|0)})),O),351,function(v,l,z){V((l=(l=w(v,(l=H(v),z=H(v),l)),rV(l)),z),v,l)}),O),0),252),function(v,l,z){P(v,true,l,false)||(l=H(v),z=H(v),V(z,v,function(I){return eval(I)}(ZC(w(v.C,l)))))}),[])),F(O,244,function(v,l,z,I,b,t){if(!P(v,true,l,true)){if("object"==(v=w((t=(b=(b=(t=(l=H((z=H(v),v)),H(v)),H(v)),l=w(v,l),w(v,b)),w)(v,t),v),z),rV(v))){for(I in z=[],v)z.push(I);v=z}for(z=(t=0<(I=0,t)?t:1,v.length);I<z;I+=t)l(v.slice(I,(I|0)+(t|0)),b)}}),[160,0,0])),504),function(v,l,z){0!=w((z=w(v,(z=H((l=H(v),v)),z)),v),l)&&V(286,v,z)}),O),N(4)),322),function(v,l,z,I,b,t,B){for(B=(t=(z=w(v,(I=(b=H(v),GN)(v),l="",484)),z).length,0);I--;)B=((B|0)+(GN(v)|0))%t,l+=L[z[B]];V(b,v,l)}),393),function(v,l,z,I){l=w(v,(I=(z=H((I=(l=H(v),H)(v),v)),w(v,I)),l)),V(z,v,l[I])}),O),442,function(v,l,z,I){(l=(z=H((I=H(v),v)),H(v)),V)(l,v,w(v,I)||w(v,z))}),function(){})),O),2048),function(v){Vz(3,v)})),O)),c)),471),O,0),O),486,function(v,l,z,I,b){V((l=w(v,(z=w(v,(b=H((z=(I=H(v),H(v)),l=H(v),v)),z)),b=w(v,b),l)),I),v,lo(l,z,b,v))}),qs)],O),e)([h,J],O),[Sw,C]),O),true))},Ns=function(C,O,J,p){try{p=C[((O|0)+2)%3],C[O]=(C[O]|0)-(C[((O|0)+1)%3]|0)-(p|0)^(1==O?p<<J:p>>>J)}catch(L){throw L;}},GN=function(C,O){return(O=K(C),O&128)&&(O=O&127|K(C)<<7),O},H_=function(C,O,J,p){return(p=g[C.substring(0,3)+"_"])?p(C.substring(3),O,J):Ec(O,C)},F=function(C,O,J){J[V(O,C,J),qs]=2796},g,V=function(C,O,J){if(286==C||215==C)O.X[C]?O.X[C].concat(J):O.X[C]=uo(O,J);else{if(O.I&&373!=C)return;265==C||9==C||417==C||358==C||498==C?O.X[C]||(O.X[C]=P_(118,C,J,O)):O.X[C]=P_(9,C,J,O)}373==C&&(O.N=D(false,O,32),O.h=void 0)},kc=function(C,O,J){return C.V(function(p){J=p},false,O),J},f8=function(C){return C},Ec=function(C,O){return C(function(J){J(O)}),[function(){return O}]},uo=function(C,O,J){return(J=T[C.G](C.j8),J)[C.G]=function(){return O},J.concat=function(p){O=p},J},C8=function(C,O,J,p,L){for(p=(C=(L=C[2]|0,C)[3]|0,0);14>p;p++)J=J>>>8|J<<24,J+=O|0,J^=L+2298,O=O<<3|O>>>29,C=C>>>8|C<<24,C+=L|0,L=L<<3|L>>>29,C^=p+2298,L^=C,O^=J;return[O>>>24&255,O>>>16&255,O>>>8&255,O>>>0&255,J>>>24&255,J>>>16&255,J>>>8&255,J>>>0&255]},K=function(C){return C.D?v_(C,C.U):D(true,C,8)},W_=function(C,O){(O.Yx.push(O.X.slice()),O.X)[286]=void 0,V(286,O,C)},ac=function(C,O,J,p){return(V(286,C,((p=w(C,286),C.g)&&p<C.F?(V(286,C,C.F),W_(J,C)):V(286,C,J),tx(C,O),p)),w)(C,22)},X,w=function(C,O){if((C=C.X[O],void 0)===C)throw[a,30,O];if(C.value)return C.create();return(C.create(4*O*O+-12*O+4),C).prototype},U=function(C,O,J){J=this;try{TN(O,this,C)}catch(p){m(p,this),O(function(L){L(J.Y)})}},P_=function(C,O,J,p,L,v,l,z){return J=[87,-12,-24,-71,(v=C&7,z=xc,14),-5,J,-72,-32,90],l=T[p.G](p.wZ),l[p.G]=function(I){v+=6+7*C,v&=(L=I,7)},l.concat=function(I){return(I=(I=(I=O%16+1,-224*L+(z()|0)*I-I*L+56*L*L+v+J[v+51&7]*O*I- -672*O*L-224*O*O*L+4*O*O*I),J[I]),L=void 0,J[(v+29&7)+(C&2)]=I,J)[v+(C&2)]=-12,I},l},D=function(C,O,J,p,L,v,l,z,I,b,t,B,Q,r){if(t=w(O,286),t>=O.F)throw[a,31];for(r=(v=(B=0,L=O.NL.length,J),t);0<v;)Q=r>>3,I=r%8,p=8-(I|0),p=p<v?p:v,l=O.g[Q],C&&(b=O,b.h!=r>>6&&(b.h=r>>6,z=w(b,373),b.L=C8([0,0,z[1],z[2]],b.N,b.h)),l^=O.L[Q&L]),B|=(l>>8-(I|0)-(p|0)&(1<<p)-1)<<(v|0)-(p|0),v-=p,r+=p;return V(286,(C=B,O),(t|0)+(J|0)),C},m=function(C,O){O.Y=((O.Y?O.Y+"~":"E:")+C.message+":"+C.stack).slice(0,2048)},c=this||self,E=c.requestIdleCallback?function(C){requestIdleCallback(function(){C()},{timeout:4})}:c.setImmediate?function(C){setImmediate(C)}:function(C){setTimeout(C,0)},p8=function(C,O,J,p,L){if((L=C[0],L)==M)O.S=25,O.s(C);else if(L==R){J=C[1];try{p=O.Y||O.s(C)}catch(v){m(v,O),p=O.Y}J(p)}else if(L==bo)O.s(C);else if(L==h)O.s(C);else if(L==Sw){try{for(p=0;p<O.A.length;p++)try{J=O.A[p],J[0][J[1]](J[2])}catch(v){}}catch(v){}(0,C[1])(function(v,l){O.V(v,true,l)},(O.A=[],function(v){(e((v=!O.K.length,[ew]),O),v)&&W(O,true,false)}))}else{if(L==Y)return p=C[2],V(247,O,C[6]),V(22,O,p),O.s(C);L==ew?(O.g=[],O.W=[],O.X=null):L==qs&&"loading"===c.document.readyState&&(O.B=function(v,l){function z(){l||(l=true,v())}(c.document.addEventListener("DOMContentLoaded",z,(l=false,G)),c).addEventListener("load",z,G)})}},L8=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),bo=[],ew=[],M=(U.prototype.kx=void 0,U.prototype.T="toString",[]),R=[],a=(U.prototype.Da=false,U.prototype.RF=void 0,{}),h=[],Sw=[],qs=[],Y=[],xc=(((wV,function(){})(N),Ns,function(){})(sc),void 0),T=a.constructor,n8=(((((((X=U.prototype,U).prototype.G="create",X.m5=function(C,O,J,p,L){for(L=p=0;L<C.length;L++)p+=C.charCodeAt(L),p+=p<<10,p^=p>>6;return(p=(p+=p<<3,p^=p>>11,C=p+(p<<15)>>>0,new Number(C&(1<<O)-1)),p)[0]=(C>>>O)%J,p},X.V=function(C,O,J,p,L){if((J="array"===rV(J)?J:[J],this).Y)C(this.Y);else try{p=!this.K.length,L=[],e([M,L,J],this),e([R,C,L],this),O&&!p||W(this,O,true)}catch(v){m(v,this),C(this.Y)}},X).aF=function(C,O,J,p,L,v){for(L=v=(p=[],0);L<C.length;L++)for(J=J<<O|C[L],v+=O;7<v;)v-=8,p.push(J>>v&255);return p},X.B6=function(C,O,J){return C^(O^=O<<13,O^=O>>17,(O=(O^O<<5)&J)||(O=1),O)},X).ML=function(){return Math.floor(this.J+(this.j()-this.o))},X.j=(window.performance||{}).now?function(){return this.hU+window.performance.now()}:function(){return+new Date},X).Ul=function(){return Math.floor(this.j())},U).prototype.s=function(C,O){return O=(xc=function(){return C==O?4:-46},C={},{}),function(J,p,L,v,l,z,I,b,t,B,Q,r,Z,q,f){t=C,C=O;try{if(B=J[0],B==h){I=J[1];try{for(f=(L=[],v=atob(I),Z=0);Z<v.length;Z++)p=v.charCodeAt(Z),255<p&&(L[f++]=p&255,p>>=8),L[f++]=p;V(373,this,(this.F=(this.g=L,this.g.length<<3),[0,0,0]))}catch(k){x(k,17,this);return}tx(this,8001)}else if(B==M)J[1].push(w(this,265).length,w(this,417).length,w(this,430),w(this,9).length),V(22,this,J[2]),this.X[101]&&ac(this,8001,w(this,101));else{if(B==R){b=(q=(L=J[2],n((w(this,265).length|0)+2,2)),this.C),this.C=this;try{z=w(this,358),0<z.length&&A(this,n(z.length,2).concat(z),265,10),A(this,n(this.H,1),265,109),A(this,n(this[R].length,1),265),v=0,v+=w(this,466)&2047,r=w(this,9),v-=(w(this,265).length|0)+5,4<r.length&&(v-=(r.length|0)+3),0<v&&A(this,n(v,2).concat(N(v)),265,15),4<r.length&&A(this,n(r.length,2).concat(r),265,156)}finally{this.C=b}if(Q=(((f=N(2).concat(w(this,265)),f)[1]=f[0]^6,f)[3]=f[1]^q[0],f[4]=f[1]^q[1],this).dZ(f))Q="!"+Q;else for(Q="",v=0;v<f.length;v++)l=f[v][this.T](16),1==l.length&&(l="0"+l),Q+=l;return w(this,(V(430,((w(this,(Z=Q,265)).length=L.shift(),w)(this,417).length=L.shift(),this),L.shift()),9)).length=L.shift(),Z}if(B==bo)ac(this,J[2],J[1]);else if(B==Y)return ac(this,8001,J[1])}}finally{C=t}}}(),U.prototype.oF=0,U.prototype).tU=0,/./);U.prototype.dZ=function(C,O,J,p){if(O=window.btoa){for(p=0,J="";p<C.length;p+=8192)J+=String.fromCharCode.apply(null,C.slice(p,p+8192));C=O(J).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else C=void 0;return C};var Yc,jw=(U.prototype[Sw]=[0,0,1,1,0,1,1],h).pop.bind(U.prototype[M]),ZC=((Yc=zN({get:jw},(n8[U.prototype.T]=jw,U.prototype.G)),U).prototype.v6=void 0,function(C,O){return(O=Qz())&&1===C.eval(O.createScript("1"))?function(J){return O.createScript(J)}:function(J){return""+J}}(c));(40<(g=c.botguard||(c.botguard={}),g).m||(g.m=41,g.bg=B_,g.a=H_),g).hDL_=function(C,O,J){return[(J=new U(C,O),function(p){return kc(J,p)})]};}).call(this);'));
}).call(this);
#2 JavaScript::Eval (size: 18821) - SHA256: bab23f4cba86d47872f05f939028101bbc5c6f847ddc442e40b0b653e2f1109b
(function() {
    var A = function(C, O, J, p, L, v) {
            if (C.C == C)
                for (L = w(C, J), 9 == J ? (J = function(l, z, I, b) {
                        if (I = (b = L.length, (b | 0) - 4 >> 3), L.Fl != I) {
                            I = (I << 3) - (z = [0, 0, v[1], v[L.Fl = I, 2]], 4);
                            try {
                                L.G7 = C8(z, Oc(I, L), Oc((I | 0) + 4, L))
                            } catch (t) {
                                throw t;
                            }
                        }
                        L.push(L.G7[b & 7] ^ l)
                    }, v = w(C, 498)) : J = function(l) {
                        L.push(l)
                    }, p && J(p & 255), C = O.length, p = 0; p < C; p++) J(O[p])
        },
        e = function(C, O) {
            O.K.splice(0, 0, C)
        },
        v_ = function(C, O) {
            return O = O.create().shift(), C.D.create().length || C.U.create().length || (C.D = void 0, C.U = void 0), O
        },
        Jx = function(C, O, J, p) {
            for (p = (J = H(O), 0); 0 < C; C--) p = p << 8 | K(O);
            V(J, O, p)
        },
        n = function(C, O, J, p) {
            for (p = (J = (O | 0) - 1, []); 0 <= J; J--) p[(O | 0) - 1 - (J | 0)] = C >> 8 * J & 255;
            return p
        },
        lo = function(C, O, J, p, L, v) {
            function l() {
                if (p.C == p) {
                    if (p.X) {
                        var z = [Y, O, C, void 0, L, v, arguments];
                        if (2 == J) var I = W(p, (e(z, p), false), false);
                        else if (1 == J) {
                            var b = !p.K.length;
                            e(z, p), b && W(p, false, false)
                        } else I = p8(z, p);
                        return I
                    }
                    L && v && L.removeEventListener(v, l, G)
                }
            }
            return l
        },
        zN = function(C, O) {
            return T[O](T.prototype, {
                prototype: C,
                pop: C,
                call: C,
                splice: C,
                floor: C,
                replace: C,
                propertyIsEnumerable: C,
                parent: C,
                length: C,
                stack: C,
                document: C,
                console: C
            })
        },
        N = function(C, O) {
            for (O = []; C--;) O.push(255 * Math.random() | 0);
            return O
        },
        W = function(C, O, J, p, L, v) {
            if (C.K.length) {
                C.O = !(C.K3 = (C.O && 0(), O), 0);
                try {
                    p = C.j(), C.o = p, C.R = p, C.u = 0, v = $c(C, O), L = C.j() - C.o, C.J += L, L < (J ? 0 : 10) || 0 >= C.S-- || (L = Math.floor(L), C.W.push(254 >= L ? L : 254))
                } finally {
                    C.O = false
                }
                return v
            }
        },
        Ic = function(C, O, J, p, L, v) {
            for (J = (L = ((p = (O = C[L8] || {}, H(C)), O).Xl = H(C), O.v = [], C).C == C ? (K(C) | 0) - 1 : 1, H(C)), v = 0; v < L; v++) O.v.push(H(C));
            for ((O.i = w(C, p), O).C3 = w(C, J); L--;) O.v[L] = w(C, O.v[L]);
            return O
        },
        P = function(C, O, J, p, L, v, l, z, I) {
            if (C.C = (C.H += ((I = (l = (L = (O || C.u++, 0 < C.l && C.O && C.K3 && 1 >= C.P && !C.D && !C.B) && (!O || 1 < C.Z - J) && 0 == document.hidden, (v = 4 == C.u) || L ? C.j() : C.R), l) - C.R, z = I >> 14, C).N && (C.N ^= z * (I << 2)), z), z || C.C), v || L) C.R = l, C.u = 0;
            if (!L || l - C.o < C.l - (p ? 255 : O ? 5 : 2)) return false;
            return C.B = ((V(286, (p = (C.Z = J, w(C, O ? 215 : 286)), C), C.F), C).K.push([bo, p, O ? J + 1 : J]), E), true
        },
        wV = function(C, O) {
            ((O.push(C[0] << 24 | C[1] << 16 | C[2] << 8 | C[3]), O).push(C[4] << 24 | C[5] << 16 | C[6] << 8 | C[7]), O).push(C[8] << 24 | C[9] << 16 | C[10] << 8 | C[11])
        },
        x = function(C, O, J, p, L, v) {
            if (!J.I) {
                if (3 < (C = ((0 == (p = w(J, ((v = void 0, C) && C[0] === a && (v = C[2], O = C[1], C = void 0), 358)), p.length) && (L = w(J, 215) >> 3, p.push(O, L >> 8 & 255, L & 255), void 0 != v && p.push(v & 255)), O = "", C) && (C.message && (O += C.message), C.stack && (O += ":" + C.stack)), w(J, 430)), C)) {
                    J.C = (v = (O = (C -= (O = O.slice(0, (C | 0) - 3), O.length | 0) + 3, Ax(O)), J.C), J);
                    try {
                        A(J, n(O.length, 2).concat(O), 9, 9)
                    } finally {
                        J.C = v
                    }
                }
                V(430, J, C)
            }
        },
        tx = function(C, O, J, p, L, v) {
            if (!C.Y) {
                C.P++;
                try {
                    for (p = (v = 0, void 0), J = C.F; --O;) try {
                        if ((L = void 0, C).D) p = v_(C, C.D);
                        else {
                            if (v = w(C, 286), v >= J) break;
