dusunmekvepaylasmak.blogspot.com/search/label/Dsg%20%C5%9Fanz%C4%B1man%20kullanan%20ara%C3%A7lar
142.250.74.1301 Moved Permanently 233 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/Dsg%20%C5%9Fanz%C4%B1man%20kullanan%20ara%C3%A7lar
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash baeb8c492115504d1dd9a4a7f50cf3e9
c8eef5e4f6c926494d9f12324f74a92ff1f49791
cb9a0ec9be45a1503b45a2f6e95e5a5e180d88b54ce21ac1c4d5db1a3dd388ad
Analyzer Verdict Alert fortinet Malware
GET /search/label/Dsg%20%C5%9Fanz%C4%B1man%20kullanan%20ara%C3%A7lar HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/Dsg%20%C5%9Fanz%C4%B1man%20kullanan%20ara%C3%A7lar
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 23 Feb 2023 07:04:08 GMT
Expires: Thu, 23 Feb 2023 07:04:08 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 233
Server: GSE
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7626
Expires: Thu, 23 Feb 2023 09:11:14 GMT
Date: Thu, 23 Feb 2023 07:04:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6eb0a77aa4a20639a06d9621742007c2
d2d03beeb111049117b70d5f3dff3698a671ef8a
62c2da0800bf8efb6bb985b2eb046fa863e0b394681fb2ab187a9c4836fbd320
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C2DA0800BF8EFB6BB985B2EB046FA863E0B394681FB2AB187A9C4836FBD320"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4542
Expires: Thu, 23 Feb 2023 08:19:50 GMT
Date: Thu, 23 Feb 2023 07:04:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 06:38:18 GMT
content-type: application/json
age: 1550
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2877
Expires: Thu, 23 Feb 2023 07:52:05 GMT
Date: Thu, 23 Feb 2023 07:04:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Iov9R2btMiReaeBg4jhV/Z4MUi53vIRGGj9Ay0cpMc43r5swY/i0VovWDAhXv6v+HDLje6m3FbA=
x-amz-request-id: 6QTSG6VBFSR4M59P
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 06:48:58 GMT
age: 910
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2000439a1f1256f4cd6740d159f5604c
c2843830c7d914ffc15d28b916e2a89a52488ce4
69fb2162c9a8be0d0f1571f422d2bec12568abfbdc3b238101f70f370e4e40db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:08 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 06:20:35 GMT
age: 2613
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4aaa1f1be68ba53b441e577dcbf8b7c1
618b2e62b7f2feb82093a3706573e18ff9f69827
8d3978b35fd96458b8fff71c9dbb47ab616dfd49d669027fd6c5a52a4e9bafa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D3978B35FD96458B8FFF71C9DBB47AB616DFD49D669027FD6C5A52A4E9BAFA0"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8267
Expires: Thu, 23 Feb 2023 09:21:56 GMT
Date: Thu, 23 Feb 2023 07:04:09 GMT
Connection: keep-alive
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xb4rQ/Lfa/VEnN5BBgEQmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cNqOev2GxUtdp6sKrxAWebHAPyU=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2000439a1f1256f4cd6740d159f5604c
c2843830c7d914ffc15d28b916e2a89a52488ce4
69fb2162c9a8be0d0f1571f422d2bec12568abfbdc3b238101f70f370e4e40db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81cc805a99c4d9fc99b52fa3172df750
32574515334aa37f0a3d531bdaf7953883db563f
f0ab3b125ff2150c5fac8e7e957d3f120f9cb8c7c1310befe5bfe3509f5a9bb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 11:17:19 GMT
expires: Sat, 17 Feb 2024 11:17:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Feb 2023 23:58:31 GMT
content-type: text/css
vary: Accept-Encoding
age: 503211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a8530fcefb585de4930c998e366124cc
290ef080fe5bddca89a1a92e505268f9c38a308c
e2369003249fb3ebcc2f3ced2f2cd685376be22d7201cdc52b73751834c5c7fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 67d0353e59411ba1f85c492efa548d94
2bb48dd2638abb14217de43ca03d2485a31eb7e7
c50c81dc979238b0bfea29f69cc5b4e6277e06c407025412430c190acf1e8d29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 67d0353e59411ba1f85c492efa548d94
2bb48dd2638abb14217de43ca03d2485a31eb7e7
c50c81dc979238b0bfea29f69cc5b4e6277e06c407025412430c190acf1e8d29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a8530fcefb585de4930c998e366124cc
290ef080fe5bddca89a1a92e505268f9c38a308c
e2369003249fb3ebcc2f3ced2f2cd685376be22d7201cdc52b73751834c5c7fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 9a411a745515fddc6ccf58c960833c94
fce796b246a68259c1ecec70c762965ab9e98a9a
84a9c928c79d0723cf52ed1efe214f0b23a1ae2c08c8299b03df147f3bacd2c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Feb 2023 12:43:45 GMT
expires: Sat, 17 Feb 2024 12:43:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 498025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 198baf3f7d853bc634b438561c189896
63640490c23c9d452cb566e3c8d9cb29cb9bef37
5edbbfadba784c3a27259984b189817862e146c0c550b6854bd6175be846aa41
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 4527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
142.250.74.161200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7d8d"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 6242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash eba3c67b7230f1dd27505697b4bc52fe
39282aa0010baa30126227172a8aa1c4745ddc8e
dc221a052af30a688d8ee224939b7f0fff5245140ced2d8ab7080eae307f4f19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4606
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Last-Modified: Thu, 23 Feb 2023 05:47:24 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1866a1eda8caaedee6e9021f426d9d21
050f44f27fb2164dd65c28a937a89d9f7aa87fd4
6fbe535d995be032754b848a23901cd0eea3d102e279f3cb3a0c881fa52eb4e7
GET /-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20fb"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 2591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-19531429-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 70593f61ca13154b550e7a6cfae2e75e
b214c8ef570bd8cf763138cf6c907962fb0bec35
0d19724fd46e9538af2b3f9ecd6e3f32ea6a1f9f12fc3d2a41983294b0f5e3d4
GET /gtag/js?id=UA-19531429-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Thu, 23 Feb 2023 07:04:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4484
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Sat, 18 Feb 2023 16:39:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7fdb"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-20442478-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 7873903cc1ad8e9fd083c77a1328e712
8cefeb0d6533f3a6e11b668aa9ec90f228795ac1
1a05f9acbf2dd0ece61e99267965c1a0b6cfc471f3d6ddcb7acac7c03df0db44
GET /gtag/js?id=UA-20442478-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Thu, 23 Feb 2023 07:04:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Feb 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44116
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 101cb2f6a85980b317ea2eb8293f8a8e
65646d427fdfe4e2cfd0663a211b8b9d3b98cb5c
2599d588436b93dbad44b9c1f222caa13b2d7db9fb81b3123b10543cb8a34fc8
GET /-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20a3"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B_R GAR_P A_K H_KAYES_ NE_ET ERTA_&LEYLA ERTA_.jpg";filename*=UTF-8''B%C4%B0R%20GAR%C4%B0P%20A%C5%9EK%20H%C4%B0KAYES%C4%B0%20NE%C5%9EET%20ERTA%C5%9E%26LEYLA%20ERTA%C5%9E.jpg
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 2641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Thu, 23 Feb 2023 07:04:10 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4733770bf092ca1324e01dff373722a1
1524c31178714c399a4b4751744b261768c41277
26776ee98fd94df1d3adbadb39aaad24b847a689c2119c2ed62a70640f4b5b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81cc805a99c4d9fc99b52fa3172df750
32574515334aa37f0a3d531bdaf7953883db563f
f0ab3b125ff2150c5fac8e7e957d3f120f9cb8c7c1310befe5bfe3509f5a9bb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-DEgOATy5nO8/TpHNf4RBy-I/AAAAAAAAAuY/ParjdGcwato/w72-h72-p-k-no-nu/dolmabahce_sarayi-abdulmecit_odasi.jpg
142.250.74.161200 OK 3.9 kB URL HTTP/2 3.bp.blogspot.com/-DEgOATy5nO8/TpHNf4RBy-I/AAAAAAAAAuY/ParjdGcwato/w72-h72-p-k-no-nu/dolmabahce_sarayi-abdulmecit_odasi.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6b3db00ccd0b540a0fc0bf775680aec8
f50321940712af8c3cadadfb960bdf75319fd54b
c55167807ed14d18e90abdd49e9b39593e959a347dff93f4f39105d2c893f442
GET /-DEgOATy5nO8/TpHNf4RBy-I/AAAAAAAAAuY/ParjdGcwato/w72-h72-p-k-no-nu/dolmabahce_sarayi-abdulmecit_odasi.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5ec"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dolmabahce_sarayi-abdulmecit_odasi.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 3922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-of1RMMWjFsw/WG670KpgwYI/AAAAAAAAcyE/PhJ_OKVCbfsLaqSSGuLJ31ZDQjj1E84WACLcB/w72-h72-p-k-no-nu/Kucuk_seyler-Samipasazade_Sezai.jpg
142.250.74.161200 OK 4.1 kB URL HTTP/2 4.bp.blogspot.com/-of1RMMWjFsw/WG670KpgwYI/AAAAAAAAcyE/PhJ_OKVCbfsLaqSSGuLJ31ZDQjj1E84WACLcB/w72-h72-p-k-no-nu/Kucuk_seyler-Samipasazade_Sezai.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5e38cc0a43e76ade0d719112a1bc1c29
9dc399ed45b06c0e7305e30dfb61f330b1c9d017
908b57ea2a33b4c27036af2ac0e58126414090d0cec99ddbff9ab4bcac91d7f6