                            p = w(C, (L = (V(215, C, v), H(C)), L))
                        }(p && p[ew] & 2048 ? p(C, O) : x([a, 21, L], 0, C), P)(C, false, O, false)
                    } catch (l) {
                        w(C, 391) ? x(l, 22, C) : V(391, C, l)
                    }
                    if (!O) {
                        if (C.Da) {
                            C.P--, tx(C, 261929697120);
                            return
                        }
                        x([a, 33], 0, C)
                    }
                } catch (l) {
                    try {
                        x(l, 22, C)
                    } catch (z) {
                        m(z, C)
                    }
                }
                C.P--
            }
        },
        $c = function(C, O, J, p) {
            for (; C.K.length;) {
                p = (C.B = null, C.K.pop());
                try {
                    J = p8(p, C)
                } catch (L) {
                    m(L, C)
                }
                if (O && C.B) {
                    (O = C.B, O)(function() {
                        W(C, true, true)
                    });
                    break
                }
            }
            return J
        },
        B_ = function(C, O, J, p) {
            function L() {}
            return p = H_(C, function(v) {
                L && (O && E(O), J = v, L(), L = void 0)
            }, (J = void 0, !!O))[0], {
                invoke: function(v, l, z, I) {
                    function b() {
                        J(function(t) {
                            E(function() {
                                v(t)
                            })
                        }, z)
                    }
                    if (!l) return l = p(z), v && v(l), l;
                    J ? b() : (I = L, L = function() {
                        E((I(), b))
                    })
                }
            }
        },
        Qz = function(C, O) {
            if (!(O = (C = null, c.trustedTypes), O) || !O.createPolicy) return C;
            try {
                C = O.createPolicy("bg", {
                    createHTML: f8,
                    createScript: f8,
                    createScriptURL: f8
                })
            } catch (J) {
                c.console && c.console.error(J.message)
            }
            return C
        },
        rV = function(C, O, J) {
            if ("object" == (O = typeof C, O))
                if (C) {
                    if (C instanceof Array) return "array";
                    if (C instanceof Object) return O;
                    if ("[object Window]" == (J = Object.prototype.toString.call(C), J)) return "object";
                    if ("[object Array]" == J || "number" == typeof C.length && "undefined" != typeof C.splice && "undefined" != typeof C.propertyIsEnumerable && !C.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == J || "undefined" != typeof C.call && "undefined" != typeof C.propertyIsEnumerable && !C.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == O && "undefined" == typeof C.call) return "object";
            return O
        },
        Oc = function(C, O) {
            return O[C] << 24 | O[(C | 0) + 1] << 16 | O[(C | 0) + 2] << 8 | O[(C | 0) + 3]
        },
        K8 = function(C, O, J, p) {
            A(O, n((p = H((J = H(O), O)), w(O, J)), C), p)
        },
        G = {
            passive: true,
            capture: true
        },
        Ax = function(C, O, J, p, L) {
            for (C = C.replace(/\r\n/g, "\n"), O = [], p = L = 0; L < C.length; L++) J = C.charCodeAt(L), 128 > J ? O[p++] = J : (2048 > J ? O[p++] = J >> 6 | 192 : (55296 == (J & 64512) && L + 1 < C.length && 56320 == (C.charCodeAt(L + 1) & 64512) ? (J = 65536 + ((J & 1023) << 10) + (C.charCodeAt(++L) & 1023), O[p++] = J >> 18 | 240, O[p++] = J >> 12 & 63 | 128) : O[p++] = J >> 12 | 224, O[p++] = J >> 6 & 63 | 128), O[p++] = J & 63 | 128);
            return O
        },
        H = function(C, O) {
            if (C.D) return v_(C, C.U);
            return (O = D(true, C, 8), O) & 128 && (O ^= 128, C = D(true, C, 2), O = (O << 2) + (C | 0)), O
        },
        sc = function(C, O, J) {
            if (3 == C.length) {
                for (J = 0; 3 > J; J++) O[J] += C[J];
                for (J = (C = 0, [13, 8, 13, 12, 16, 5, 3, 10, 15]); 9 > C; C++) O[3](O, C % 3, J[C])
            }
        },
        Vz = function(C, O, J, p, L) {
            J = w(O, (L = H((J = (C &= (p = C & 3, 4), H(O)), O)), J)), C && (J = Ax("" + J)), p && A(O, n(J.length, 2), L), A(O, J, L)
        },
        TN = function(C, O, J, p, L) {
            for (L = (p = (O.j8 = (O.wZ = zN({get: (O.El = (O.NL = O[R], O.c6 = Yc, n8), function() {
                        return this.concat()
                    })
                }, O.G), T[O.G](O.wZ, {
                    value: {
                        value: {}
                    }
                })), 0), []); 128 > p; p++) L[p] = String.fromCharCode(p);
            W(O, true, (e(((e([(F((V((V(107, O, (V(443, O, (F(O, 40, (V(430, (F(O, 35, (F((F(O, (F(O, (V(9, (F(O, (V(265, O, (V(358, O, (F(O, (V(466, (F((F(O, 387, (F(O, (F((F(O, (F(O, 489, (F(O, ((F(O, (F(O, 457, (F(O, 64, (F(O, 261, (F(((F(O, 287, (F(O, 485, (V((F(O, 477, (V(391, (F((F(O, (V(22, (F(O, 496, (F(O, (V(498, O, (V(215, (V(286, ((O.f3 = function(v) {
                this.C = v
            }, O.H = (O.Y = void 0, O.l = 0, p = window.performance || {}, O.K = [], 1), O).X = (O.W = [], O.L = void 0, O.I = false, (O.h = void 0, O).J = (O.K3 = (O.S = 25, O.D = void 0, false), O.B = null, O.C = O, O.Yx = (O.O = false, []), (O.Z = 8001, O.o = 0, O).A = [], 0), O.P = 0, (O.F = 0, O).g = (O.sl = (O.U = void 0, 0), []), O.R = 0, O.u = (O.N = void 0, void 0), []), O.hU = p.timeOrigin || (p.timing || {}).navigationStart || 0, O), 0), O), 0), [0, 0, 0])), 411), function(v, l, z, I, b, t, B, Q, r, Z, q, f) {
                function k(u, S) {
                    for (; Z < u;) f |= K(v) << Z, Z += 8;
                    return f >>= (Z -= u, S = f & (1 << u) - 1, u), S
                }
                for (Q = (z = (r = (f = Z = (t = H(v), 0), (k(3) | 0) + 1), l = k(5), 0), []), I = 0; z < l; z++) B = k(1), Q.push(B), I += B ? 0 : 1;
                for (q = (z = ((I | 0) - 1).toString(2).length, []), I = 0; I < l; I++) Q[I] || (q[I] = k(z));
                for (z = 0; z < l; z++) Q[z] && (q[z] = H(v));
                for (b = []; r--;) b.push(w(v, H(v)));
                F(v, t, function(u, S, io, d, y) {
                    for (io = (d = (S = 0, []), []); S < l; S++) {
                        if (!(y = q[S], Q)[S]) {
                            for (; y >= d.length;) d.push(H(u));
                            y = d[y]
                        }
                        io.push(y)
                    }
                    u.U = (u.D = uo(u, b.slice()), uo(u, io))
                })
            }), function(v, l) {
                (v = (l = H(v), w(v.C, l)), v[0]).removeEventListener(v[1], v[2], G)
            })), O), {}), 68), function(v) {
                K8(4, v)
            }), O), 230, function(v, l, z, I, b) {
                0 !== (l = w(v, (z = (I = w(v, (b = (l = (I = H((z = (b = H(v), H)(v), v)), H(v)), w(v.C, b)), I)), w(v, z)), l)), b) && (l = lo(l, I, 1, v, b, z), b.addEventListener(z, l, G), V(471, v, [b, z, l]))
            }), O), 677), function(v, l, z, I) {
                (I = (l = (z = H(v), K)(v), H)(v), V)(I, v, w(v, z) >>> l)
            })), 417), O, []), function(v, l) {
                W_((l = w(v, H(v)), l), v.C)
            })), function(v, l, z, I) {
                !P(v, true, l, false) && (l = Ic(v), z = l.i, I = l.C3, v.C == v || z == v.f3 && I == v) && (V(l.Xl, v, z.apply(I, l.v)), v.R = v.j())
            })), O).xx = 0, O), 3, function(v) {
                K8(1, v)
            }), function(v, l, z, I, b) {
                (l = H((b = (z = H(v), H(v)), v)), v.C == v) && (I = w(v, z), l = w(v, l), b = w(v, b), I[b] = l, 373 == z && (v.h = void 0, 2 == b && (v.N = D(false, v, 32), v.h = void 0)))
            })), function(v, l, z) {
                (l = H((z = H(v), v)), V)(l, v, "" + w(v, z))
            })), function(v, l, z, I) {
                V((l = w(v, (I = w(v, (l = H((I = H(v), v)), z = H(v), I)), l)), z), v, +(I == l))
            })), O.gZ = 0, 347), function(v, l, z, I) {
                V((l = w(v, (I = w((z = (I = H(v), H(v)), v), I), z)), z), v, l + I)
            }), O).bm = 0, 112), function(v) {
                Jx(4, v)
            }), function(v, l, z, I) {
                if (l = v.Yx.pop()) {
                    for (z = K(v); 0 < z; z--) I = H(v), l[I] = v.X[I];
                    v.X = (l[l[358] = v.X[358], 430] = v.X[430], l)
                } else V(286, v, v.F)
            })), 17), function(v, l, z, I, b) {
                for (l = (I = GN((b = H(v), v)), z = 0, []); z < I; z++) l.push(K(v));
                V(b, v, l)
            }), O), 181, function(v) {
                Vz(4, v)
            }), 376), function(v, l, z, I, b, t) {
                P(v, true, l, false) || (b = Ic(v.C), l = b.Xl, z = b.i, t = b.C3, b = b.v, I = b.length, z = 0 == I ? new t[z] : 1 == I ? new t[z](b[0]) : 2 == I ? new t[z](b[0], b[1]) : 3 == I ? new t[z](b[0], b[1], b[2]) : 4 == I ? new t[z](b[0], b[1], b[2], b[3]) : 2(), V(l, v, z))
            }), function(v, l, z, I) {
                V((l = w((z = (I = (l = (z = H(v), H(v)), H)(v), w(v, z)), v), l), I), v, z in l | 0)
            })), O), 351, function(v, l, z) {
                V((l = (l = w(v, (l = H(v), z = H(v), l)), rV(l)), z), v, l)
            }), O), 0), 252), function(v, l, z) {
                P(v, true, l, false) || (l = H(v), z = H(v), V(z, v, function(I) {
                    return eval(I)
                }(ZC(w(v.C, l)))))
            }), [])), F(O, 244, function(v, l, z, I, b, t) {
                if (!P(v, true, l, true)) {
                    if ("object" == (v = w((t = (b = (b = (t = (l = H((z = H(v), v)), H(v)), H(v)), l = w(v, l), w(v, b)), w)(v, t), v), z), rV(v))) {
                        for (I in z = [], v) z.push(I);
                        v = z
                    }
                    for (z = (t = 0 < (I = 0, t) ? t : 1, v.length); I < z; I += t) l(v.slice(I, (I | 0) + (t | 0)), b)
                }
            }), [160, 0, 0])), 504), function(v, l, z) {
                0 != w((z = w(v, (z = H((l = H(v), v)), z)), v), l) && V(286, v, z)
            }), O), N(4)), 322), function(v, l, z, I, b, t, B) {
                for (B = (t = (z = w(v, (I = (b = H(v), GN)(v), l = "", 484)), z).length, 0); I--;) B = ((B | 0) + (GN(v) | 0)) % t, l += L[z[B]];
                V(b, v, l)
            }), 393), function(v, l, z, I) {
                l = w(v, (I = (z = H((I = (l = H(v), H)(v), v)), w(v, I)), l)), V(z, v, l[I])
            }), O), 442, function(v, l, z, I) {
                (l = (z = H((I = H(v), v)), H(v)), V)(l, v, w(v, I) || w(v, z))
            }), function() {})), O), 2048), function(v) {
                Vz(3, v)
            })), O)), c)), 471), O, 0), O), 486, function(v, l, z, I, b) {
                V((l = w(v, (z = w(v, (b = H((z = (I = H(v), H(v)), l = H(v), v)), z)), b = w(v, b), l)), I), v, lo(l, z, b, v))
            }), qs)], O), e)([h, J], O), [Sw, C]), O), true))
        },
        Ns = function(C, O, J, p) {
            try {
                p = C[((O | 0) + 2) % 3], C[O] = (C[O] | 0) - (C[((O | 0) + 1) % 3] | 0) - (p | 0) ^ (1 == O ? p << J : p >>> J)
            } catch (L) {
                throw L;
            }
        },
        GN = function(C, O) {
            return (O = K(C), O & 128) && (O = O & 127 | K(C) << 7), O
        },
        H_ = function(C, O, J, p) {
            return (p = g[C.substring(0, 3) + "_"]) ? p(C.substring(3), O, J) : Ec(O, C)
        },
        F = function(C, O, J) {
            J[V(O, C, J), qs] = 2796
        },
        g, V = function(C, O, J) {
            if (286 == C || 215 == C) O.X[C] ? O.X[C].concat(J) : O.X[C] = uo(O, J);
            else {
                if (O.I && 373 != C) return;
                265 == C || 9 == C || 417 == C || 358 == C || 498 == C ? O.X[C] || (O.X[C] = P_(118, C, J, O)) : O.X[C] = P_(9, C, J, O)
            }
            373 == C && (O.N = D(false, O, 32), O.h = void 0)
        },
        kc = function(C, O, J) {
            return C.V(function(p) {