GET /-of1RMMWjFsw/WG670KpgwYI/AAAAAAAAcyE/PhJ_OKVCbfsLaqSSGuLJ31ZDQjj1E84WACLcB/w72-h72-p-k-no-nu/Kucuk_seyler-Samipasazade_Sezai.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7322"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Kucuk_seyler-Samipasazade_Sezai.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 4056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
142.250.74.161200 OK 5.4 kB URL HTTP/2 3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9b4a4815a20ad6bb3a6dd27fb3600afa
22e844b7367d4fb4bc6ed871e32dd56c4ffd5acf
2dcebf6fe49227b8060f919ae690f566bf41570629399ad29e4cf9cc1827bdaa
GET /-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v9158"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dort_buyuk_melek.JPG"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 5409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg
142.250.74.161200 OK 2.5 kB URL HTTP/2 4.bp.blogspot.com/-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash baa9d06bcef2697388ab6393245d1ac3
03b4fa0d4f6bf24dcf771901e6fbda91c8ba796b
d6d167706d609d87aa2a48e337f22dd9c0dfda289cdca0d79ab5b18b0511b695
GET /-eEQ1wGAHge8/WO7Hs45GUbI/AAAAAAAAgFE/ECg4dqGkGI4SsvpcmeU5zTiKrzodfWnCACLcB/w72-h72-p-k-no-nu/1930-otto-pilny-esir_k%25C3%25B6le-pazari-tablo.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1930-otto-pilny-esir_k_le-pazari-tablo.jpg";filename*=UTF-8''1930-otto-pilny-esir_k%C3%B6le-pazari-tablo.jpg
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2468
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Mon, 20 Feb 2023 18:07:43 GMT
cache-control: public, max-age=86400, no-transform
etag: "v8059"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.com/search/label/Dsg%20%C5%9Fanz%C4%B1man%20kullanan%20ara%C3%A7lar
142.250.74.1200 OK 121 kB URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/Dsg%20%C5%9Fanz%C4%B1man%20kullanan%20ara%C3%A7lar
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526)
Size 121 kB (121017 bytes)
Hash 5ec12905110facb854d7f2b8a279f2a8
c984a69f82594a7fede9976aefde290c2e273204
62a462245647aba9e9c321c44583e1fa807c717ac255da8173294a62c3a91930
Analyzer Verdict Alert fortinet Malware
GET /search/label/Dsg%20%C5%9Fanz%C4%B1man%20kullanan%20ara%C3%A7lar HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 23 Feb 2023 07:04:09 GMT
date: Thu, 23 Feb 2023 07:04:09 GMT
cache-control: private, max-age=0
last-modified: Sun, 12 Feb 2023 16:02:19 GMT
etag: W/"c55f17209c5493a7ee9ddc504df3e67291ad1ca6d3df5e2fe2b5f0c632d85717"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 121017
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a8530fcefb585de4930c998e366124cc
290ef080fe5bddca89a1a92e505268f9c38a308c
e2369003249fb3ebcc2f3ced2f2cd685376be22d7201cdc52b73751834c5c7fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (3649)
Hash 7364e67f1a3e841a8d514e940269212d
b472f3a008c342cba43c5837add1da19661efc28
b0e6aa73516b35e9bb656079f091549aed600197989f18a841668462305ec3fe
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Thu, 23 Feb 2023 07:04:10 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4287495322932108077
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a8530fcefb585de4930c998e366124cc
290ef080fe5bddca89a1a92e505268f9c38a308c
e2369003249fb3ebcc2f3ced2f2cd685376be22d7201cdc52b73751834c5c7fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/2 4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 224d3ec59a39b8cdd2d4c077d110c666
74bfa0bc3bbd7d8928b4b92eed15d3fec387dc96
8e58417455611270809624f5418459976924a39b03d7b3cc7e34f2408d5a45aa
GET /-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3254
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Sat, 18 Feb 2023 16:39:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1e5"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.74200 OK 4.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.74:0
Hash 6840114904751d702716578e9265a211
bc9f89c76192a1051d066d4085548c3abeee5b5d
a1c7b7b22fddf2f43442df472ea342427f26b4c27ecb6ff1b4c9d93e56c4b79f
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Feb 2023 07:04:10 GMT
date: Thu, 23 Feb 2023 07:04:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3feda69b54a7382821cea05719fd60f7
38c4c734a116c904aef9b12dee521f2d231dd1da
bc791c45c72bbb86a69ba1d4463e82b7cde6cb1f849606740e9ab1f8743c09ec
GET /-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="turkcell_vinn_3g_modem_ayarlari.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2162
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Sat, 18 Feb 2023 16:39:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 33 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (1448)
Hash c670bba0fa340185c44b3fac93e00cae
021879412d3f8abaccdcff865b854b921eb8ec55
ac11ab0c58130b4efaf12471b158b7c98163de532aeaf2a5417f4eee51d8f333
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 32813
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
access-control-allow-origin: *
date: Wed, 22 Feb 2023 19:25:15 GMT
expires: Thu, 22 Feb 2024 19:25:15 GMT
cache-control: public, max-age=31536000
age: 41935
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 67d0353e59411ba1f85c492efa548d94
2bb48dd2638abb14217de43ca03d2485a31eb7e7
c50c81dc979238b0bfea29f69cc5b4e6277e06c407025412430c190acf1e8d29
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
142.250.74.161200 OK 2.5 kB URL HTTP/2 4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 56135157d216e4eec2eb28a4eeb1fbb9
ef67d140c4ecf6ac7f339eb3e5d45fabe21b2e9b
2e1a2083a1acc23a31793d7a9a35810e6c44c8112a413dee00c0c2848c02b751
GET /-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kopek_memesi_Hidradenitis_s_pp_rativa.jpg";filename*=UTF-8''kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 2545
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5a9e54f54243639a31020050bfc7fb55
c49766d67bea2ce07bd3c925d42897ab992f94e2
26b96bbdd02ca9498d5c7a4b970ebbec31039db95a2ce6e5a6ff665c73023a8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg
142.250.74.161200 OK 6.3 kB URL HTTP/2 3.bp.blogspot.com/-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 425231c8fe8e77bdff8aec15f1d48354
1284a6adf99fc6e901ad2d7cd48ad8fc155b3190
6ff8f3e8fc1254ddff62c5e3ca84aae62d0edad1afbb087c51c941887e33c9b0
GET /-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="cicek_leylak-cicek_resimleri.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6296
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Sat, 18 Feb 2023 16:39:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v842"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
104.18.11.207200 OK 130 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (28596)
Size 130 kB (129490 bytes)
Hash 70fdaf0313b76e7a549227937590ae47
17ed62e3e49be4b1b22488c529629686649d4755
8820111f0795a8d540341d7bf41372705aee1bdf5b615ca96f1efdc61eefc8d1
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 07:04:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-03 22:46:19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b43941af4bb8e32ed6d04a6a37617f28
cdn-cache: HIT
cf-cache-status: HIT
age: 3034597
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79de1b170fa0b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1122177369c440f76d151b7a4edfa980
44eaed05623ad05aff05e00c3d9b2a5ff4a8335d
373a198f79ff7304371ba901dacb92918e05808978932388a2e727fcc6e70617
GET /-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1fe3"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10_aralik_insan_haklari_gunu.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 3365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5a9e54f54243639a31020050bfc7fb55
c49766d67bea2ce07bd3c925d42897ab992f94e2
26b96bbdd02ca9498d5c7a4b970ebbec31039db95a2ce6e5a6ff665c73023a8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
142.250.74.161200 OK 4.1 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6d50be519c80191ee9043c30938eb53c
5c764bc1ae85cca9936117ea0ec1ca7de8989a28
58c82626ef5bbae4f1cbc39e7df75682d1d9c678cf2a2d0e4b280779d5b5089c
GET /_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kosgeb.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4100
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Fri, 17 Feb 2023 23:52:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v96"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png
142.250.74.161200 OK 9.5 kB URL HTTP/2 2.bp.blogspot.com/-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 305d8fe3e2814664363d50f38c6f1453
aab5de26887140b7f27847196bfcc9aae7a7d7c2
cec8134471a879005b14d26803e313bbbcb5e0ab2c2e5af693604ef142980c0d
GET /-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="facebook_arkadas_gizliligi_duzenleme.png"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 9459
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Sat, 18 Feb 2023 16:39:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v78ef"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 85d832115b9dab07ebb58a2c7a42d25b
77b4c1ee9e67c8a915b8629376aa07d95e1052ff
4821081ed8a16ebe7abcad687dc6ebe6baa3e46461980aee72897c738815c82a
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4521
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Sat, 18 Feb 2023 16:39:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 14:34:21 GMT
expires: Fri, 16 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 577789
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 12:57:52 GMT
expires: Thu, 22 Feb 2024 12:57:52 GMT
cache-control: public, max-age=31536000
age: 65178
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 875a5eb0b263a336d4dba17b36b67d98
4eedf6bb827cf2cfba70af9f579b7a39b6cd8581
b08d7462edc4af114d3250b105b4689fbc3bd36c687fb6149df5da0a8341d285
GET /_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigara-yasagi-bulent-duzgit.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3364
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Sat, 18 Feb 2023 16:39:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7a"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
216.58.207.227200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 21:56:43 GMT
expires: Thu, 22 Feb 2024 21:56:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
age: 32847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Feb 2023 04:05:31 GMT
expires: Tue, 20 Feb 2024 04:05:31 GMT
cache-control: public, max-age=31536000
age: 269919
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4733770bf092ca1324e01dff373722a1
1524c31178714c399a4b4751744b261768c41277
26776ee98fd94df1d3adbadb39aaad24b847a689c2119c2ed62a70640f4b5b18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-W9d-YYof-lM/WOfjOo4TKVI/AAAAAAAAf4o/jWt-THHcI78dfvTh-ieQOCdH0_HV_WwPQCLcB/s72-c/otomatik_vites_nasil_kullanilir1.png
142.250.74.161200 OK 5.3 kB URL HTTP/2 3.bp.blogspot.com/-W9d-YYof-lM/WOfjOo4TKVI/AAAAAAAAf4o/jWt-THHcI78dfvTh-ieQOCdH0_HV_WwPQCLcB/s72-c/otomatik_vites_nasil_kullanilir1.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash b32cf43a7f2f78776ec75d9623c0adb5
d335357aaf8e5d54a734bd676b3ba51727d03f98
e9d79d1236d760300daca7c3b54e5db0536c2e59e897d76ab533a5b7b483131c
GET /-W9d-YYof-lM/WOfjOo4TKVI/AAAAAAAAf4o/jWt-THHcI78dfvTh-ieQOCdH0_HV_WwPQCLcB/s72-c/otomatik_vites_nasil_kullanilir1.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7f8b"
expires: Fri, 24 Feb 2023 07:04:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="otomatik_vites_nasil_kullanilir1.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:10 GMT
server: fife
content-length: 5288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116332 bytes)
Hash c8d737e60bdacba7881311502080326f
dd80ca62ff99c01e84b9821ed22256c65870f3e5
0a2920847187f38e6f526a7e7eb20ec40fb7f37f56338de0c5e0e757f73ca8cc
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116332
date: Thu, 23 Feb 2023 07:04:10 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 02:42:37 GMT
expires: Wed, 21 Feb 2024 02:42:37 GMT
cache-control: public, max-age=31536000
age: 188493
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 12:07:26 GMT
expires: Fri, 16 Feb 2024 12:07:26 GMT
cache-control: public, max-age=31536000
age: 586604
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6486
Expires: Thu, 23 Feb 2023 08:52:16 GMT
Date: Thu, 23 Feb 2023 07:04:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6486
Expires: Thu, 23 Feb 2023 08:52:16 GMT
Date: Thu, 23 Feb 2023 07:04:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6486
Expires: Thu, 23 Feb 2023 08:52:16 GMT
Date: Thu, 23 Feb 2023 07:04:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7713f4b5-c3f3-4d1b-b482-207e7dba9b9f.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7713f4b5-c3f3-4d1b-b482-207e7dba9b9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74dd13a48eb1b654aa657ac1b50abd24
4b5a935ba7d60b1f68e89d56115a91bd90fef982
c2edd14bfbfcce7e37c6226b47f31a133e9e51efcd0dcbc2a33bc89c564446d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7713f4b5-c3f3-4d1b-b482-207e7dba9b9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6136
x-amzn-requestid: a2466096-4fbe-43aa-8f32-b4bd90d8a0d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Auq1HFb2oAMFS9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5be86-453b0b3210b8885f0b64abda;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:04:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2S_xlaG6EP-i1UFYcKaygH3r-2qj2d7nlw9LPdRuXiW1BifDDnqFzg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 07:15:45 GMT
age: 85705
etag: "4b5a935ba7d60b1f68e89d56115a91bd90fef982"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e767c4b566f75c2e5c384d79c874a982
3aa715f0e3a2fbc2a6be06a1284610be50685023
eb40b67d33ffb31a5acb809c4da06e3a82c49990b78f34407d56d22c444cf11c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7286
x-amzn-requestid: 3c5826ab-c99d-41c0-8145-561cab4d1d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqTQFtaIAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a7a-4e4d07a87e805c5c16837dfe;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: anJcs_dDaqQi_kTT67paSKY90nqjll-QXuFboe1wV_26pr5WK5iNtw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:45:02 GMT
age: 33548
etag: "3aa715f0e3a2fbc2a6be06a1284610be50685023"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230221/r20190131/zrt_lookup.html
216.58.207.194200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230221/r20190131/zrt_lookup.html
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230221/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 22 Feb 2023 22:12:52 GMT
expires: Wed, 08 Mar 2023 22:12:52 GMT
cache-control: public, max-age=1209600
age: 31878
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfee418-99f5-439e-9e40-75767a134a93.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfee418-99f5-439e-9e40-75767a134a93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f75d995900faff4dfb986c37af519dd
7f34541667d73a11ff3c607db650aea83f5a6525
3805d2620cd1a961e65724c47e649919253ba564e875da53ebdbe53f25344400
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febfee418-99f5-439e-9e40-75767a134a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6424
x-amzn-requestid: 31fd1a15-a315-4765-84cd-dcf73bafe1bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ara0EHnqIAMFxpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f471b3-4a79c05417e5d83f0c528d0b;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:24:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rb0tpsPVsY7tB7kArisQN7pcO0z0ItE5M0JYkErq-Uc-ARVGpliweA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 13:01:56 GMT
age: 64934
etag: "7f34541667d73a11ff3c607db650aea83f5a6525"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 33595
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbf1945668d4a8c35e68f8d60fd80f56
0553020a82f7a6245a2979d58e1765883a777893
4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p6v-ksQmtagKBT2hXXL7AVGvhSCwy8wUoi4dWRJPDaSsT7BvBxh4fw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 03:02:20 GMT
age: 14510
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 23 Feb 2023 05:53:25 GMT
expires: Thu, 23 Feb 2023 07:53:25 GMT
cache-control: public, max-age=7200
age: 4245
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b71d2b327e4b858ce631d4d3d7ebeb4a
d35b46e26cab53baf794abc95a9796fc681f8d6d
e69798f5c9b6b1e33b8e7b3dc2ea1c463f06d4ba4fbc3b08e1fdd13d19b4756b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5894
x-amzn-requestid: 70cc1517-7f08-4576-ba9a-2d049ce63647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqgqHB5oAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68ad0-7d8e36ec44432c5a69c0662c;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AvjfDtI2Wg_A17yfvDITdJ_kgpaOmXyZStanoZDdy2ezFbYzOGu3Qg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:49:47 GMT
age: 33263
etag: "d35b46e26cab53baf794abc95a9796fc681f8d6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=4531fd75-e2f5-411a-b142-2c204b549ea3
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=4531fd75-e2f5-411a-b142-2c204b549ea3
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5726965044016880204&zx=4531fd75-e2f5-411a-b142-2c204b549ea3 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Feb 2023 07:04:10 GMT
last-modified: Thu, 23 Feb 2023 07:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 6be18d0aa0b4be8691e92a46dba2463b
26d4e0be66070193a2d96e8d16b780985dc342ec
ff2e26331e7ccb4e3f227a390a4981deec5d7e37b0fa58e5cb44ac47b12f65b7
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 07:04:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 27 Feb 2023 04:08:08 GMT
ETag: "26d4e0be66070193a2d96e8d16b780985dc342ec"
Last-Modified: Thu, 23 Feb 2023 04:08:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79de1b1abcb20b3d-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 52a08d5240e455734bd1b1b2b9a7f151
25024748c5b3a84fc509f1fd939de98767898ce1
ca673bcf13c36a73504dbc4ed586b54b6b11e926ba1cb4ce4d55d72f18d0970c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.rollercoin.com/static/img/ref/gen2/w160h600.gif
172.67.72.239200 OK 280 kB URL HTTP/2 static.rollercoin.com/static/img/ref/gen2/w160h600.gif
IP 172.67.72.239:0
File type GIF image data, version 89a, 160 x 600\012- data
Size 280 kB (279535 bytes)
Hash f7ebe601cd03f5ff0728bc5deee504d1
fbb6122a673bdd0cdc0dea9701007b7a2ca44148
1cfb0e0282f23b87e38a716bd20b5d8ae545e20a8e866886b99363d38ef6e2f5
GET /static/img/ref/gen2/w160h600.gif HTTP/1.1
Host: static.rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 07:04:10 GMT
content-type: image/gif
content-length: 279535
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=323815, status=vary_header_present
etag: "48a59acf42541b23d2b554a963decea6"