                J = p
            }, false, O), J
        },
        f8 = function(C) {
            return C
        },
        Ec = function(C, O) {
            return C(function(J) {
                J(O)
            }), [function() {
                return O
            }]
        },
        uo = function(C, O, J) {
            return (J = T[C.G](C.j8), J)[C.G] = function() {
                return O
            }, J.concat = function(p) {
                O = p
            }, J
        },
        C8 = function(C, O, J, p, L) {
            for (p = (C = (L = C[2] | 0, C)[3] | 0, 0); 14 > p; p++) J = J >>> 8 | J << 24, J += O | 0, J ^= L + 2298, O = O << 3 | O >>> 29, C = C >>> 8 | C << 24, C += L | 0, L = L << 3 | L >>> 29, C ^= p + 2298, L ^= C, O ^= J;
            return [O >>> 24 & 255, O >>> 16 & 255, O >>> 8 & 255, O >>> 0 & 255, J >>> 24 & 255, J >>> 16 & 255, J >>> 8 & 255, J >>> 0 & 255]
        },
        K = function(C) {
            return C.D ? v_(C, C.U) : D(true, C, 8)
        },
        W_ = function(C, O) {
            (O.Yx.push(O.X.slice()), O.X)[286] = void 0, V(286, O, C)
        },
        ac = function(C, O, J, p) {
            return (V(286, C, ((p = w(C, 286), C.g) && p < C.F ? (V(286, C, C.F), W_(J, C)) : V(286, C, J), tx(C, O), p)), w)(C, 22)
        },
        X, w = function(C, O) {
            if ((C = C.X[O], void 0) === C) throw [a, 30, O];
            if (C.value) return C.create();
            return (C.create(4 * O * O + -12 * O + 4), C).prototype
        },
        U = function(C, O, J) {
            J = this;
            try {
                TN(O, this, C)
            } catch (p) {
                m(p, this), O(function(L) {
                    L(J.Y)
                })
            }
        },
        P_ = function(C, O, J, p, L, v, l, z) {
            return J = [87, -12, -24, -71, (v = C & 7, z = xc, 14), -5, J, -72, -32, 90], l = T[p.G](p.wZ), l[p.G] = function(I) {
                v += 6 + 7 * C, v &= (L = I, 7)
            }, l.concat = function(I) {
                return (I = (I = (I = O % 16 + 1, -224 * L + (z() | 0) * I - I * L + 56 * L * L + v + J[v + 51 & 7] * O * I - -672 * O * L - 224 * O * O * L + 4 * O * O * I), J[I]), L = void 0, J[(v + 29 & 7) + (C & 2)] = I, J)[v + (C & 2)] = -12, I
            }, l
        },
        D = function(C, O, J, p, L, v, l, z, I, b, t, B, Q, r) {
            if (t = w(O, 286), t >= O.F) throw [a, 31];
            for (r = (v = (B = 0, L = O.NL.length, J), t); 0 < v;) Q = r >> 3, I = r % 8, p = 8 - (I | 0), p = p < v ? p : v, l = O.g[Q], C && (b = O, b.h != r >> 6 && (b.h = r >> 6, z = w(b, 373), b.L = C8([0, 0, z[1], z[2]], b.N, b.h)), l ^= O.L[Q & L]), B |= (l >> 8 - (I | 0) - (p | 0) & (1 << p) - 1) << (v | 0) - (p | 0), v -= p, r += p;
            return V(286, (C = B, O), (t | 0) + (J | 0)), C
        },
        m = function(C, O) {
            O.Y = ((O.Y ? O.Y + "~" : "E:") + C.message + ":" + C.stack).slice(0, 2048)
        },
        c = this || self,
        E = c.requestIdleCallback ? function(C) {
            requestIdleCallback(function() {
                C()
            }, {
                timeout: 4
            })
        } : c.setImmediate ? function(C) {
            setImmediate(C)
        } : function(C) {
            setTimeout(C, 0)
        },
        p8 = function(C, O, J, p, L) {
            if ((L = C[0], L) == M) O.S = 25, O.s(C);
            else if (L == R) {
                J = C[1];
                try {
                    p = O.Y || O.s(C)
                } catch (v) {
                    m(v, O), p = O.Y
                }
                J(p)
            } else if (L == bo) O.s(C);
            else if (L == h) O.s(C);
            else if (L == Sw) {
                try {
                    for (p = 0; p < O.A.length; p++) try {
                        J = O.A[p], J[0][J[1]](J[2])
                    } catch (v) {}
                } catch (v) {}(0, C[1])(function(v, l) {
                    O.V(v, true, l)
                }, (O.A = [], function(v) {
                    (e((v = !O.K.length, [ew]), O), v) && W(O, true, false)
                }))
            } else {
                if (L == Y) return p = C[2], V(247, O, C[6]), V(22, O, p), O.s(C);
                L == ew ? (O.g = [], O.W = [], O.X = null) : L == qs && "loading" === c.document.readyState && (O.B = function(v, l) {
                    function z() {
                        l || (l = true, v())
                    }(c.document.addEventListener("DOMContentLoaded", z, (l = false, G)), c).addEventListener("load", z, G)
                })
            }
        },
        L8 = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        bo = [],
        ew = [],
        M = (U.prototype.kx = void 0, U.prototype.T = "toString", []),
        R = [],
        a = (U.prototype.Da = false, U.prototype.RF = void 0, {}),
        h = [],
        Sw = [],
        qs = [],
        Y = [],
        xc = (((wV, function() {})(N), Ns, function() {})(sc), void 0),
        T = a.constructor,
        n8 = (((((((X = U.prototype, U).prototype.G = "create", X.m5 = function(C, O, J, p, L) {
            for (L = p = 0; L < C.length; L++) p += C.charCodeAt(L), p += p << 10, p ^= p >> 6;
            return (p = (p += p << 3, p ^= p >> 11, C = p + (p << 15) >>> 0, new Number(C & (1 << O) - 1)), p)[0] = (C >>> O) % J, p
        }, X.V = function(C, O, J, p, L) {
            if ((J = "array" === rV(J) ? J : [J], this).Y) C(this.Y);
            else try {
                p = !this.K.length, L = [], e([M, L, J], this), e([R, C, L], this), O && !p || W(this, O, true)
            } catch (v) {
                m(v, this), C(this.Y)
            }
        }, X).aF = function(C, O, J, p, L, v) {
            for (L = v = (p = [], 0); L < C.length; L++)
                for (J = J << O | C[L], v += O; 7 < v;) v -= 8, p.push(J >> v & 255);
            return p
        }, X.B6 = function(C, O, J) {
            return C ^ (O ^= O << 13, O ^= O >> 17, (O = (O ^ O << 5) & J) || (O = 1), O)
        }, X).ML = function() {
            return Math.floor(this.J + (this.j() - this.o))
        }, X.j = (window.performance || {}).now ? function() {
            return this.hU + window.performance.now()
        } : function() {
            return +new Date
        }, X).Ul = function() {
            return Math.floor(this.j())
        }, U).prototype.s = function(C, O) {
            return O = (xc = function() {
                    return C == O ? 4 : -46
                }, C = {}, {}),
                function(J, p, L, v, l, z, I, b, t, B, Q, r, Z, q, f) {
                    t = C, C = O;
                    try {
                        if (B = J[0], B == h) {
                            I = J[1];
                            try {
                                for (f = (L = [], v = atob(I), Z = 0); Z < v.length; Z++) p = v.charCodeAt(Z), 255 < p && (L[f++] = p & 255, p >>= 8), L[f++] = p;
                                V(373, this, (this.F = (this.g = L, this.g.length << 3), [0, 0, 0]))
                            } catch (k) {
                                x(k, 17, this);
                                return
                            }
                            tx(this, 8001)
                        } else if (B == M) J[1].push(w(this, 265).length, w(this, 417).length, w(this, 430), w(this, 9).length), V(22, this, J[2]), this.X[101] && ac(this, 8001, w(this, 101));
                        else {
                            if (B == R) {
                                b = (q = (L = J[2], n((w(this, 265).length | 0) + 2, 2)), this.C), this.C = this;
                                try {
                                    z = w(this, 358), 0 < z.length && A(this, n(z.length, 2).concat(z), 265, 10), A(this, n(this.H, 1), 265, 109), A(this, n(this[R].length, 1), 265), v = 0, v += w(this, 466) & 2047, r = w(this, 9), v -= (w(this, 265).length | 0) + 5, 4 < r.length && (v -= (r.length | 0) + 3), 0 < v && A(this, n(v, 2).concat(N(v)), 265, 15), 4 < r.length && A(this, n(r.length, 2).concat(r), 265, 156)
                                } finally {
                                    this.C = b
                                }
                                if (Q = (((f = N(2).concat(w(this, 265)), f)[1] = f[0] ^ 6, f)[3] = f[1] ^ q[0], f[4] = f[1] ^ q[1], this).dZ(f)) Q = "!" + Q;
                                else
                                    for (Q = "", v = 0; v < f.length; v++) l = f[v][this.T](16), 1 == l.length && (l = "0" + l), Q += l;
                                return w(this, (V(430, ((w(this, (Z = Q, 265)).length = L.shift(), w)(this, 417).length = L.shift(), this), L.shift()), 9)).length = L.shift(), Z
                            }
                            if (B == bo) ac(this, J[2], J[1]);
                            else if (B == Y) return ac(this, 8001, J[1])
                        }
                    } finally {
                        C = t
                    }
                }
        }(), U.prototype.oF = 0, U.prototype).tU = 0, /./);
    U.prototype.dZ = function(C, O, J, p) {
        if (O = window.btoa) {
            for (p = 0, J = ""; p < C.length; p += 8192) J += String.fromCharCode.apply(null, C.slice(p, p + 8192));
            C = O(J).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
        } else C = void 0;
        return C
    };
    var Yc, jw = (U.prototype[Sw] = [0, 0, 1, 1, 0, 1, 1], h).pop.bind(U.prototype[M]),
        ZC = ((Yc = zN({get: jw
        }, (n8[U.prototype.T] = jw, U.prototype.G)), U).prototype.v6 = void 0, function(C, O) {
            return (O = Qz()) && 1 === C.eval(O.createScript("1")) ? function(J) {
                return O.createScript(J)
            } : function(J) {
                return "" + J
            }
        }(c));
    (40 < (g = c.botguard || (c.botguard = {}), g).m || (g.m = 41, g.bg = B_, g.a = H_), g).hDL_ = function(C, O, J) {
        return [(J = new U(C, O), function(p) {
            return kc(J, p)
        })]
    };
}).call(this);
#3 JavaScript::Eval (size: 37) - SHA256: 9f32ef3f1186a41942e351fb8b23a69f26709341b010a592b13fbcf8278408ad
FunctionList = this.CollectFunctions;
#4 JavaScript::Eval (size: 265) - SHA256: 404f5a159db68317334c69c281ea49fd1ebbd3bee2893cd660ef5aca72094c26
function preRenderConf(conf) {
    if (jQuery(".segHeadNotif").length > 0 || document.location.href.indexOf("/login") > -1) {
        return false
    }
    if (jQuery(".seg-head-notification-bar").length > 0 || document.location.href.indexOf("/approve") > -1) {
        return false
    }
}
#5 JavaScript::Eval (size: 54) - SHA256: 263581dd85ff8a37e740f83ed57c559a230df1ed79ed92840aea7a5dce3687b2
(function() {
    return localStorage.getItem("userid")
})();
#6 JavaScript::Eval (size: 311) - SHA256: 83b34ed574c9630f2d800fa605bcc5d84e287907f47456c7bd1be0deabd38901
(function() {
    var a = new Date,
        d = -a.getTimezoneOffset(),
        e = 0 <= d ? "+" : "-",
        b = function(c) {
            c = Math.abs(Math.floor(c));
            return (10 > c ? "0" : "") + c
        };
    return a.getFullYear() + "-" + b(a.getMonth() + 1) + "-" + b(a.getDate()) + "T" + b(a.getHours()) + ":" + b(a.getMinutes()) + ":" + b(a.getSeconds()) + "." + b(a.getMilliseconds()) + e + b(d / 60) + ":" + b(d % 60)
})();
#7 JavaScript::Eval (size: 37) - SHA256: 51f7c020346092165a606ed238aa9b3ac5c4918c121c3c79c6829ccd53df5cca
FunctionList = this.StartupFunctions;
#8 JavaScript::Eval (size: 62) - SHA256: 656ddb7093a608f140df5a991c579e27ad31e247a6ded28fa406e948965cf12a
0,
function(v, l, z) {
    z = (l = (z = H(v), H(v)), v.X[z]) && w(v, z), V(l, v, z)
}
#9 JavaScript::Eval (size: 22) - SHA256: 1bb4b16c7de163ff866b60976156d8c769e3cd8f2b5bdea3c85e854c986003d6
0,
function(v) {
    Jx(1, v)
}
#10 JavaScript::Eval (size: 22) - SHA256: 96bc32102142a2b26979b51faca0349f415898ceeba6ca594e7498b337aa0808
0,
function(v) {
    Jx(2, v)
}
#11 JavaScript::Eval (size: 1325) - SHA256: 05b96d5a3035443244d14253c61f4cee2d0e4dd1007eb8cd9d3534f93fa977e7
function preRenderConf(conf) {
    var helperFunctions = {
        'findPropertyInArray': function(prop, arr) {
            try {
                // if property is not defined or empty string or array is empty exit function
                if (typeof prop !== 'string' ||
                    !prop ||
                    !Array.isArray(arr)) {
                    return null;
                }