last-modified: Thu, 19 Jan 2023 11:51:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx0000000000000e8205215-0063c973dc-5193d7f2-nyc3c
x-rgw-object-type: Normal
cache-control: max-age=1382400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjUCp7%2BlHwhDtrgSSdezV2rvikx1h5AePknH%2Fly7khdFa96W8tgu%2BhCnOcX88Ixnmoyow2VBF9f%2B9%2Bivbo%2B0fdKfc4ZOIEsGhSwZiVDCuNztfK%2FYxWkB%2BQReerr22qixna6UXJpwKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79de1b1b7f25b4eb-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 21:48:03 GMT
expires: Fri, 16 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 551767
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=121140697.1677135859
216.239.38.178200 OK 46 kB URL HTTP/2 www.google-analytics.com/gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=121140697.1677135859
IP 216.239.38.178:0
File type ASCII text, with very long lines (1759)
Hash 05feba601fade1fc8285d37b64fe2101
88abe4673daac71b1b8e1167bf626200c533de5c
26b63c945c8c4540b06b79112eb71707bc44fd52be3213222403fc01bd1501f1
GET /gtm/js?id=GTM-5WCFSJ2&t=gtag_UA_19531429_2&cid=121140697.1677135859 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 07:04:10 GMT
expires: Thu, 23 Feb 2023 07:04:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 52a08d5240e455734bd1b1b2b9a7f151
25024748c5b3a84fc509f1fd939de98767898ce1
ca673bcf13c36a73504dbc4ed586b54b6b11e926ba1cb4ce4d55d72f18d0970c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5c79f7689efb3e9384d23c012fbb7459
6383d131dec112059c3bb88971dc23ce47bc98f2
4bc466ff7e5773f11ef30dba2c57bb6b76b05964622a087f0fba48686b6b85f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Feb 2023 07:04:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 16
Date: Thu, 23 Feb 2023 07:03:56 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 23 Feb 2023 07:04:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 00fc3b5f1c0bf75bad8c142109720834
050f2d14da16248ead53d3996d88aacd18e5041a
b5f65aaa770693ab60c9c5342fa5aff03408055071e73a7c08c89fb5faf143c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 6be18d0aa0b4be8691e92a46dba2463b
26d4e0be66070193a2d96e8d16b780985dc342ec
ff2e26331e7ccb4e3f227a390a4981deec5d7e37b0fa58e5cb44ac47b12f65b7
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 07:04:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 27 Feb 2023 04:08:08 GMT
ETag: "26d4e0be66070193a2d96e8d16b780985dc342ec"
Last-Modified: Thu, 23 Feb 2023 04:08:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79de1b1ae939b4e8-OSL
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=wwjzbtwl5vsupqulzna4gc42; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Fri, 24-Feb-2023 08:03:56 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Thu, 23 Feb 2023 07:03:56 GMT
Content-Length: 318
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 16
Date: Thu, 23 Feb 2023 07:03:56 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c73150d6263321914facdfad1db86765
e75f4660c73edf08839bf8ef58be958869a23117
a28c32e7a47d116bd7d3605676c3979be580bf75e400b28291536e82d5040ed2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 463 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash 1c6227c8921c242f3182a167a50510d0
92a14423ce3b47acd82422037f06fd58a6c2d4fb
7e764a2048862615491003be7b4c2507b877efdad3768db248057d4bb23b983a
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Feb 2023 07:04:11 GMT
location: https://www.blogger.com/followers.g?blogID=5726965044016880204&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-eTu2PQSD0g4ohsFbRnTUsw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 463
server: GSE
set-cookie: __Host-GAPS=1:QcJo2QEphcJ0nKyYsNhbEqG5uEzkJg:pj7V8vzNbqptDRzv;Path=/;Expires=Sat, 22-Feb-2025 07:04:11 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=12189
date: Thu, 23 Feb 2023 07:04:11 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 29 kB IP 216.58.211.3:0
Hash aaeb6eb10d340a2c3738249f938488f5
ad892b5d5600e1240975ff2bb5fc777ecf36b74f
4bd8bb002b0c0ddf2f0476877b30b099148c984732416d64256849370d5a10f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 17c262c7c399b70411f5c415afb5fd76
833f2b835dac06cd2ccdb166e4aa68d33bbe18dd
853a91369ce9dac92b50c2a517c8ffbbd921b36ae1bf961e6424d1b177c1e930
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js
216.58.211.1200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20230221/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Wed, 22 Feb 2023 20:53:22 GMT
expires: Wed, 08 Mar 2023 20:53:22 GMT
cache-control: public, max-age=1209600
age: 36650
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 8.3 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1795)
Hash e5dcc7b66dff12971b72d868ac72de70
0ba58fc8ac2d3fa6596d136eab758d66f38d0284
889027636b49be4bc5ce71a62c99f63e2910403ac89084870d4060850a9c7804
GET /pagead/js/r20230221/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8274
x-xss-protection: 0
date: Wed, 22 Feb 2023 20:53:22 GMT
expires: Wed, 08 Mar 2023 20:53:22 GMT
cache-control: public, max-age=1209600
age: 36650
etag: 9471482037410804447
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
172.217.21.162200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 172.217.21.162:0
File type ASCII text, with very long lines (3399)
Hash 7e96d5be1b37d1a4de51932f330a0912
325a969d5e306e99dc7614129491ee13dbe59626
46470c258591e12cfc58c175902a4e4372970883362486a5a03fd4d9f7513c50
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49018
date: Thu, 23 Feb 2023 07:04:12 GMT
expires: Thu, 23 Feb 2023 07:04:12 GMT
cache-control: private, max-age=3000
etag: "1676996822105882"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 99833367490dd4a0b1fe074db23fbaa0
f5195f40f27dc45e7dfc323a8f5e0c546be2f6ca
0e4a4c91d19b35385a72a41c0b2b9bf64ec4e9b064c6230de863985d935239c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
83.66.162.128200 OK 4.5 kB URL HTTP/1.1 widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (19781), with no line terminators
Hash 9addf68a5cc9633f32c20bfe9df6eaaa
b2bcfadf03938190ba76702f6d33c99f5491cf7b
7454bc429d787dd6a335f7d1fb73a058f3ad426761bf19d089fceadd9b048165
GET //content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01 HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 3398495
Date: Sat, 14 Jan 2023 23:02:31 GMT
Expires: Sun, 14 Jan 2024 22:04:59 GMT
Cache-Control: public
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Last-Modified: Sat, 14 Jan 2023 22:04:59 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 4517
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:01:33 GMT
expires: Thu, 23 Feb 2023 07:16:33 GMT
cache-control: public, max-age=900
age: 159
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 97cc69eab3be2a4ab7bd1e4e6de61627
2560c5f4a2e7d510b7ebf40fefde00ac05021925
f68dd5dbf79ae2321c391cae772dd956bd42284c663503564beba980a3228a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3439
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Last-Modified: Thu, 23 Feb 2023 06:06:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 99833367490dd4a0b1fe074db23fbaa0
f5195f40f27dc45e7dfc323a8f5e0c546be2f6ca
0e4a4c91d19b35385a72a41c0b2b9bf64ec4e9b064c6230de863985d935239c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 23 Feb 2023 07:04:12 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 40fc6b67cb9a8cd7f0da92ded8cf6645
64ab7f34b437d3060a91f342a39e833c494813fe
0cd0e65b8de77d749c48e8f007f41e39ca27c62513a4a3d01cde162feb82d5ec
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 23 Feb 2023 07:04:12 GMT
server: ESF
cache-control: private
content-length: 31034
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 440beb93bc2481c500bed2c2719a96ab
8231c07a8cf345bf3b1e5ca5d7b4e8af60d72ae5
14182dbb3daa77650d97e07e0c567f73648720a4b06633200dd1846da8c5b0bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js
216.58.211.4200 OK 14 kB URL HTTP/2 www.google.com/js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (36212)
Hash 95ea09baa0f0a6abfed9f2369fe28979
49b89e5107f8866d6613fa6641fec90cb2ee3ca9
7c3d3c237eab6377d87404e68fad4ca16a8fd3238a0a810dfcac7f2e066d9d9f
GET /js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 13:01:46 GMT
expires: Thu, 22 Feb 2024 13:01:46 GMT
cache-control: public, max-age=31536000
age: 64946
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 187a730411301ee0fbde19b354bd4bb0
d93912d557a8453ea5463411522faafc24b8a7f5
af6bcc15a369874ee9dfc782b736d96e450cc1ac5e645d1e53c1062d55ac20bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 87f67ad3a4076580fb6413c51123baf4
ef1d134043236916370db07e59d948dd60c74408
6a3a2fd13e8529e876e48640a8922bd4ec0a7ec23620c14dac49721d128f98a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.6 kB URL HTTP/2 yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 7f0d8c8d9cbb88ed7c0dc10ee1a2b0ae
830e3dfe396cc6bc3a448d0ed13e4f1d25fdef58
0f8e403418f768e45267ca0edb3223d1a3c5e1dec070040b6399c0a89773cbf4
GET /vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4552
x-xss-protection: 0
date: Thu, 23 Feb 2023 05:06:01 GMT
expires: Fri, 17 Feb 2023 13:18:18 GMT
cache-control: public, max-age=86400, no-transform
age: 7091
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
142.250.74.86200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:12 GMT
expires: Thu, 23 Feb 2023 09:04:12 GMT
cache-control: public, max-age=7200
etag: "1668598177"
content-type: image/webp
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 2d61effe0b23459d660bc5332c0c0ee8
50777618a1c0fbfa99cadef309940481e4396282
a4153775b2cb80f9f68c6851d40be922f63e0d10b9161486a067e3999ec5cc20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Last-Modified: Thu, 23 Feb 2023 05:32:02 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 187a730411301ee0fbde19b354bd4bb0
d93912d557a8453ea5463411522faafc24b8a7f5
af6bcc15a369874ee9dfc782b736d96e450cc1ac5e645d1e53c1062d55ac20bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEOsP92PJTnt44IiqIcAnHAASAAAKDkFRVURCUVlCQlFFQkJR&wp=Y_cP6wACYEMKmuLRAAI27eZ4q5thyPEYoFVJZA
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPjTDrOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEOsP92PJTnt44IiqIcAnHAASAAAKDkFRVURCUVlCQlFFQkJR&wp=Y_cP6wACYEMKmuLRAAI27eZ4q5thyPEYoFVJZA
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPjTDrOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEOsP92PJTnt44IiqIcAnHAASAAAKDkFRVURCUVlCQlFFQkJR&wp=Y_cP6wACYEMKmuLRAAI27eZ4q5thyPEYoFVJZA HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 298160
date: Thu, 23 Feb 2023 07:04:11 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 4fbcbe462dc853c991feb5d41e7cb9bb
8c8de461e9300d5170dd84a0b2478ae7bf3d5005
be6750f1ed38d6d4824b9df8eeda120d21cedcde7801a357ce91acc71b20bdfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.eu.criteo.com/delivery/r/afr.php?z=Y_cP6wACYEMKmuLRAAI27eZ4q5thyPEYoFVJZA&u=%7Cm6aTWkyvlxqB3ABn22qCaaP%2FHzQXywpERCnh7hlRJjQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtUbXsyHA5T2iFg1UHHBhc2VJaM33XPDfcR8Fl8H2ptFAdHQ-Qqypao_ixgTklz__wKm-VL3ZCuoCJ5yGNwTGsLb6B7iNAIfV8UmtOKKGA-zYfuQJCMaZK2njhRYk9jwdPHMNaQDFQWLIYVmDF3G-wKPYqZ2Z6bWpChyBwoXj762GHfXpy1H93Szhh5oHfvo6X-3q5bVrgX0-IRPB1qyFsgZ3ZbI2ezGtYGyMGIGTPsGtJ2S2DCbC6jTaSMsZ64sqc7cqr7YL3gKuTqS0oEyrNf9je7d0eI7aFIFp5eJiBbPRTS-nrE0YkQs8rvgJKlv5hh33hceCTYWNWJi5-JID-b13gQh-KzOV6k-tUxwyzzKeDgAhVGM6o4NzOvWA8Lrfbvb9-KI1AKzevkWuaXIxNKJFJ8zjdEyNR_tDeVEvEPMRZMitZuJAPvPdDFmFDKCVilSxqBBonIV86bloeP9sSCJr9fmd8PF8C09QQ_lzW-cPPNYzyWO_vHeyZarCnGbfRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOle_6w_3Y8PACdHF6wTt7Yj4B8me0rFczeGS93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCsdbYh03LsT6oAwGqBMACT9BZqnXCsZVMSE4hs-Fk7VQsAXJVnHCGWVhR_AFFknzQ9MinTpvA7IaQ-HxWwcFiq-B_DmwKhDRfdEnYgeHLroE97n5wXen4S_tyuQvknqmx-F4ZgjRLE1IHZQIMZTKQHTceLPQescFXOZe_DM25TLdJ-yWlp26DeDCe94IC5EvtMFWEgwxI40l_FdOp-AZkvMgAjAg9DmuwRpOuaHfgQUMvRCqfup40uACGm4EzwZrdVPRL0ks7okwoa0BrVJjOTHi2JRe3YjiyiISSGoujHbOKCEaAtmUldULJLLkl6r1onatYbNcMxxLvVKFV7hT20lkTHRb8mNhrhUMfEybJNXolRHLXIEENKyskOhoxP5uLa6XbEd87CnrwspnBayr3nYNpqk0kvIxJhgaK7ncjRYccckoAmMEnXmRWWWWt3D2ABv6718udj_-0a6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15Cy4TbhlMIhuGe9qdlTXUa92XGQ%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 99 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y_cP6wACYEMKmuLRAAI27eZ4q5thyPEYoFVJZA&u=%7Cm6aTWkyvlxqB3ABn22qCaaP%2FHzQXywpERCnh7hlRJjQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtUbXsyHA5T2iFg1UHHBhc2VJaM33XPDfcR8Fl8H2ptFAdHQ-Qqypao_ixgTklz__wKm-VL3ZCuoCJ5yGNwTGsLb6B7iNAIfV8UmtOKKGA-zYfuQJCMaZK2njhRYk9jwdPHMNaQDFQWLIYVmDF3G-wKPYqZ2Z6bWpChyBwoXj762GHfXpy1H93Szhh5oHfvo6X-3q5bVrgX0-IRPB1qyFsgZ3ZbI2ezGtYGyMGIGTPsGtJ2S2DCbC6jTaSMsZ64sqc7cqr7YL3gKuTqS0oEyrNf9je7d0eI7aFIFp5eJiBbPRTS-nrE0YkQs8rvgJKlv5hh33hceCTYWNWJi5-JID-b13gQh-KzOV6k-tUxwyzzKeDgAhVGM6o4NzOvWA8Lrfbvb9-KI1AKzevkWuaXIxNKJFJ8zjdEyNR_tDeVEvEPMRZMitZuJAPvPdDFmFDKCVilSxqBBonIV86bloeP9sSCJr9fmd8PF8C09QQ_lzW-cPPNYzyWO_vHeyZarCnGbfRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOle_6w_3Y8PACdHF6wTt7Yj4B8me0rFczeGS93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCsdbYh03LsT6oAwGqBMACT9BZqnXCsZVMSE4hs-Fk7VQsAXJVnHCGWVhR_AFFknzQ9MinTpvA7IaQ-HxWwcFiq-B_DmwKhDRfdEnYgeHLroE97n5wXen4S_tyuQvknqmx-F4ZgjRLE1IHZQIMZTKQHTceLPQescFXOZe_DM25TLdJ-yWlp26DeDCe94IC5EvtMFWEgwxI40l_FdOp-AZkvMgAjAg9DmuwRpOuaHfgQUMvRCqfup40uACGm4EzwZrdVPRL0ks7okwoa0BrVJjOTHi2JRe3YjiyiISSGoujHbOKCEaAtmUldULJLLkl6r1onatYbNcMxxLvVKFV7hT20lkTHRb8mNhrhUMfEybJNXolRHLXIEENKyskOhoxP5uLa6XbEd87CnrwspnBayr3nYNpqk0kvIxJhgaK7ncjRYccckoAmMEnXmRWWWWt3D2ABv6718udj_-0a6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15Cy4TbhlMIhuGe9qdlTXUa92XGQ%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30959), with CRLF, LF line terminators
Hash 7b3f4b9bafc54ecce95ac7eb1fa5faad
93e59f8e50cb3839e4acfe036c72dc9555ec4f8e
cacfba54200d2b50599c50cbd7b0491ffa5afe1cdb00de4bc6a070dfb4d3b860
GET /delivery/r/afr.php?z=Y_cP6wACYEMKmuLRAAI27eZ4q5thyPEYoFVJZA&u=%7Cm6aTWkyvlxqB3ABn22qCaaP%2FHzQXywpERCnh7hlRJjQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtUbXsyHA5T2iFg1UHHBhc2VJaM33XPDfcR8Fl8H2ptFAdHQ-Qqypao_ixgTklz__wKm-VL3ZCuoCJ5yGNwTGsLb6B7iNAIfV8UmtOKKGA-zYfuQJCMaZK2njhRYk9jwdPHMNaQDFQWLIYVmDF3G-wKPYqZ2Z6bWpChyBwoXj762GHfXpy1H93Szhh5oHfvo6X-3q5bVrgX0-IRPB1qyFsgZ3ZbI2ezGtYGyMGIGTPsGtJ2S2DCbC6jTaSMsZ64sqc7cqr7YL3gKuTqS0oEyrNf9je7d0eI7aFIFp5eJiBbPRTS-nrE0YkQs8rvgJKlv5hh33hceCTYWNWJi5-JID-b13gQh-KzOV6k-tUxwyzzKeDgAhVGM6o4NzOvWA8Lrfbvb9-KI1AKzevkWuaXIxNKJFJ8zjdEyNR_tDeVEvEPMRZMitZuJAPvPdDFmFDKCVilSxqBBonIV86bloeP9sSCJr9fmd8PF8C09QQ_lzW-cPPNYzyWO_vHeyZarCnGbfRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOle_6w_3Y8PACdHF6wTt7Yj4B8me0rFczeGS93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCsdbYh03LsT6oAwGqBMACT9BZqnXCsZVMSE4hs-Fk7VQsAXJVnHCGWVhR_AFFknzQ9MinTpvA7IaQ-HxWwcFiq-B_DmwKhDRfdEnYgeHLroE97n5wXen4S_tyuQvknqmx-F4ZgjRLE1IHZQIMZTKQHTceLPQescFXOZe_DM25TLdJ-yWlp26DeDCe94IC5EvtMFWEgwxI40l_FdOp-AZkvMgAjAg9DmuwRpOuaHfgQUMvRCqfup40uACGm4EzwZrdVPRL0ks7okwoa0BrVJjOTHi2JRe3YjiyiISSGoujHbOKCEaAtmUldULJLLkl6r1onatYbNcMxxLvVKFV7hT20lkTHRb8mNhrhUMfEybJNXolRHLXIEENKyskOhoxP5uLa6XbEd87CnrwspnBayr3nYNpqk0kvIxJhgaK7ncjRYccckoAmMEnXmRWWWWt3D2ABv6718udj_-0a6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_15Cy4TbhlMIhuGe9qdlTXUa92XGQ%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 07:04:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hEbucKSngaQ9SfRU60eNoqI2SOxDe4Bnsa9zaoH1_l0V6-Z1FX5KFVdNsaeJd23n6Ukc6c3yWEESo6BBNyKRB6T53F1JwgVGowGaCxRfmWf5YzPAdxm6PV_2B4gN-D5N5w87hOP4kV-PhjtovGymLR9exnoXA5cIWj74WilkFsQno7agnsgOiLRmpD4jzmYjEgkPhocsXQU8ykTOoXw-CrbtAEEscLES8woDJwnsXYTrkia67RRPON7TPHy7IzcMawQIaQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 114769375
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WClwGa88yAV8vZod7AUbk5WTObhjXLRyqbOHOQbtHNQ=s45-c
142.250.74.97200 OK 1.8 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WClwGa88yAV8vZod7AUbk5WTObhjXLRyqbOHOQbtHNQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 1e6b5fab49fecf6c8085ad92d8426490
b3c3a75876deb5c0408ae0a9436387948f709386
e905f49df30582de9ae49a0d4e079fff57b56431d07ca6dc02f34d8da173fff1
GET /a-/AD5-WClwGa88yAV8vZod7AUbk5WTObhjXLRyqbOHOQbtHNQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1847
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:12 GMT
expires: Wed, 22 Feb 2023 06:46:55 GMT
cache-control: public, max-age=86400, no-transform
etag: "v8a93"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCmDfeXt-ddgh0bZ_ZXdZmhg8rt2URcriCA8U6aNeQ=s45-c
142.250.74.97200 OK 677 B URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCmDfeXt-ddgh0bZ_ZXdZmhg8rt2URcriCA8U6aNeQ=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 80127b2ef0ff1a4d1172873896063ca1
89c3255969cda140c45f927fc5f2d0364df9b6e1
9435c16195af2f0b99e230108154228b63661029b39d6857f1aba97ca30e6a59
GET /a-/AD5-WCmDfeXt-ddgh0bZ_ZXdZmhg8rt2URcriCA8U6aNeQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 24 Feb 2023 07:04:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:12 GMT
server: fife
content-length: 677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCnlwz98HN-a13ibpRJvHOA3qSGjByT1t6pgKz-Rd9s=s45-c
142.250.74.97200 OK 2.0 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCnlwz98HN-a13ibpRJvHOA3qSGjByT1t6pgKz-Rd9s=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 3108c071fa3e9c86ed08a49ce88fd7bf
b3795aef5366a4d3bf8a4a14ee3629fbe498f2e6
f1e88372f88a0328d0190a635b5c4db47a121b36aa9d022b22a997b7a1dd6a2d
GET /a-/AD5-WCnlwz98HN-a13ibpRJvHOA3qSGjByT1t6pgKz-Rd9s=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5498"
expires: Fri, 24 Feb 2023 07:04:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:12 GMT
server: fife
content-length: 1999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a/default-user=s45-c
142.250.74.97200 OK 316 B URL HTTP/2 lh3.googleusercontent.com/a/default-user=s45-c
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 9fae1841320a0eaa434a022513f60859
245fac7a1ba86adda5bf5571babef7d5280672a4
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
GET /a/default-user=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 316
x-xss-protection: 0
date: Thu, 23 Feb 2023 06:03:45 GMT
expires: Sun, 19 Feb 2023 02:02:23 GMT
cache-control: public, max-age=86400, no-transform
age: 3627
etag: "v0"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.24.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 07:04:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 728881