                for (var i = 0; i < arr.length; i++) {
                    var item = arr[i];

                    // if this array object contains property -prop-, so this is what we are looking for
                    if (Object.prototype.hasOwnProperty.call(item, prop)) {
                        return item;
                    }
                }
            } catch (err) {
                // prevent unexpected return type so return null
                window.segmentifyEvents.error(err);
                return null;
            }
        }
    };

    // Statik Olarak campanyName i almak i�in;
    var companyName = helperFunctions.findPropertyInArray("companyName", window.dataLayer).companyName;
    if (companyName === 'unilever') {
        Segmentify("user:update", {
            segments: ["unilever"]
        });

    } else {
        console.log(error);
    }



    //Dinamik olarak almak i�in;

    // var companyName= helperFunctions.findPropertyInArray("companyName", window.dataLayer).companyName;
    //if(companyName) {

    //Segmentify("user:update",{segments:[companyName]})

    //} else {
    //console.log(error);
    //}
}
#12 JavaScript::Eval (size: 1329) - SHA256: 908bbf45d2d6fe665c8e844259d719af155780007a1b33434aaa459da6f93a0a
function preRenderConf(conf) {
    var helperFunctions = {
        'findPropertyInArray': function(prop, arr) {
            try {
                // if property is not defined or empty string or array is empty exit function
                if (typeof prop !== 'string' ||
                    !prop ||
                    !Array.isArray(arr)) {
                    return null;
                }

                for (var i = 0; i < arr.length; i++) {
                    var item = arr[i];

                    // if this array object contains property -prop-, so this is what we are looking for
                    if (Object.prototype.hasOwnProperty.call(item, prop)) {
                        return item;
                    }
                }
            } catch (err) {
                // prevent unexpected return type so return null
                window.segmentifyEvents.error(err);
                return null;
            }
        }
    };

    // Statik Olarak campanyName i almak i�in;
    var companyName = helperFunctions.findPropertyInArray("companyName", window.dataLayer).companyName;
    if (companyName === 'segmentify') {
        Segmentify("user:update", {
            segments: ["segmentify"]
        });

    } else {
        console.log(error);
    }



    //Dinamik olarak almak i�in;

    // var companyName= helperFunctions.findPropertyInArray("companyName", window.dataLayer).companyName;
    //if(companyName) {

    //Segmentify("user:update",{segments:[companyName]})

    //} else {
    //console.log(error);
    //}
}

Executed Writes (0)


HTTP Transactions (131)


Request Response
                                        
                                            GET /p/be/cl/28c2b469-d347-413a-81c6-39a3c5fa16ce/qFadPU8V1IA2_p_l_GPHMf9sIJQ_s_l_qI2cFn_s_l_hNXXrSktM3ZetO8l7umw53cM_s_l_hJFqOrZkypeuaI_s_l_LPTlhKWbK_s_l_RACLO45YR3kbE2SOVhRVqFSc75Z1MDqh_p_l_1DI0NYJTHElMQvUdUfAn6gb5zrXMWomqpbmP_s_l_Ypnf19d2fcUGoPAfIDxW9vAQtplyiiKbL8R1Hg3G0IvLKT08k6pdl_p_l_HNyNiEZcuJI133TaHVWH9CT2cL3YA0_e_q_ HTTP/1.1 
Host: e.unishoptr.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         195.42.241.247
HTTP/1.1 303 See Other
Content-Type: text/html
                                        
Server: openresty/1.21.4.1
Date: Wed, 23 Nov 2022 16:17:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, no-cache, must-revalidate
Pragma: no-cache
Expires: Tue, 22 Nov 2022 16:17:46 GMT
Location: https://www.unishopturkiye.com/gida?dn_channel=email&dn_send_id=431
Request-Context: appId=cid-v1:57f1128c-f604-4760-aadf-5384e69b5cee
MId: 33
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Strict-Transport-Security: max-age=0;

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12297
Expires: Wed, 23 Nov 2022 19:42:43 GMT
Date: Wed, 23 Nov 2022 16:17:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3720
Cache-Control: max-age=155730
Date: Wed, 23 Nov 2022 16:17:46 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:33:16 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 16:17:08 GMT
cache-control: public,max-age=3600
age: 38
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8230
Expires: Wed, 23 Nov 2022 18:34:56 GMT
Date: Wed, 23 Nov 2022 16:17:46 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: x15MV+gc6PiDJjqkOkgXdkAKLwis/K6EpmAJqJVHi/yPBrHAfCceiSCEvDPFqqkU3kiIQxf8rgo=
x-amz-request-id: F8MNGVXX7Y03Y8C3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 15:43:02 GMT
age: 2084
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 23 Nov 2022 16:17:46 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157764
Date: Wed, 23 Nov 2022 16:17:46 GMT
Etag: "637e0cee-1d7"
Expires: Fri, 25 Nov 2022 12:07:10 GMT
Last-Modified: Wed, 23 Nov 2022 12:07:10 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AclhkLW17Yin7VA7NqneKQectrmAzF5wnI0bQuoYJtiOYothwtg2WQ==

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 16:08:53 GMT
cache-control: public,max-age=3600
age: 533
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3598
Cache-Control: max-age=150544
Date: Wed, 23 Nov 2022 16:17:47 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:06:51 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5252
Cache-Control: max-age=142147
Date: Wed, 23 Nov 2022 16:17:47 GMT
Etag: "637dbb6a-117"
Expires: Fri, 25 Nov 2022 07:46:54 GMT
Last-Modified: Wed, 23 Nov 2022 06:19:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5252
Cache-Control: max-age=142147
Date: Wed, 23 Nov 2022 16:17:47 GMT
Etag: "637dbb6a-117"
Expires: Fri, 25 Nov 2022 07:46:54 GMT
Last-Modified: Wed, 23 Nov 2022 06:19:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /scripttemplates/otSDKStub.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
content-length: 7151
content-encoding: gzip
content-md5: e0VkrpV+7zqDAjQ/RMXPsw==
last-modified: Tue, 22 Nov 2022 16:39:23 GMT
etag: 0x8DACCA81CF94662
x-ms-request-id: 612b53d7-501e-0067-08d0-fe6b41000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 52103
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb378eeb1db524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21747)
Size:   7151
Md5:    7b4564ae957eef3a8302343f44c5cfb3
Sha1:   296c38b2ae23a31d80201b32a38c02e75de27c91
Sha256: 15155c8652fe9654c2d2813743ae09ff93a469d790d3424a6b090f876b3d9bb2
                                        
                                            GET /_next/static/iG3-baPqLlqKDXAi3M8qB/_ssgManifest.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
content-length: 77
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"4d-184a47369d0"
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    b6652df95db52feb4daf4eca35380933
Sha1:   65451d110137761b318c82d9071c042db80c4036
Sha256: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JIPirYE5fRIH9lyhqHJSRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.238.202.79
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LUr2FLAmFGHmmR1AUhpJeAEVd/Q=

                                        
                                            GET /grey-close.svg HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
content-length: 351
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 23 Nov 2022 12:19:52 GMT
etag: W/"15f-184a46e2240"
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   351
Md5:    461333252b8b041d8db014d5986f23eb
Sha1:   4769db55ec68a220c0a915775fce0b4dfa270cdb
Sha256: 6b27d4be0d0ea08837be7c9d9f923079f976469c2875ab95a12d9f8322193257
                                        
                                            GET /consent/ed422091-78e4-4087-b1cb-57ff4e441b3a/OtAutoBlock.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
content-length: 2134
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: YBnoPoHKHSRE8GbYdIqH7A==
last-modified: Wed, 20 Jul 2022 13:43:33 GMT
etag: 0x8DA6A55D717B4D6
x-ms-request-id: 63ec8316-901e-007a-4802-a8b2ab000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Thu, 24 Nov 2022 16:17:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb378edb1cb524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1001)
Size:   2134
Md5:    6019e83e81ca1d2444f066d8748a87ec
Sha1:   491a6e8d1eea1b61d2657634524ab582ab7a92a8
Sha256: 0aa65290a83ff33f78f8b2076933aefbdd7005e28f2b495776ff2b7a50b24414
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 02:06:54 GMT
Expires: Mon, 28 Nov 2022 02:06:53 GMT
Etag: "fd59c856755ba277ca0b03a455a1597b018b8335"
Cache-Control: max-age=380345,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb378ebff90b55-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142634
Date: Wed, 23 Nov 2022 16:17:47 GMT
Etag: "637dd1d5-1d7"
Expires: Fri, 25 Nov 2022 07:55:01 GMT
Last-Modified: Wed, 23 Nov 2022 07:55:01 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qis0usmC2HfiWWmg61xwvtYRA3oTpXm3_LsYdL1FkzVaLdQHex9LNQ==