expires: Tue, 13 Feb 2024 07:04:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg27wpGsCVmGwOGggAshmqLH4NsxJdjr9LwU8f7HmE0AUTOMkWRQccvVTyIoE3rPfuKvrKrR%2FaMKonjp7mBlLKUqPOo94LkBC%2FxSBtH2HGms653pOAdJsOz%2BY4cWX9P7wM1fvuTm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79de1b2929ba0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCk0J1xUkNHLp5xzZPEFgQNAIxx2Ty5T2lUeigZI7Q=s45-c
142.250.74.97200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCk0J1xUkNHLp5xzZPEFgQNAIxx2Ty5T2lUeigZI7Q=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 255bc65830be9b0f014d8665fe002c63
e704ab559deabc6c0dde88d11f6c165e028f55af
13c92ac2fc5ff3e5ae410912bd51d0f9af766ba12e94996c329cba46c49bf478
GET /a-/AD5-WCk0J1xUkNHLp5xzZPEFgQNAIxx2Ty5T2lUeigZI7Q=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2207
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:13 GMT
expires: Sat, 18 Feb 2023 16:39:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v98d"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCkodADx01_ct88N325MlGUihbvPLhFAZ6QS9uKcbA=s45-c
142.250.74.97200 OK 1.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCkodADx01_ct88N325MlGUihbvPLhFAZ6QS9uKcbA=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash c89b6a02fefe078b17ef68f900e17b8d
fed27e4f16407af31200a76bd4836c6666e04259
1fb1e12bb1e2e64b4361c597f794a93fbd1814b7c05ca11f8666cec9e1d497d3
GET /a-/AD5-WCkodADx01_ct88N325MlGUihbvPLhFAZ6QS9uKcbA=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v505"
expires: Fri, 24 Feb 2023 07:04:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:13 GMT
server: fife
content-length: 1102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCnXh8EjzO5FavdcQqTtrK5X66xVHmhCH364dRCNi-0=s45-c
142.250.74.97200 OK 1.7 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCnXh8EjzO5FavdcQqTtrK5X66xVHmhCH364dRCNi-0=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 68f2b42cf62c80dc654383e89a981491
7eafe85ada6599c0b809db55c0220bb32af93987
a65453e4cc72ad196c58c100934c4bea9f869a60dfbc40afc8c22efe442e0b68
GET /a-/AD5-WCnXh8EjzO5FavdcQqTtrK5X66xVHmhCH364dRCNi-0=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1686
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:13 GMT
expires: Sat, 18 Feb 2023 16:39:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v4d4a"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCmYboAbKKoEVttxyY7pxBeuKeJJF1bEURHwQ1lqpQ=s45-c
142.250.74.97200 OK 2.3 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCmYboAbKKoEVttxyY7pxBeuKeJJF1bEURHwQ1lqpQ=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 262dff0ca97c173a52768a19c2ad5030
43444ff95c91639c44cab3283d762419a241d3c7
7571fbcaa8e58f59e51a78a7a1158793b9f12189e4d7aa70bb294c70a49e0b82
GET /a-/AD5-WCmYboAbKKoEVttxyY7pxBeuKeJJF1bEURHwQ1lqpQ=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v628"
expires: Fri, 24 Feb 2023 07:04:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:13 GMT
server: fife
content-length: 2317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
142.250.74.97200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 67e8fed9092e88476cbeefc66a6cb069
ba8b0844a20242784ffb79ea9a7c367f8986e2e3
a376ed35f3eb2e1fc3e699a5d0748c47ed27a53dcf1565d7e4238a38137795b7
GET /p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v17f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:13 GMT
server: fife
content-length: 3831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
142.250.74.97200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
IP 142.250.74.97:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 381e323dcc3c52d299f378cca24308c4
b3c153fe7a7f36ffea3888717dfddbb49d1d6db7
71f66f8405cfb78d7cee560d8f609e451ce1cb453b5b8a337e0045c559a5867f
GET /p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6dad"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:13 GMT
server: fife
content-length: 4723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCnMyescmC0WjsiRXKgi_Q4cStLDm9nxQsJuvEVW=s45-c
142.250.74.97200 OK 1.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCnMyescmC0WjsiRXKgi_Q4cStLDm9nxQsJuvEVW=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 9d887be29285c9148976b3fb54d6eb65
cbf3dbc2b1d205522b208d674f7a6eb5953b3c62
ca1aa97bae8ed6308ef597331b17b91bfbbc1ae46c493affb667faca8a91990d
GET /a-/AD5-WCnMyescmC0WjsiRXKgi_Q4cStLDm9nxQsJuvEVW=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1163
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:13 GMT
expires: Sat, 18 Feb 2023 16:39:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v3c"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WClNleAFB4DS64WyejwWhgACJywcYdivVla1h20i3g=s45-c
142.250.74.97200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WClNleAFB4DS64WyejwWhgACJywcYdivVla1h20i3g=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 1dc885d2ff391d90b9cd1cad603f0931
7a39b6d47145e02bfdc8da02ff05ed227fa887b4
22789140441e1bbdc44d060bb0998f42f596b4e20797e7bcadbce63ab28083ce
GET /a-/AD5-WClNleAFB4DS64WyejwWhgACJywcYdivVla1h20i3g=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1497
x-xss-protection: 0
date: Thu, 23 Feb 2023 07:04:13 GMT
expires: Sat, 18 Feb 2023 16:39:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v534"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 70e8133b0cd1b31d0cd0c102b72cfc5e
1d7b863da9b35ef8ad116d7f9d7da1c120483b74
ae21fe35c302756cb5960c005b01c3ef14b3842b355e27f76b38cb5f09b13223
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6343
Cache-Control: max-age=133603
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:13 GMT
Etag: "63f65e09-139"
Expires: Fri, 24 Feb 2023 20:10:56 GMT
Last-Modified: Wed, 22 Feb 2023 18:25:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
static.criteo.net/design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff
178.250.0.130200 OK 17 kB URL HTTP/2 static.criteo.net/design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff
IP 178.250.0.130:0
File type Web Open Font Format, CFF, length 17120, version 1.0\012- data
Hash f683179206a26fcb9ef35c6d14f6f7c7
c6da815fa6502dd63eb2606efd112fdd1eb9e79e
a26a23639f1408dca8879503cd479d3f823b085b727437c9d66c33ca3f75c08f
GET /design/dt/c05716d7ca7548d789c4d0b3d5042816_gotham-black-italic.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 17120
last-modified: Mon, 06 Jul 2020 12:19:39 GMT
etag: "5f0316db-42e0"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff
178.250.0.130200 OK 20 kB URL HTTP/2 static.criteo.net/design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff
IP 178.250.0.130:0
File type Web Open Font Format, CFF, length 19492, version 1.0\012- data
Hash fe16408343054418c53b45c76a1892f2
b2f898a889e2164ba7bb7d6676b5a294eb97817b
3b42d14795d22866ea7e9bd3b4259fa75e510bcbbf7ab1861acb9ce2290128f2
GET /design/dt/4ef456fb9fb14ec5a2da96fe450c24b3_homepagebaukasten-bold.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 19492
last-modified: Mon, 06 Jul 2020 12:29:00 GMT
etag: "5f03190c-4c24"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/AD5-WCkds2lu_syKlRcoGvXMubXPxwT-YtQSfMLCCNc=s45-c
142.250.74.97200 OK 1.5 kB URL HTTP/2 lh3.googleusercontent.com/a-/AD5-WCkds2lu_syKlRcoGvXMubXPxwT-YtQSfMLCCNc=s45-c
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 0a088c12f36ba6120b049dd07078bb3a
6f87b59aa4c66b74ea8afe0ed5ddf0eb1fb87755
fe15ef88c313cbc0d84ffb6569abd2f9c161771669f31f81253cf2e1b655484b
GET /a-/AD5-WCkds2lu_syKlRcoGvXMubXPxwT-YtQSfMLCCNc=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vc"
expires: Fri, 24 Feb 2023 07:04:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 07:04:13 GMT
server: fife
content-length: 1503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff
178.250.0.130200 OK 26 kB URL HTTP/2 static.criteo.net/design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff
IP 178.250.0.130:0
File type Web Open Font Format, TrueType, length 26324, version 1.0\012- data
Hash 9acd111085f701eaf4fea7135f15ffa7
176a9dd986032b3647d1a40458db1db7d965f8bc
5a4a3459c15a5266e888bb12bbe9041b0f72aed89306411a5d5e69e7a1aa9f4d
GET /design/dt/0c622d256dee425682575f30240ec196_gotham-black-regular.woff HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: text/plain; charset=UTF-8
content-length: 26324
last-modified: Mon, 06 Jul 2020 12:19:39 GMT
etag: "5f0316db-66d4"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.0.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 6.0 kB URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
Hash 4ddd228566629c8cfe3062f3976b2626
378332ac08275a5cdb774c86622045cae92dc850
e9ec0fb608b136d36852937a764adf50972151c8abafba54cba4d681ab07ad5a
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 1.4 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
Hash 0f16b914455df8dc545a47dc9a0e9758
4a6a042a20f5033b3c622ebf5e0aa470fad0caa2
427edcf1e8af9af20e0b73196c7f1e0afb9777832eff83b9467120e052affa85
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 1.2 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
Hash 1c7e965efb7aa57f0d375160bf4c1142
dedea27edcd622ef0da555b78d83afb08f61b8a1
8ccb3bb8fe1781c1ba6acef647e55187873ea7604bbb4ad90a9b269c88273e22
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash dac4e80a0f7d82957ff2c136ed78488b
f5f69e5fe3cda82f756ce3ac495b84d872c1c5c5
e7d50983d168a3f661cddb8ae7bd9e46d3863769857232ee1367a4195ac21fe3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2339
Cache-Control: max-age=101138
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:13 GMT
Etag: "63f5eedc-139"
Expires: Fri, 24 Feb 2023 11:09:51 GMT
Last-Modified: Wed, 22 Feb 2023 10:30:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.0.130200 OK 1.3 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.0.130:0
Hash 68ff7bfb6b1f0c6f4ccc6ed500f896cd
ac1c51da44497826f4d4a31d937ee65fafc6b690
dda68682041b5f1484cd7e009af8a5e95bf05846ddf7fb38db531cd524d55359
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 23 Feb 2023 07:04:13 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2F6%2Fa%2F1%2Fd6a1cd0ae8f66971c14753f24e7d5439714d3edb_3_PIA_175702_0_10ab.png%3Fcb%3D202308&v=3&w=800&s=lFSIjZ2mvBe6feEqEDgw8BED&b=400
178.250.0.139200 OK 23 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2F6%2Fa%2F1%2Fd6a1cd0ae8f66971c14753f24e7d5439714d3edb_3_PIA_175702_0_10ab.png%3Fcb%3D202308&v=3&w=800&s=lFSIjZ2mvBe6feEqEDgw8BED&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash dd0a1c840e987576c4524c173f5ba558
661ab4b71e1ccdd618b4273038c2952415caa5c9
ed06f20190828ef63326ca239cfd61cf4049a1c7162640d1059427a5c97f11e2
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fd%2F6%2Fa%2F1%2Fd6a1cd0ae8f66971c14753f24e7d5439714d3edb_3_PIA_175702_0_10ab.png%3Fcb%3D202308&v=3&w=800&s=lFSIjZ2mvBe6feEqEDgw8BED&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31278800
expires: Tue, 20 Feb 2024 07:37:33 GMT
date: Thu, 23 Feb 2023 07:04:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 23428
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202308&v=3&w=800&s=EBEyHPTkVe1K4aaVCQPLufqW&b=400
178.250.0.139200 OK 22 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202308&v=3&w=800&s=EBEyHPTkVe1K4aaVCQPLufqW&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f9fd1b24ffea6d7405a113fbbf5f89dc
9fcf28da340faef7f0c4b8f4e9d1b15d1289beca
7f0d2067a86a0eb8cf24d526f4b703f3289a421a56e260ba08b9bbec0c06ae10
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F2%2F6%2F4%2F42642ea66879e0d4c870132d155dcf6b6c8af83b_3_PIA_175715_0_30ab.png%3Fcb%3D202308&v=3&w=800&s=EBEyHPTkVe1K4aaVCQPLufqW&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31278814
expires: Tue, 20 Feb 2024 07:37:48 GMT
date: Thu, 23 Feb 2023 07:04:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 22500
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fc%2Fa%2F9%2Fa%2Fca9aa4d3e6fe9d12679c339709c5bb441c92fafc_3_PIA_111193_0_20.PNG%3Fcb%3D202308&v=3&w=800&s=B465dyexki5M7b9qRVeUpl1J&b=400
178.250.0.139200 OK 27 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fc%2Fa%2F9%2Fa%2Fca9aa4d3e6fe9d12679c339709c5bb441c92fafc_3_PIA_111193_0_20.PNG%3Fcb%3D202308&v=3&w=800&s=B465dyexki5M7b9qRVeUpl1J&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a8f8e0926b4cf4cd91d697caa45718e4
2d2742638965604150261f5c1cf0b1c793bf6de3
27013d092e5a435411704dd3a6ec3ef5f71daefd6bad9344bd274399798f3c99
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2Fc%2Fa%2F9%2Fa%2Fca9aa4d3e6fe9d12679c339709c5bb441c92fafc_3_PIA_111193_0_20.PNG%3Fcb%3D202308&v=3&w=800&s=B465dyexki5M7b9qRVeUpl1J&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31278795
expires: Tue, 20 Feb 2024 07:37:29 GMT
date: Thu, 23 Feb 2023 07:04:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 27400
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fa%2F3%2Fb%2F2a3b371ca7af422cbc2813de2981dbab_2_PIA-310397_0_10.png%3Fcb%3D202308&v=3&w=800&s=1PR--J5KEVTWfFBVuwGYmhpq&b=400
178.250.0.139200 OK 30 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fa%2F3%2Fb%2F2a3b371ca7af422cbc2813de2981dbab_2_PIA-310397_0_10.png%3Fcb%3D202308&v=3&w=800&s=1PR--J5KEVTWfFBVuwGYmhpq&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 797161d9f261b4e1b5b7d3d1067ab46c
3023c0d5f15068b0bc43f1ce30765a3f0a35ae26
9d6bc5cc13dc874ce8d5da7d71abd1829cbfde26613bf42040a718f897e70225
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F2%2Fa%2F3%2Fb%2F2a3b371ca7af422cbc2813de2981dbab_2_PIA-310397_0_10.png%3Fcb%3D202308&v=3&w=800&s=1PR--J5KEVTWfFBVuwGYmhpq&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31279014
expires: Tue, 20 Feb 2024 07:41:08 GMT
date: Thu, 23 Feb 2023 07:04:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 30052
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F4%2Fb%2F6%2F34b6e3c2929744f6a6e96a8fb3ca4884_2_PIA-293425_0_10.png%3Fcb%3D202308&v=3&w=800&s=yPH0cWHbE7H72SraLYlwhtXq&b=400
178.250.0.139200 OK 16 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F4%2Fb%2F6%2F34b6e3c2929744f6a6e96a8fb3ca4884_2_PIA-293425_0_10.png%3Fcb%3D202308&v=3&w=800&s=yPH0cWHbE7H72SraLYlwhtXq&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b9e8e01b4a9c2e11bfc94db6eec79d0e
fd9420d139455bdccc4f1c95067f2de6a85ec497
0d2dc5daeb9c23ec4d9a56f7f44b8c48b3a635c13b948a5afa6308108cd93415
GET /img/img?c=3&cq=256&h=800&m=0&partner=23519&q=80&r=0&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F3%2F4%2Fb%2F6%2F34b6e3c2929744f6a6e96a8fb3ca4884_2_PIA-293425_0_10.png%3Fcb%3D202308&v=3&w=800&s=yPH0cWHbE7H72SraLYlwhtXq&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31278796
expires: Tue, 20 Feb 2024 07:37:30 GMT
date: Thu, 23 Feb 2023 07:04:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15820
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=360&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=196&s=AjYlydsNhHpzh442zpTrREfg
178.250.0.139200 OK 4.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=360&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=196&s=AjYlydsNhHpzh442zpTrREfg
IP 178.250.0.139:0
File type PNG image data, 196 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 2fe02fc60e160832830d2521f92b1fcc
170b5b34513a5d59f649b991a39f11987b7e4498
24115ae116c0a1e4754f4ae80ce1f552396e0985aae03300082e1d91e96c0365
GET /img/img?h=360&m=0&partner=23519&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F23519%2F221201%2F78224789e70d41118d050b40be08cca7_sledstore-logo.png&v=3&w=196&s=AjYlydsNhHpzh442zpTrREfg HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=29181444
expires: Sat, 27 Jan 2024 01:01:37 GMT
date: Thu, 23 Feb 2023 07:04:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4672
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 125 kB URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
Size 125 kB (125443 bytes)
Hash 6e31b83992d930c852e257b85eaf6772
f72ff867deabc48157ca97fa068f1a3b32a788d9
f6ef282357f6cf75b2d208f511224827ec6a1be427f7c535f7e69a10186eb7f8
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Sun, 18 Feb 2024 07:04:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=hEbucKSngaQ9SfRU60eNoqI2SOxDe4Bnsa9zaoH1_l0V6-Z1FX5KFVdNsaeJd23n6Ukc6c3yWEESo6BBNyKRB6T53F1JwgVGowGaCxRfmWf5YzPAdxm6PV_2B4gN-D5N5w87hOP4kV-PhjtovGymLR9exnoXA5cIWj74WilkFsQno7agnsgOiLRmpD4jzmYjEgkPhocsXQU8ykTOoXw-CrbtAEEscLES8woDJwnsXYTrkia67RRPON7TPHy7IzcMawQIaQ&sds=2&rev=84699&sendBeacon=true
178.250.1.25200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=hEbucKSngaQ9SfRU60eNoqI2SOxDe4Bnsa9zaoH1_l0V6-Z1FX5KFVdNsaeJd23n6Ukc6c3yWEESo6BBNyKRB6T53F1JwgVGowGaCxRfmWf5YzPAdxm6PV_2B4gN-D5N5w87hOP4kV-PhjtovGymLR9exnoXA5cIWj74WilkFsQno7agnsgOiLRmpD4jzmYjEgkPhocsXQU8ykTOoXw-CrbtAEEscLES8woDJwnsXYTrkia67RRPON7TPHy7IzcMawQIaQ&sds=2&rev=84699&sendBeacon=true
IP 178.250.1.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=hEbucKSngaQ9SfRU60eNoqI2SOxDe4Bnsa9zaoH1_l0V6-Z1FX5KFVdNsaeJd23n6Ukc6c3yWEESo6BBNyKRB6T53F1JwgVGowGaCxRfmWf5YzPAdxm6PV_2B4gN-D5N5w87hOP4kV-PhjtovGymLR9exnoXA5cIWj74WilkFsQno7agnsgOiLRmpD4jzmYjEgkPhocsXQU8ykTOoXw-CrbtAEEscLES8woDJwnsXYTrkia67RRPON7TPHy7IzcMawQIaQ&sds=2&rev=84699&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 07:04:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 23 Feb 2023 07:04:14 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a6e5085d514fd4f51e26f06c0cf2a48d
2f4d58f298568d1e2ffa2680443c4362cb894af7
7c9f5f52d937a32b0c8e5d3e025aee2e11c95cd0b123312d4754d563936640c1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1106
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 23 Feb 2023 07:04:14 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d96711a885ffe502d29d01252aecffd3
fef3506b0e593ca716adebe50ec1fa1635c8c87c
8a79c1a7921b452ca033f26c88b9d06fe3b6b6b0211c11829f6145c56eeca487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=121140697.1677135859&jid=1980319075&gjid=575821600&_gid=58795099.1677135859&_u=aGDAAUADQAAAACAAI~&z=445007940
173.194.222.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=121140697.1677135859&jid=1980319075&gjid=575821600&_gid=58795099.1677135859&_u=aGDAAUADQAAAACAAI~&z=445007940
IP 173.194.222.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=121140697.1677135859&jid=1980319075&gjid=575821600&_gid=58795099.1677135859&_u=aGDAAUADQAAAACAAI~&z=445007940 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Cookie: IDE=AHWqTUkdMBOu5Wdv_ccHgpx6W-JpzmrVIj34jR-RZguR0fNaRBB49CUqG3p5ryKuwSk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Feb 2023 07:04:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f00d82305e7457aae50b3ba04a844360
87fbf7ea49140d6b3f999f89efd6943f8859b9a1
bd779d3c39a774fdd54d9f52e587bdda0aeff9d004df8db206739cba83080bc2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 585
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:14 GMT