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /3d9c5ffa-653a-468e-bad8-d26bd5cca622/segmentify.js HTTP/1.1 
Host: cdn.segmentify.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.120.65.227
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdsy9sqdX6XOQnNS9Ceh2c0gbZ_yYccMPq4JbHssNijBVfseqb82HcCAEGpPUK6Mds3pWVZC-PUeLy4vPzSqrqMXrAUIcgsK
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 16:17:47 GMT
last-modified: Wed, 09 Nov 2022 02:33:59 GMT
etag: "72d623a0ca8a6a0a6981967d47971976"
x-goog-generation: 1667961239068618
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 50747
content-encoding: gzip
x-goog-hash: crc32c=K1Y6Gg==, md5=ctYjoMqKagppgZZ9R5cZdg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 50747
access-control-allow-origin: *
access-control-expose-headers: Origin, Accept, Content-Type, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (56966)
Size:   50747
Md5:    72d623a0ca8a6a0a6981967d47971976
Sha1:   42f82070758e339547bdea71844fa8e88fe56222
Sha256: 594df1b6a785051d01fa1bbd456ffba884c12336d54168eef289d7dc148cdd99
                                        
                                            GET /css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&amp;subset=latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 16:17:47 GMT
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1321
Md5:    e23bc7b17c606eb66b5ca06604149514
Sha1:   65ed62879078dd31386ac92e62aa0f8b3b490514
Sha256: 8c104e2253e9e358d45d93f62afa766d98f21a5ea90c621ff572e9aa19948e5f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 02:06:54 GMT
Expires: Mon, 28 Nov 2022 02:06:53 GMT
Etag: "fd59c856755ba277ca0b03a455a1597b018b8335"
Cache-Control: max-age=380345,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb37909acb0b55-OSL

                                        
                                            GET /sdk/web/dataroid-websdk.js HTTP/1.1 
Host: cdn.dataroid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.11
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 154200
last-modified: Tue, 15 Nov 2022 14:08:09 GMT
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: no-cache, no-store, must-revalidate
etag: "cf700ad03e55fb5c30482acd9f807ecf"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XwNGUgeUmNpq7OrXWUrCFRJl_nGO7g4aDn29TQ5GVDbgiVztxu8_FA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65504)
Size:   154200
Md5:    cf700ad03e55fb5c30482acd9f807ecf
Sha1:   7c7f45d89c1d498d4547630f8877ea97b8ba7963
Sha256: e6df6739bad39c4b23f323585b0f84a29fb6e2fdd3bd1a43b5589fcfd86b284d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /consent/ed422091-78e4-4087-b1cb-57ff4e441b3a/ed422091-78e4-4087-b1cb-57ff4e441b3a.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
content-length: 1387
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: 0GsZf1jjVWLgztQlYOMUBw==
last-modified: Wed, 20 Jul 2022 13:43:33 GMT
etag: 0x8DA6A55D70519CB
x-ms-request-id: eccbd9c7-701e-0095-140f-a8b9d5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Thu, 24 Nov 2022 16:17:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb37909db7b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3156), with no line terminators
Size:   1387
Md5:    d06b197f58e35562e0ced42560e31407
Sha1:   7b6a6948e8aa2a1cbac93d82cae6c7ba97831db8
Sha256: 5a23388c3a1f61f5f22fe312fc441581047f4e507ebd89d98624e4e7ddd8ace6
                                        
                                            GET /_next/static/chunks/9181-877df34e36d616bc84af.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"25c4-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   67164
Md5:    13f4e789881e7b8f6cda9fe84ffc53cf
Sha1:   7df8b24452c2bf801d86e765ddd046fc459423b6
Sha256: 72f78d4ad371762e90a0d6f658fd3ab2622e667e9c861e2665aa72b90a677d4e
                                        
                                            GET /_next/static/chunks/9133-03bd3697cabd352f6c7a.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"d9a5-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   18021
Md5:    253299002ab7343c3481a19a8d05f0c2
Sha1:   a837363df49468d281e02901176ec36dbaba42df
Sha256: 8bdad28b605b73a443aff5bc65e4be234179ed91795485b7413a0085d2dbaebc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F9D3ACB0580E2B510A495DC5%40AdobeOrg&d_nsid=0&ts=1669220267603 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         3.248.120.148
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.unishopturkiye.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 4 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=00387522527444513363625764275881188262; Max-Age=15552000; Expires=Mon, 22 May 2023 16:17:47 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: fyfMGotoTZc=
Content-Length: 1314
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3693), with no line terminators
Size:   1314
Md5:    1381e236232da0e2ff03b138db47f4de
Sha1:   ece135b60835409995d8f9dc260f2b92ca81f3fa
Sha256: 8fbef53965cb3c9de30975b28c16fa6b20d1faf585b7c4c2aef508090889439e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:52 GMT
expires: Wed, 22 Nov 2023 14:43:52 GMT
cache-control: public, max-age=31536000
age: 92035
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size:   8000
Md5:    72993dddf88a63e8f226656f7de88e57
Sha1:   179f97ec0275f09603a8db94d4380eb584d81cd5
Sha256: f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_next/static/chunks/pages/_app-7fc9aec14e6fe5f0d874.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"1ddf08-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   533476
Md5:    3245f30e71733dbc5591a7d2c1185282
Sha1:   caa2f2a453bf8eb7f3c2ff2556f688c4dc832284
Sha256: 8375b0075c3e3166c776d2a49bc7e69ee483e57c13538b63b509af751119f691
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:48:50 GMT
expires: Thu, 16 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 584937
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            GET /_next/static/chunks/8123-d634702c8945e8251b7d.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"f2ae-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25688
Md5:    050089134433426ff125ac9de8e843be
Sha1:   f3cf68c1b11921426fb76e520e8d13c7f59cdfe2
Sha256: 6191d34c775dcf9dfc8efc022b60d57eb094e7fb10dfe4750599a97b6257f65c
                                        
                                            GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5512
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 20:56:11 GMT
expires: Thu, 16 Nov 2023 20:56:11 GMT
cache-control: public, max-age=31536000
age: 588096
last-modified: Wed, 27 Apr 2022 16:59:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 5512, version 1.0\012- data
Size:   5512
Md5:    72b3ae37567ee5efdf2254b657c36ba9
Sha1:   3a4cf2dc2cabd33b5b2c7cef3221131520f618a0
Sha256: 9c15f7b06458075c69b40e79f03e62d43017ecf4c618487add407ee47e438684
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /modal-alert-icon.svg HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 23 Nov 2022 12:19:52 GMT
etag: W/"5b8-184a46e2240"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1166
Md5:    1f5e99c6e2e5f8aaf21ec1365b54425a
Sha1:   fde707fc32ccce10dfc95ebffa4a5ad252b2d83f
Sha256: 4c8e8491f95582707c53578ea8e232571afde88893d62db709fa94ff6de391e2
                                        
                                            GET /recaptcha/api.js?render=6Lez4JMaAAAAACPeVH4GlJ6oZA695L1emicWvVwt HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Wed, 23 Nov 2022 16:17:48 GMT
date: Wed, 23 Nov 2022 16:17:48 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   582
Md5:    3768f827df28b3abd4a2b677608919f3
Sha1:   7fa8566ade212da8483b8356c76ff127f450ccea
Sha256: 66952ea1b1337be3333599a764f728769b4ae8d2934ec7e6c92737e58b0e31b2
                                        
                                            GET /commensis.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: culture=tr_TR; AMCV_F9D3ACB0580E2B510A495DC5%40AdobeOrg=-1124106680%7CMCIDTS%7C19320%7CvVersion%7C5.2.0; zoneId=default
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 65
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 23 Nov 2022 12:19:52 GMT
etag: W/"41-184a46e2240"
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   65
Md5:    ad6a19151236f1262d577deb496c7c31
Sha1:   0f34ce2feba623a732d747fc3c93853d411b1967
Sha256: 0b8dc767e5f45b4e775dc3581d2a8b54325eca3ccca54b06df831933748c52c9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5495
Cache-Control: max-age=162910
Date: Wed, 23 Nov 2022 16:17:48 GMT
Etag: "637e0b93-117"
Expires: Fri, 25 Nov 2022 13:32:58 GMT
Last-Modified: Wed, 23 Nov 2022 12:01:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123885
Date: Wed, 23 Nov 2022 16:17:48 GMT
Etag: "637d8899-1d7"
Expires: Fri, 25 Nov 2022 02:42:33 GMT
Last-Modified: Wed, 23 Nov 2022 02:42:33 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qtRauO4KHtGnJPXqYpiDLCx01pDiKwFU9NWQaT4kKWX1T3qO7iRzpQ==

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123885
Date: Wed, 23 Nov 2022 16:17:48 GMT
Etag: "637d8899-1d7"
Expires: Fri, 25 Nov 2022 02:42:33 GMT
Last-Modified: Wed, 23 Nov 2022 02:42:33 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Mk3qaHF8ip1nEtiBvzDg-m5SA_MxYihE2c9zwfKB8wDToJrt-3k4g==

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123885
Date: Wed, 23 Nov 2022 16:17:48 GMT
Etag: "637d8899-1d7"
Expires: Fri, 25 Nov 2022 02:42:33 GMT
Last-Modified: Wed, 23 Nov 2022 02:42:33 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bVi_BzNC_Kf71wD2ZAXGquHB_8QkCme9OdUxywnlurWS9NDO6gjQpQ==

                                        
                                            GET /activityi;src=12057628;type=unish0;cat=unish0;ord=9930357018190;gtm=2wgb90;auiddc=708977049.1669220268;~oref=https%3A%2F%2Fwww.unishopturkiye.com%2Flogin%3Freferer%3D%2Fgida%3Fdn_channel%3Demail%26dn_send_id%3D431? HTTP/1.1 
Host: 12057628.fls.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.70
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 16:17:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 275
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 16:32:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (518), with no line terminators
Size:   275
Md5:    cf2a7241764c6b0db7691f12a5534631
Sha1:   26899ea6e5346a7c179674e7102572be90dcb3c4
Sha256: e0a8474bba8b941dcc5eccbeb2a1e9f9ca18abe7e3088be34a5bacff8c50a61c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123885
Date: Wed, 23 Nov 2022 16:17:48 GMT
Etag: "637d8899-1d7"
Expires: Fri, 25 Nov 2022 02:42:33 GMT
Last-Modified: Wed, 23 Nov 2022 02:42:33 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Jj673irFrVgp0RoTD6g6UK_k_6_-aFBLxJ6d6WR4ZcSPvyo6Bnpcw==

                                        
                                            OPTIONS /user/action/6ad47403c22043a795e973c7ec83dcc7/rbs.core.request.LOGOUT_USER?platform=WEB HTTP/1.1 
Host: core-internal.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.unishopturkiye.com/
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.19
HTTP/2 204 No Content
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
access-control-allow-origin: *
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: *
apigw-requestid: cEAi9gyeDoEEJSw=
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1A70d-dfxIK63Fj8oIRHEH7Ul-Jl4JGqGiVzokMq87O1hrpWGb-xSg==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 11:25:35 GMT
Expires: Sun, 27 Nov 2022 11:25:34 GMT
Etag: "7f6a9be7ec4a401edf8a5e60a11e5ea2efec2922"
Cache-Control: max-age=327465,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb379519370b55-OSL

                                        
                                            GET /sdk/web/dataroid-sw.js HTTP/1.1 
Host: cdn.dataroid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         143.204.55.11
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3212
last-modified: Tue, 15 Nov 2022 14:08:10 GMT
content-encoding: gzip
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 23 Nov 2022 16:17:49 GMT
cache-control: no-cache, no-store, must-revalidate
etag: "8bd6a5f8fea16835fa047580f8a8b1b1"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KiMzkro1Tlhm2-cDnM6gSeyDEj8g82T9k7b82j6LxWdEkyLZ2_pjiw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9126)
Size:   3212
Md5:    8bd6a5f8fea16835fa047580f8a8b1b1
Sha1:   702387644d00710a65c5f1081b51353e255f2f66
Sha256: be46e577cf9f52dba80737f32a7c0363a28678a26792d37e3d6aae1327011ec6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 11:25:35 GMT
Expires: Sun, 27 Nov 2022 11:25:34 GMT
Etag: "7f6a9be7ec4a401edf8a5e60a11e5ea2efec2922"
Cache-Control: max-age=327465,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb37955a0eb509-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 11:25:35 GMT
Expires: Sun, 27 Nov 2022 11:25:34 GMT
Etag: "7f6a9be7ec4a401edf8a5e60a11e5ea2efec2922"
Cache-Control: max-age=327465,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb37955d7c0b39-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 11:25:35 GMT
Expires: Sun, 27 Nov 2022 11:25:34 GMT
Etag: "7f6a9be7ec4a401edf8a5e60a11e5ea2efec2922"
Cache-Control: max-age=327465,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb37955f2fb50f-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scripttemplates/6.38.0/otBannerSdk.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 89624
content-encoding: gzip
content-md5: jz950M8ZW7RakPP2zlLHZQ==
last-modified: Thu, 21 Jul 2022 06:31:17 GMT
etag: 0x8DA6AE29E465D1D
x-ms-request-id: 7e08b95c-701e-0174-68d7-9c18f5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 52026
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb3795ae25b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65455)
Size:   89624
Md5:    8f3f79d0cf195bb45a90f3f6ce52c765
Sha1:   0dbd651547da8916062b874fd671a005d4d4c876
Sha256: 5df755e7d1f1fad81564342c72ea8226bf3ce12aa5892556f37cab01998ce045
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: unilever.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         99.81.236.184
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Wed, 23 Nov 2022 16:17:48 GMT
DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: x2Pez3IDSIs=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /ddm/fls/i/src=12057628;type=unish0;cat=unish0;ord=9930357018190;gtm=2wgb90;auiddc=708977049.1669220268;~oref=https%3A%2F%2Fwww.unishopturkiye.com%2Flogin%3Freferer%3D%2Fgida%3Fdn_channel%3Demail%26dn_send_id%3D431 HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12057628.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.162
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 16:17:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (517), with no line terminators
Size:   276
Md5:    8d0081e6a50879906ee3f8132b4452ff
Sha1:   d8c816142f127578c80abe07dc2b45050e6b2ffd
Sha256: 9b4699d228de53ea2aebb9322bfc78dc39ef17ba107628eca74dae63e9837d28
                                        
                                            GET /sdk-config/6a182a08-1fa7-11eb-bcee-1f0ef6152ca0 HTTP/1.1 
Host: api.dataroid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         44.193.88.32
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 162
location: https://cdn.dataroid.com/sdk-config/6a182a08-1fa7-11eb-bcee-1f0ef6152ca0/config.json
server: nginx
access-control-allow-origin: https://www.unishopturkiye.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,If-None-Match
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            OPTIONS /push-manager/push/action-based?deviceId=5ead21b0-6b4a-11ed-b724-5147590a0217 HTTP/1.1 
Host: api.dataroid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-appconnect-platform,x-appconnect-sdk-key,x-appconnect-sdk-version
Referer: https://www.unishopturkiye.com/
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         44.193.88.32
HTTP/2 200 OK
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.unishopturkiye.com
vary: Origin
access-control-allow-methods: GET
access-control-allow-headers: x-appconnect-platform, x-appconnect-sdk-key, x-appconnect-sdk-version
access-control-allow-credentials: true
access-control-max-age: 900
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /user/action/6ad47403c22043a795e973c7ec83dcc7/rbs.core.request.LOGOUT_USER?platform=WEB HTTP/1.1 
Host: core-internal.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.19
HTTP/2 400 Bad Request
content-type: application/json
                                        
content-length: 38
date: Wed, 23 Nov 2022 16:17:48 GMT
access-control-allow-origin: *
apigw-requestid: cEAi_i3jjoEEMSw=
x-cache: Error from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -92rt2RS7-cOW8NVrDH9ShbpTQGfRy3nuRfVPUYgDptV0ae2XAROzA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   38
Md5:    9a2edfcdae88e49ddcb46da9c1602886
Sha1:   66c753027ba7fc2bb7c0e89cb87c75bd241fbc2f
Sha256: d01c5e9023d4b920b40b8cb2ee81ec3b4ddb5a6734b1634093b4550cbcce6c8c
                                        
                                            GET /ddm/fls/i/src=12057628;type=unish0;cat=unish0;ord=9930357018190;gtm=2wgb90;auiddc=708977049.1669220268;~oref=https%3A%2F%2Fwww.unishopturkiye.com%2Flogin%3Freferer%3D%2Fgida%3Fdn_channel%3Demail%26dn_send_id%3D431 HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.98
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 16:17:48 GMT
expires: Wed, 23 Nov 2022 16:17:48 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   85
Md5:    4a3b3637744caa4a0b08fabbd76cc830
Sha1:   755e5626762ecf38f55012da892a227bf50f15f1
Sha256: 6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:48 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 11:25:35 GMT
Expires: Sun, 27 Nov 2022 11:25:34 GMT
Etag: "7f6a9be7ec4a401edf8a5e60a11e5ea2efec2922"
Cache-Control: max-age=327465,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb379558960afe-OSL

                                        
                                            GET /consent/ed422091-78e4-4087-b1cb-57ff4e441b3a/abdb1cb8-f406-4476-9fcd-5d1d16baf42f/tr.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.unishopturkiye.com/
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 12903
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: USmI4m7aQtpYwHyR5xMH0w==
last-modified: Wed, 20 Jul 2022 13:43:35 GMT
etag: 0x8DA6A55D83754E1
x-ms-request-id: 5ea704cc-d01e-0039-390f-a89842000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Thu, 24 Nov 2022 16:17:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb37964f25b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (43679), with no line terminators
Size:   12903
Md5:    512988e26eda42da58c07c91e71307d3
Sha1:   b2e8080a455e32149956fed7ff391247a5c86a39
Sha256: e9a12a5e5df19c561b018f6f4b5afbadddc82093d94aab14fd517c36fc12a50b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2079
Cache-Control: max-age=163809
Date: Wed, 23 Nov 2022 16:17:48 GMT
Etag: "637e1c6e-1d7"
Expires: Fri, 25 Nov 2022 13:47:57 GMT
Last-Modified: Wed, 23 Nov 2022 13:13:18 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /_next/static/chunks/framework-637ad1c376a3adbf8251.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"1fed1-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   42826
Md5:    b7f8546881dabf65c5f393b2efa1a7f9
Sha1:   173a73d23245326fc0b5a56ed60cb986ba644da5
Sha256: 168b7547a0a9604b13ef05a7d6bbab9ef4aa959d99eb3aef8744490e9cb6d689
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14916
Expires: Wed, 23 Nov 2022 20:26:24 GMT
Date: Wed, 23 Nov 2022 16:17:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14916
Expires: Wed, 23 Nov 2022 20:26:24 GMT
Date: Wed, 23 Nov 2022 16:17:48 GMT
Connection: keep-alive

                                        
                                            OPTIONS /inapp-message/in-app?deviceId=5ead21b0-6b4a-11ed-b724-5147590a0217&sessionId=5eccdeb0-6b4a-11ed-b724-5147590a0217 HTTP/1.1 
Host: api.dataroid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-appconnect-platform,x-appconnect-sdk-key,x-appconnect-sdk-version
Referer: https://www.unishopturkiye.com/
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         44.193.88.32
HTTP/2 200 OK
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.unishopturkiye.com
vary: Origin
access-control-allow-methods: GET
access-control-allow-headers: x-appconnect-platform, x-appconnect-sdk-key, x-appconnect-sdk-version
access-control-allow-credentials: true
access-control-max-age: 900
X-Firefox-Spdy: h2

                                        
                                            GET /p/push/223/35814f2c-ba6f-70aa-0a4b-54b5d6a01a8e/dengage_sdk.js HTTP/1.1 
Host: pcdn.dengage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.227.53
HTTP/2 200 OK
content-type: text/javascript
                                        
cache-control: public, max-age=3600
content-encoding: br
content-md5: HytUqMvhW0ACGTHTC1EUTA==
last-modified: Tue, 22 Nov 2022 08:24:59 GMT
etag: 0x8DACC630B8729EE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_MISS
x-ms-request-id: f35cca2e-301e-0065-0257-fffc67000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref-originshield: 0q0d+YwAAAADeu+G0pNZHQ6GHE44DRXAoQU1TMDRFREdFMTgwNgBjN2EzYTIyMi0wYzZjLTRlNTAtOWI5NC0yNmM5MDM1Y2EyOTg=
x-azure-ref: 0q0d+YwAAAAAO6m403/YMR6VKJ2yhbyvxT1NMMjMxMDUwMjAzMDUzAGM3YTNhMjIyLTBjNmMtNGU1MC05Yjk0LTI2YzkwMzVjYTI5OA==
date: Wed, 23 Nov 2022 16:17:47 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 (with BOM) text, with very long lines (65532), with no line terminators
Size:   46999
Md5:    329ed0a33b44d3fd3371ed6d90d5fa66
Sha1:   4f439255564db421d037032bd195016cd4d00d52
Sha256: 5185c522de35a653368c239c1745b3ad3dd466c849801a70bcf8ff78ba2fdd82
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14916
Expires: Wed, 23 Nov 2022 20:26:24 GMT
Date: Wed, 23 Nov 2022 16:17:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14916
Expires: Wed, 23 Nov 2022 20:26:24 GMT
Date: Wed, 23 Nov 2022 16:17:48 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nwXP5jm9A2Cl3_-Lm194ycXkeClig1L9hwgUgE8i8NF-Vv2gNfj_4Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 15:14:08 GMT
age: 3820
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7589
Md5:    06c6e720bc9900b38e88cd72f739603e
Sha1:   22884cbc78622d6f78c1c3397c9b440946144a99
Sha256: 8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 414rX74hOWUS2W1d9SVHs7McxZ4QDE249cjU-1EyIe0nMkZrQz2rrQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 66060
etag: "18084197b48ea3b4a143636250396e8791d0285f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4977
Md5:    0cc111ba6ae699fca7fbff3490640960
Sha1:   18084197b48ea3b4a143636250396e8791d0285f
Sha256: 34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8683
x-amzn-requestid: 4e9d4c04-802f-4ab8-bb51-645f31de068a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBb_4G8voAMF-YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4065-01d3c8271b80e7ba7bb40f88;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g-Zj093YIQ0Kdg4oxF2aZ3HzsgNGu1l8l8Ji7trCGCZPKEgQ9riqjQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:06:09 GMT
age: 65499
etag: "1b3efc7e58c1e7220830d0060a6d1942869243a0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8683
Md5:    35a44687c086af7b41c8333297bec58e
Sha1:   1b3efc7e58c1e7220830d0060a6d1942869243a0
Sha256: 39a525fde61e3110f773cb121407925a2d2d1b8003c7beb58cf4fd8b18b8d78a
                                        
                                            GET /scripttemplates/6.38.0/assets/otCookieSettingsButton.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.unishopturkiye.com/
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 1767
content-encoding: gzip
content-md5: keZk8SpZZgHvyFwdMFhvhQ==
last-modified: Thu, 21 Jul 2022 06:31:10 GMT
etag: 0x8DA6AE29A3CDCC9
x-ms-request-id: 7adf77d1-f01e-0007-2510-a82e63000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb379738fab524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3079)
Size:   1767
Md5:    91e664f12a596601efc85c1d30586f85
Sha1:   7276bbec77b6116edf56e1ebdf640888f4fc9f1b
Sha256: dfdd828343cf4910141852a92e9eb8e6ae9616fa0fbfa6a93fa8535a4b1a190b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:16 GMT
age: 65312
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9138
Md5:    6d2c986e076309d51d199332caebb07a
Sha1:   343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
Sha256: 64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
                                        
                                            GET /scripttemplates/6.38.0/assets/otCenterRounded.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.unishopturkiye.com/
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 2612
content-encoding: gzip
content-md5: dxIG1EjBSvU0szEzzNzBnA==
last-modified: Thu, 21 Jul 2022 06:31:09 GMT
etag: 0x8DA6AE2999E69E3
x-ms-request-id: ffc72c8f-401e-00f0-54d5-fe0888000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb379738f4b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (7679)
Size:   2612
Md5:    771206d448c14af534b33133ccdcc19c
Sha1:   b709985ba960604002fae0eaccc58746ca16497b
Sha256: 244e6c1cbe758d81cfc2c11323f46923ac9950363a6af0a059b734891db90689
                                        
                                            GET /scripttemplates/6.38.0/assets/v2/otPcPanel.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.unishopturkiye.com/
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 13296
content-encoding: gzip
content-md5: BJ08KLAvpzZpuIY3VesHLg==
last-modified: Thu, 21 Jul 2022 06:31:11 GMT
etag: 0x8DA6AE29AA07224
x-ms-request-id: 138528b2-801e-002a-61d5-feada3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb379738f9b524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (54204)
Size:   13296
Md5:    049d3c28b02fa73669b8863755eb072e
Sha1:   a2d5c8bb83d4336b55bc3394187caefb0c11d8f7
Sha256: 658f437d8b2dd6c9ec8f005d943034346f7bed7617c14f8b4478a31b9385a159
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 66569
etag: "663cace8681891ad55943dd0273493aa9474d102"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9766
Md5:    3e8d7af3a5d030774447a0f71c7824f0
Sha1:   663cace8681891ad55943dd0273493aa9474d102
Sha256: 22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 63533
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5914
Md5:    c6380f73d47906bd63b9c48137e4df61
Sha1:   94e053461d2db89e9d08321f26a2555ebcd7e0b9
Sha256: 84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
                                        
                                            GET /logos/6ce3ca18-a8e8-4e52-80bc-d334afc636e7/8e993487-0a24-48a9-9e84-10ea58a7c2bc/unilever-logo.png HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-length: 3238
content-md5: iJEGf4qHXnJKAA2ADvE5zg==
last-modified: Wed, 19 Feb 2020 10:55:11 GMT
etag: 0x8D7B52A317E6980
x-ms-request-id: 0d8749e2-901e-001c-3567-8d00f1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 57330
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb3797ea2bb524-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 140 x 146, 4-bit colormap, non-interlaced\012- data
Size:   3238
Md5:    8891067f8a875e724a000d800ef139ce
Sha1:   096a076392e8eb10be6784cdd371dfa25a2314a1
Sha256: 1efd0e6ffcb8d103be13916ca21016f8585269d8c01ffcbf33eaca7de6f4bcbe
                                        
                                            POST /api/web/event HTTP/1.1 
Host: event.dengage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.unishopturkiye.com/
Content-Type: text/plain
Origin: https://www.unishopturkiye.com
Content-Length: 347
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         195.42.242.247
HTTP/2 200 OK
content-type: text/plain
                                        
server: openresty/1.21.4.1
date: Wed, 23 Nov 2022 16:17:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7817
Md5:    6523613f7ec4a3190152bbbadf0b5ac3
Sha1:   b4a04ed3abf3f183d77ee59c971060413107ead0
Sha256: b8bc0c14e70fc1ed52eec6d2ae892bb7ae9143fdaa3233176b31dff25906b397
                                        
                                            OPTIONS /user/action/6ad47403c22043a795e973c7ec83dcc7/rbs.core.request.LOGOUT_USER?platform=WEB HTTP/1.1 
Host: core-internal.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.unishopturkiye.com/
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.19
HTTP/2 204 No Content
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
access-control-allow-origin: *
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: *
apigw-requestid: cEAjBiobjoEEMTQ=
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 05NSxFllCy8e14Fp7R-TUgQUX08_LTLdDppkWapILfCr9G1P_28gVQ==
X-Firefox-Spdy: h2

                                        
                                            POST /user/action/6ad47403c22043a795e973c7ec83dcc7/rbs.core.request.LOGOUT_USER?platform=WEB HTTP/1.1 
Host: core-internal.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.19
HTTP/2 400 Bad Request
content-type: application/json
                                        
content-length: 38
date: Wed, 23 Nov 2022 16:17:48 GMT
access-control-allow-origin: *
apigw-requestid: cEAjDgsOjoEEMbw=
x-cache: Error from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lnBNErvHEPiEHaFAkDJld8HOfuPnU2M4W35j6wIcorU8gQYitEsMNw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   38
Md5:    9a2edfcdae88e49ddcb46da9c1602886
Sha1:   66c753027ba7fc2bb7c0e89cb87c75bd241fbc2f
Sha256: d01c5e9023d4b920b40b8cb2ee81ec3b4ddb5a6734b1634093b4550cbcce6c8c
                                        
                                            GET /static/mfs-client.min.js HTTP/1.1 
Host: static.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 24 May 2021 07:01:10 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 23 Nov 2022 05:02:01 GMT
etag: W/"9685496c5cbd4c1327dca6eeb873d62e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tf4wvKm7ss95F0u9Iod4H2pKZBDWF3fk8jiCRFniR99juQOKrDV4kA==
age: 40547
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   18631
Md5:    796c9df32e13955485dff21e28392a4b
Sha1:   50a92989cf466f98cc3d780aba688a3796978eeb
Sha256: b427023c1238d208bbbe80d4ffdde6c64f753c83eb32896a60a582643034117b
                                        
                                            GET /user/action/6ad47403c22043a795e973c7ec83dcc7/rbs.storage.get.GET_IMAGE?auth=&data=eyJpbWFnZUlkIjoiMTk4MDQ1YjYtODEzOC00OWFiLTg2MzYtM2RmMTNiYjk1NzY0Iiwid2lkdGgiOjMyLCJoZWlnaHQiOjMyLCJmaXQiOiJvdXRzaWRlIiwiY29udGVudFR5cGUiOiJpbWFnZS9wbmciLCJxdWFsaXR5IjozMH0= HTTP/1.1 
Host: core.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.57
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1095
date: Thu, 03 Nov 2022 15:09:05 GMT
access-control-allow-method: *
x-rbs-session-id: Mg3ECbdAh6EEgnussZs4AZ
x-rbs-returned-service-response-meta: eyJzdGF0dXMiOjIwMCwiZHVyYXRpb25Jbk1pbGxpc2Vjb25kcyI6MTEzLCJleGVjdXRpb25EdXJhdGlvbkluTWlsbGlzZWNvbmRzIjoxMzcsImlzRXh0cmFjdCI6dHJ1ZSwic2VydmljZUlkIjoicmJzLnN0b3JhZ2UiLCJieXRlTGVuZ3RoIjoxMDk1fQ==
cache-control: max-age=15552000
x-rbs-extract: true
x-rbs-culture: en-US
x-rbs-totalrequestdurationinmilliseconds: 138
apigw-requestid: bB7uyjytjoEEJng=
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Oz4k4Iu5K3Fo6lqsekQ-HfVhwqaafxHuc8UWClhNE7sBZkHePhlk9g==
age: 1732124
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size:   1095
Md5:    dd79e50bc14aecf1df98e396744b5d1d
Sha1:   e8f6590d86343964f2ff30ee3b5a29ac6a784243
Sha256: 6bcbfd0aa206b8f80c161003aaf7c3ddae7ec10a219cb0054d8d6be2b1fd5333
                                        
                                            GET /user/action/6ad47403c22043a795e973c7ec83dcc7/rbs.storage.get.GET_IMAGE?auth=&data=eyJpbWFnZUlkIjoiMTk4MDQ1YjYtODEzOC00OWFiLTg2MzYtM2RmMTNiYjk1NzY0Iiwid2lkdGgiOjE4MCwiaGVpZ2h0IjoxODAsImZpdCI6Im91dHNpZGUiLCJjb250ZW50VHlwZSI6ImltYWdlL3BuZyIsInF1YWxpdHkiOjMwfQ== HTTP/1.1 
Host: core.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.57
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 10100
date: Wed, 16 Nov 2022 07:40:58 GMT
x-rbs-extract: true
cache-control: max-age=15552000
x-rbs-culture: en-US
x-rbs-totalrequestdurationinmilliseconds: 175
x-rbs-session-id: 2CZsOG5vxK4TJf2RRH6mmJ
x-rbs-returned-service-response-meta: eyJzdGF0dXMiOjIwMCwiZHVyYXRpb25Jbk1pbGxpc2Vjb25kcyI6MTU0LCJleGVjdXRpb25EdXJhdGlvbkluTWlsbGlzZWNvbmRzIjoxNzQsImlzRXh0cmFjdCI6dHJ1ZSwic2VydmljZUlkIjoicmJzLnN0b3JhZ2UiLCJieXRlTGVuZ3RoIjoxMDEwMH0=
access-control-allow-method: *
apigw-requestid: brwRoigqDoEEP8w=
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TGMhqa7ZJ4z0u_F65qZLshXW7mFht0lmt2WzVueamLrYANYaUzhsQg==
age: 635811
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   10100
Md5:    005564648029925a9cbea0a010177296
Sha1:   bfef02307d745c77320fc11ee388f5c6d1580b32
Sha256: da8012ba9ef0ae53cca608e72605794a3ba56c013c4cd0ce8c7b22af908027ec
                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:58:48 GMT
expires: Thu, 23 Nov 2023 14:58:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 4741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            GET /Visilabs.js?sid=374936655A766C41716F493D&oid=6A7A6658626C726C7655593D HTTP/1.1 
Host: vsh.visilabs.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.29.195.172
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Location: https://avlsh.visilabs.net/6A7A6658626C726C7655593D/374936655A766C41716F493D/Visilabs.js
Date: Wed, 23 Nov 2022 16:17:48 GMT
Content-Length: 205


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   205
Md5:    d2088ec4e23368474bd49d5727b38b17
Sha1:   08671091582458bafe06c1fe79fac2c00e0bc171
Sha256: a01319dd12376b206d75097438bfd34a6ce5f755e3bebf15cb9b3ed20490e1c7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165292
Date: Wed, 23 Nov 2022 16:17:49 GMT
Etag: "637e279d-1d7"
Expires: Fri, 25 Nov 2022 14:12:41 GMT
Last-Modified: Wed, 23 Nov 2022 14:01:01 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3oHk2KhFvLQtoGcOrLizMGRDIPA5QGUZdyo8iEU6HK2ETzQ-Iw3umw==
Age: 700

                                        
                                            GET /c/hotjar-2013602.js?sv=6 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.113
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:32 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/35db5b625aecf2b45eea277dccfad0e9
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bd7sw_5LYifRRyMi4_1UJ_1tbKO1e_uVAJGgkKvbBIH0PJXhlwq0jw==
age: 17
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5909)
Size:   3871
Md5:    2ac58d43e2c69387ba9a99ab962a0aa5
Sha1:   4622c90c81c5d55af4a3359a6f18a8fdbbd7fcbd
Sha256: e70a321d80f1985719ac0bc4118aacd0b5c3a97d00b07f89ba03256ad5285a6c
                                        
                                            GET /login?referer=/gida?dn_channel=email&dn_send_id=431 HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: culture=tr_TR
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
set-cookie: culture=tr_TR; Max-Age=10368000; Path=/
etag: "e4ca3-9qssjcb5hrUlkT71P3Z3JLlqypQ"
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31999)
Size:   249076
Md5:    532f992a881f0ed73ea2263069f16d83
Sha1:   5a5d63e56fcbb5892d133660f10a67c9245f08f2
Sha256: 41b67c4b13dc694c900bef6daec3ae9b6ea55841b9cd1082500e445f6028af5f
                                        
                                            GET /modules.142ca8ad0099c834b74b.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.46
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68590
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "89212b5c8abb5621e2a22cf9215bd643"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ow6OSm4YzRExvBUMPh5z4c6csLcczs5MrtTqmRjHQC5qhJplpsuGAA==
age: 11263
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   68590
Md5:    89212b5c8abb5621e2a22cf9215bd643
Sha1:   2b18176c96f995460cd9d4e5282a65232629f342
Sha256: f07b1382d3ba11923089aaf8c381cc515bd0f5b25f46472a84c228deb4a5dde5
                                        
                                            GET /ibs:dpid=411&dpuuid=Y35HrQAAADpHqQN6 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.unishopturkiye.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.248.120.148
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y35HrQAAADpHqQN6
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=26671212820318312200446537354383479024; Max-Age=15552000; Expires=Mon, 22 May 2023 16:17:49 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jY/hF8SOSSI=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y35HrQAAADpHqQN6 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.unishopturkiye.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.248.120.148
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v045-0a2056b15.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: /BIDRRK5Sb8=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            GET //get/key/v1.json?count=2 HTTP/1.1 
Host: per2.segmentify.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         95.214.74.46
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Date: Wed, 23 Nov 2022 16:17:50 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: b7324636da5cf5ec5220903f7e0297da


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   43
Md5:    7b189774595f0019640bdfd0c4d268ba
Sha1:   edc5a735f7dfb7a652617904c19324a667ba06d9
Sha256: 12adfaa0b6324ce420e0eacbf102ed559ad805cd589e13230184bf69b3cc327a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 20:28:58 GMT
Expires: Mon, 28 Nov 2022 20:28:57 GMT
Etag: "fc3e9f28ad28f403170607e3208ff1617f26080e"
Cache-Control: max-age=446466,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb379ed8c6b509-OSL

                                        
                                            GET /pa.js HTTP/1.1 
Host: cdn.sgmntfy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.149.223.191
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdsiJfwtJRg1EM0ZGJ7z_7-DBbyfZkplEn1GnmzW3T-4pfaNev5vr6ZftNAglmotoiS55AsPcVgPsBbb013q2iqWDA
x-goog-generation: 1654598345914433
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3744
content-language: en
x-goog-hash: crc32c=EasKAQ==, md5=cyc4G7pvJJ/kcNF8DcostA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3744
server: UploadServer
date: Wed, 23 Nov 2022 16:16:06 GMT
expires: Wed, 23 Nov 2022 17:16:06 GMT
cache-control: public, max-age=3600
age: 104
last-modified: Tue, 07 Jun 2022 10:39:06 GMT
etag: "7327381bba6f249fe470d17c0dca2cb4"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3744), with no line terminators
Size:   3744
Md5:    7327381bba6f249fe470d17c0dca2cb4
Sha1:   b6fac12855c66c4841a38d07934fc22302e881ef
Sha256: 393195c622ffdab45d8f71e6988cdcc65ef85102061defa603882dc9f80d11ec

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 23 Nov 2022 16:17:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 20:28:58 GMT
Expires: Mon, 28 Nov 2022 20:28:57 GMT
Etag: "fc3e9f28ad28f403170607e3208ff1617f26080e"
Cache-Control: max-age=446466,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76eb37a06a230b39-OSL

                                        
                                            GET /6A7A6658626C726C7655593D/374936655A766C41716F493D/Visilabs.js HTTP/1.1 
Host: avlsh.visilabs.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.unishopturkiye.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.219.53
HTTP/2 200 OK
content-type: text/javascript
                                        
cache-control: public, max-age=8640000
content-encoding: br
content-md5: fRQRXn236FeaUwGUdTyifQ==
last-modified: Wed, 18 Aug 2021 09:49:06 GMT
etag: 0x8D9622D6B75F3DF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_MISS
x-ms-request-id: ce7d3b35-001e-0051-7757-ff621b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref-originshield: 0rUd+YwAAAAAR+3Iw1xglRaLyo2H/eErrQU1TMDRFREdFMTkwOAAzMDAwNzE3NS1iODgwLTRkYmEtODY5ZS02M2MzNjA0NTUyMjk=
x-azure-ref: 0rUd+YwAAAABqNeByiQ+YSbfdCsZGzNd0T1NMMjMxMDUwMjA1MDUzADMwMDA3MTc1LWI4ODAtNGRiYS04NjllLTYzYzM2MDQ1NTIyOQ==
date: Wed, 23 Nov 2022 16:17:49 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (940), with CRLF line terminators
Size:   87491
Md5:    a6ef191ec25499a805ae0ea658dc886c
Sha1:   4f1001c1d2183dca98bafd3c93129410bfd71d94
Sha256: efaf5aff15ff5ab5367b9a2014967b535c616ebac657333665c821b9dd3369bc
                                        
                                            POST //add/events/v1.json?apiKey=3d9c5ffa-653a-468e-bad8-d26bd5cca622 HTTP/1.1 
Host: per2.segmentify.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 3d9c5ffa-653a-468e-bad8-d26bd5cca622
Content-Length: 1256
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         95.214.74.46
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Date: Wed, 23 Nov 2022 16:17:50 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 4bb8ed4e1c89c6c3bbf904d76c6490f8


--- Additional Info ---
Magic:  JSON data\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14718), with no line terminators
Size:   4372
Md5:    67ee72ce8e9f1e6a6b87566e101766f0
Sha1:   1d0ad2f8e5d87ec8e410a2888daae500c6f5820c
Sha256: 5dac2a8ec002bb67c0846917707002f8ddff7e607e5d62c706a0a9e9a0ff76f7
                                        
                                            GET /unishop/om.gif?OM.siteID=374936655A766C41716F493D&OM.cookieID=LPMOANQZMAISQVOJ20221123161749&OM.oid=6A7A6658626C726C7655593D&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=1&OM.tvc=1&OM.th=1&OM.resol=1280x1024&OM.jv=No&OM.nrv=1&OM.domain=www.unishopturkiye.com&OM.uri=%2Flogin&OM.title=Unishop%20T%C3%BCrkiye&referer=%2Fgida%3Fdn_channel%3Demail&dn_send_id=431&dat=Wed,%2023%20Nov%202022%2016:17:49%20GMT HTTP/1.1 
Host: rt.visilabs.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.29.195.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536027; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-XSS-Protection: 1; mode=block
SERVER:
X-ASPNET-VERSION:
X-POWERED-BY:
Date: Wed, 23 Nov 2022 16:17:50 GMT
Content-Length: 70
Set-Cookie: BIGipServerVisilabsRealtimePoolHTTP=566435257.20480.0000; path=/; Httponly; Secure


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   70
Md5:    14d1707eda790f543c6fb8d0dcff6359
Sha1:   cf7049298a876447c2854cf2bc4df2987587aac5
Sha256: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
                                        
                                            GET /act.js?OM.cookieID=LPMOANQZMAISQVOJ20221123161749&OM.oid=6A7A6658626C726C7655593D&OM.siteID=374936655A766C41716F493D&OM.obj=_VTObjs%5B%22_VisilabsTarget_0%22%5D&dat=Wed,%2023%20Nov%202022%2016:17:49%20GMT&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=1&OM.tvc=1&OM.th=1&OM.resol=1280x1024&OM.jv=No&OM.nrv=1&OM.domain=www.unishopturkiye.com&OM.uri=%2Flogin&OM.title=Unishop%20T%C3%BCrkiye&referer=%2Fgida%3Fdn_channel%3Demail&dn_send_id=431 HTTP/1.1 
Host: s.visilabs.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.29.195.173
HTTP/1.1 200 OK
                                        
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536061; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
X-ASPNET-VERSION:
X-POWERED-BY:
Date: Wed, 23 Nov 2022 16:17:49 GMT
Content-Length: 0
Set-Cookie: BIGipServerVisilabsTargetPool=448994745.20480.0000; path=/; Httponly; Secure

                                        
                                            POST //add/events/v1.json?apiKey=3d9c5ffa-653a-468e-bad8-d26bd5cca622 HTTP/1.1 
Host: per2.segmentify.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
X-Sfy-Api-Key: 3d9c5ffa-653a-468e-bad8-d26bd5cca622
Content-Length: 1361
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         95.214.74.46
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
                                        
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Date: Wed, 23 Nov 2022 16:17:50 GMT
Server: nginx
Transfer-Encoding: chunked
X-Server-Name: 4bb8ed4e1c89c6c3bbf904d76c6490f8


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   124
Md5:    e5866c5348d122dde63c4b88439fd199
Sha1:   345c5510a4c7716f8897bc44e4cef2e4c829974b
Sha256: 70683e6b558263107637cc45bb05a31f19fe843b7a9a690ec9ff4fd52e04f3b4
                                        
                                            GET /unishop/om.gif?OM.siteID=374936655A766C41716F493D&OM.cookieID=LPMOANQZMAISQVOJ20221123161749&OM.oid=6A7A6658626C726C7655593D&OM.pushnotifystatus=default&OM.pushchannel=webpush&OM.pviv=1&OM.tvc=1&OM.th=1&OM.resol=1280x1024&OM.jv=No&OM.nrv=1&OM.domain=www.unishopturkiye.com&OM.uri=%2Flogin&OM.title=Unishop%20T%C3%BCrkiye&referer=%2Fgida%3Fdn_channel%3Demail&dn_send_id=431&dat=Wed,%2023%20Nov%202022%2016:17:49%20GMT HTTP/1.1 
Host: lgr.visilabs.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.29.195.171
HTTP/1.1 200 OK
Content-Type: Image/gif
                                        
Cache-Control: private
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Set-Cookie: OM.3rd=b4a19bba-0460-423b-85d6-49c5eb20966c; domain=.visilabs.net; expires=Sun, 23-Nov-2042 16:17:51 GMT; path=/
Date: Wed, 23 Nov 2022 16:17:50 GMT
Content-Length: 70


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   70
Md5:    02a065761e036bca2f981f3ed704dc79
Sha1:   e251c670f45fb6dadca5f779fed5b6cc132c7cdf
Sha256: cd8feca47797d25495f03a52b6a8605de61b829c01be0dca0c2ff0fed71ec3d8
                                        
                                            POST /event?d_dil_ver=9.5&_ts=1669220271866 HTTP/1.1 
Host: unilever.demdex.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 264
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         99.81.236.184
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.unishopturkiye.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 7 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=00387522527444513363625764275881188262; Max-Age=15552000; Expires=Mon, 22 May 2023 16:17:51 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 8HTkWT/lTZE=
Content-Length: 1222
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3594), with no line terminators
Size:   1222
Md5:    ae0c538f88de8cc98c2819d6580893e0
Sha1:   4d0df0823a32bbe9f9201849960d5ee3d3babca1
Sha256: 1a54557cf30d627a35eed27ec4b9b4f004273aa8ad3bbf0a6ea156452d3e2838
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5664
Cache-Control: max-age=156566
Date: Wed, 23 Nov 2022 16:17:54 GMT
Etag: "637df228-117"
Expires: Fri, 25 Nov 2022 11:47:20 GMT
Last-Modified: Wed, 23 Nov 2022 10:12:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /cross-domain-storage-hub.html HTTP/1.1 
Host: 35814f2c-ba6f-70aa-0a4b-54b5d6a01a8e.dengagecdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         13.107.227.53
HTTP/2 200 OK
content-type: text/html
                                        
content-encoding: br
content-md5: x4WeYGf9fs8VpZqC4DB6kg==
last-modified: Thu, 28 Jul 2022 13:27:44 GMT
etag: 0x8DA709CF478EECE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 026c4e84-d01e-005d-4300-ff4b9d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
x-azure-ref-originshield: 0rEd+YwAAAABDdtKGY7mqT75dWkAyFykvQU1TMDRFREdFMTkwOQBhODYzOTY5ZS00OGFlLTQ5ZTgtOWVjMy1hNWQyYmYxZDg0NTA=
x-azure-ref: 0rEd+YwAAAADOUhGNB1+OSZmAi5Mb442dT1NMMjMxMDUwMjA1MDIxAGE4NjM5NjllLTQ4YWUtNDllOC05ZWMzLWE1ZDJiZjFkODQ1MA==
date: Wed, 23 Nov 2022 16:17:47 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/chunks/pages/login-6cef35dc821caff76609.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"15040-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/iG3-baPqLlqKDXAi3M8qB/_buildManifest.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"17a4-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /user/action/6ad47403c22043a795e973c7ec83dcc7/rbs.storage.get.GET_IMAGE?auth=&data=eyJpbWFnZUlkIjoiZGVkM2NjZjUtNzcwNC00NmNmLWFjMzctYTlmZTE1MDk3MTM2Iiwid2lkdGgiOjU0NCwiaGVpZ2h0IjoxNDAsImZpdCI6Im91dHNpZGUiLCJjb250ZW50VHlwZSI6ImltYWdlL3N2ZyIsInF1YWxpdHkiOjMwfQ&platform=WEB& HTTP/1.1 
Host: core.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.57
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sat, 05 Nov 2022 06:47:29 GMT
x-rbs-session-id: TWeefa6hMmqJ61VLLPQ59S
access-control-allow-method: *
cache-control: max-age=15552000
x-rbs-totalrequestdurationinmilliseconds: 132
x-rbs-returned-service-response-meta: eyJzdGF0dXMiOjIwMCwiZHVyYXRpb25Jbk1pbGxpc2Vjb25kcyI6MTA2LCJleGVjdXRpb25EdXJhdGlvbkluTWlsbGlzZWNvbmRzIjoxMzIsImlzRXh0cmFjdCI6dHJ1ZSwic2VydmljZUlkIjoicmJzLnN0b3JhZ2UiLCJieXRlTGVuZ3RoIjo2NzE4fQ==
x-rbs-extract: true
x-rbs-culture: en-US
apigw-requestid: bHYITgZlDoEEPYg=
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0wr05EsnwDVzSw_n7mq-GS-63Z1JjM4Cjs92NPdJpwPm09kxmdOr8w==
age: 1589419
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.148.64
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Tue, 22 Nov 2022 16:39:33 GMT
x-ms-request-id: 96b32c63-f01e-000c-6fd7-fe3617000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 52106
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76eb3797fa4ab524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/css/0404af3e1e73ac246254.css HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"afe7-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/chunks/webpack-168f21b8bbe0acfd67e8.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"1806-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/chunks/29107295-a36037e5ea1af0472eba.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"117fb-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /push-manager/push/action-based?deviceId=5ead21b0-6b4a-11ed-b724-5147590a0217 HTTP/1.1 
Host: api.dataroid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-appconnect-sdk-key: 6a182a08-1fa7-11eb-bcee-1f0ef6152ca0
x-appconnect-sdk-version: 4.7.0.0
x-appconnect-platform: WEB
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         44.193.88.32
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
server: nginx
access-control-allow-origin: https://www.unishopturkiye.com
vary: Origin
access-control-allow-credentials: true
x-b3-traceid: cf617ac011983032
x-application-context: proxy:cache,rate-limits,prod,logstash
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /public/anonymous-auth?projectId=6ad47403c22043a795e973c7ec83dcc7&ttlInSeconds=10000000 HTTP/1.1 
Host: core-internal.rtbs.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.unishopturkiye.com
Connection: keep-alive
Referer: https://www.unishopturkiye.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.19
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 23 Nov 2022 16:17:48 GMT
x-rbs-session-id: Wq2J8Fvcblnxmb8DfzA7Cy
access-control-allow-origin: *
apigw-requestid: cEAi9jwJDoEEPew=
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dpvDNBEc4onptdZE0W4mYMCVuYtWriM55havsTv7AeUWHin0TAwW9g==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_next/static/chunks/main-631a004c8693f76e9836.js HTTP/1.1 
Host: www.unishopturkiye.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.unishopturkiye.com/login?referer=/gida?dn_channel=email&dn_send_id=431
Cookie: culture=tr_TR
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         52.16.86.106
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Wed, 23 Nov 2022 16:17:47 GMT
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Wed, 23 Nov 2022 12:25:38 GMT
etag: W/"16a24-184a47369d0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /api/web/subscription HTTP/1.1 
Host: push.dengage.com