Last-Modified: Thu, 23 Feb 2023 06:54:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash a7c30e1225f4a97a86ee8e9ffda8afe3
62e126daa5a7486b8e712abe0e151f5f5871c91b
8425673ca94e667f44ca6b3ad0b904e725d5c85e4f8a5a27edd769927e7e8eb2
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6f0ad5246c3d5c6c65e7b7a0a2076332
etag: "fff9432d37dc6d5cdc97e314533ed7ac"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 23 Feb 2023 07:09:36 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: p8MOEiX0qXqG7o6f/aiv4w==
x-fb-debug: 9Wvr0GJR1CZcE+lS55/kCGUSwss0/cTqZILjrNUE1Xhfz82NnES7j9ucU99JMxrXwKUWYKupt7r/hfV7LvAb2Q==
priority: u=1,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Thu, 23 Feb 2023 07:04:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d96711a885ffe502d29d01252aecffd3
fef3506b0e593ca716adebe50ec1fa1635c8c87c
8a79c1a7921b452ca033f26c88b9d06fe3b6b6b0211c11829f6145c56eeca487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f00d82305e7457aae50b3ba04a844360
87fbf7ea49140d6b3f999f89efd6943f8859b9a1
bd779d3c39a774fdd54d9f52e587bdda0aeff9d004df8db206739cba83080bc2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 585
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 07:04:14 GMT
Last-Modified: Thu, 23 Feb 2023 06:54:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
m.addthis.com/live/red_lojson/300lo.json?si=63f70ff322276b47&bkl=0&bl=1&pdt=2369&sid=63f70ff322276b47&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1677135862021&jsl=1&uvs=63f70ff30fe8d156000&skipb=1&callback=addthis.cbs.jsonp__58133041995045850
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63f70ff322276b47&bkl=0&bl=1&pdt=2369&sid=63f70ff322276b47&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1677135862021&jsl=1&uvs=63f70ff30fe8d156000&skipb=1&callback=addthis.cbs.jsonp__58133041995045850
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c57f6d03261e1d4659e2a3bfbdba0c59
605755dd03543ba5e9863e4d34f3420ac4f8803f
68dd13fa696ba20aa5f37f3a77b4996711a952ddd96e38f1da4132191aebfbab
GET /live/red_lojson/300lo.json?si=63f70ff322276b47&bkl=0&bl=1&pdt=2369&sid=63f70ff322276b47&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1677135862021&jsl=1&uvs=63f70ff30fe8d156000&skipb=1&callback=addthis.cbs.jsonp__58133041995045850 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 23 Feb 2023 07:04:14 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
23.38.200.123200 OK 1.3 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (3821), with no line terminators
Hash 4adc016f0378d43b1e4d8a48395311fb
de42f6825c8d2ef4989b84479d9731baa195bbaa
70f1c455a93fbc3c54102023dd47c6bcc3ff290302ac6e517cd87b74e4efc205
GET /live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 1250
etag: 727245640--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=36, s-maxage=86400
date: Thu, 23 Feb 2023 07:04:14 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=121140697.1677135859&jid=1980319075&_u=aGDAAUADQAAAACAAI~&z=1746895554
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=121140697.1677135859&jid=1980319075&_u=aGDAAUADQAAAACAAI~&z=1746895554
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=121140697.1677135859&jid=1980319075&_u=aGDAAUADQAAAACAAI~&z=1746895554 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 07:04:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.boomads.com/images/offer/bitget-koruma-f-20221611055851763.png
83.66.162.75200 OK 59 kB URL HTTP/1.1 media.boomads.com/images/offer/bitget-koruma-f-20221611055851763.png
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type PNG image data, 605 x 318, 8-bit/color RGBA, non-interlaced\012- data
Hash 28911308dbbf78cbf79d17edb4b7301d
8dd0119fd3cfb87953fcc9fcdaf0a1167040db7c
cb50e628b3a660107ea8be316ca36951b72170f094899547808907b4ac60994e
GET /images/offer/bitget-koruma-f-20221611055851763.png HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 22 Feb 2023 22:11:59 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "e47b38080f9d81:0"
Content-Type: image/png
Last-Modified: Wed, 16 Nov 2022 05:58:51 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 59303
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
23.38.200.123200 OK 28 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash 6f438e76ae391709e033a3e3809e0b9f
a5cd39eb8d85bee5846355f680d04a270a6f9f4f
a32c496c2c536b8c5aef8b3b7b8a977f41bbab712b93f933f4c6780c696f1b2a
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28519
date: Thu, 23 Feb 2023 07:04:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Thu, 23 Feb 2023 07:04:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/images/cvlbx/beachSummer.jpg
23.38.200.123200 OK 88 kB URL HTTP/2 s7.addthis.com/static/images/cvlbx/beachSummer.jpg
IP 23.38.200.123:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x800, components 3\012- data
Hash 2c026aa51bcd25d6b33218d4aa5f6d83
dc4d354fbae246e6f8e4f3d959720d2f006adb33
2e8cb0f4f4f8506bfeb3a39189a6b975e80018e5aa8cd49ed48cb9c4219a8958
GET /static/images/cvlbx/beachSummer.jpg HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/jpeg
content-length: 88467
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-15993"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 23 Feb 2023 07:04:16 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
23.38.200.123200 OK 127 B URL HTTP/2 s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c16f2b8f73dfadd8068f3f840cdf7bc5
48f837510b3e187dde91ce56bdd8453830ce64b2
aa41e2ad8da9c442cc1c812d157425bdb3e7e9ff2aec76ee3ac41bbfec720a0e
GET /static/208.92c9dfa16a7b958c8a95.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-70"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 127
date: Thu, 23 Feb 2023 07:04:16 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
23.38.200.123200 OK 394 B URL HTTP/2 s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (564), with no line terminators
Hash 09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Thu, 23 Feb 2023 07:04:16 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/195.461912c47007775093ae.js
23.38.200.123200 OK 298 B URL HTTP/2 s7.addthis.com/static/195.461912c47007775093ae.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (384), with no line terminators
Hash b3a09bfb320e3798865e9543432f891f
1b852bdc37086072c734acec0af4d1971e6ec320
62048a133b36399f6990ddbf705fc3a2cd9a8a9d010e1fb89ed8bdd25d56fca3
GET /static/195.461912c47007775093ae.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-180"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 298
date: Thu, 23 Feb 2023 07:04:16 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63f70ff30fe8d156&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
23.38.200.123204 No Content 0 B URL HTTP/2 m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63f70ff30fe8d156&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
IP 23.38.200.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=63f70ff30fe8d156&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
expires: Thu, 23 Feb 2023 07:04:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 23 Feb 2023 07:04:16 GMT
X-Firefox-Spdy: h2
s7.addthis.com/static/151.67aec2e0546e639563bb.js
23.38.200.123200 OK 815 B URL HTTP/2 s7.addthis.com/static/151.67aec2e0546e639563bb.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (1679), with no line terminators
Hash 8c45a93a76f9e93cb7fe7a8dce9e1dbf
6604f1a4e77d07d55298cecc9c93e0e22e73a616
aa24ec471544fe8d4f18d29ba153a281c809ace19fcd29cdbaac9ed4c2254d92
GET /static/151.67aec2e0546e639563bb.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-68f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 815
date: Thu, 23 Feb 2023 07:04:16 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://dusunmekvepaylasmak.blogspot.com/search/label/Dsg%20%C5%9Fanz%C4%B1man%20kullanan%20ara%C3%A7lar
last-modified: Thu, 23 Feb 2023 07:00:00 GMT
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 23 Feb 2023 07:04:16 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&callback=_ate.cbs.rcb_goao0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&callback=_ate.cbs.rcb_goao0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash f6b2b36a086d32c333b0070dd178b4fa
add2c831811b3eb5a2dfdcbe7d2cff43e1ae6c57
09b0d694581bec0fa885161522ad1c098ba80386bdf5344c3372a5e30858e74c
GET /url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&callback=_ate.cbs.rcb_goao0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/dsg%20%c5%9fanz%c4%b1man%20kullanan%20ara%c3%a7lar
last-modified: Thu, 23 Feb 2023 07:04:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Thu, 23 Feb 2023 07:04:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&callback=_ate.cbs.rcb_3t0t0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&callback=_ate.cbs.rcb_3t0t0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 3a8720883f027ec6fb0c9b677ab9424d
ee2195c2a7e20af736d770c8d98655fe0e5e10a4
99ec2ca068ae78f6a0da7d36a2984fca1b7ad34a328427711bb7fc3709297a71
GET /url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2FDsg%2520%25C5%259Fanz%25C4%25B1man%2520kullanan%2520ara%25C3%25A7lar&callback=_ate.cbs.rcb_3t0t0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/dsg%20%c5%9fanz%c4%b1man%20kullanan%20ara%c3%a7lar
last-modified: Thu, 23 Feb 2023 07:04:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Thu, 23 Feb 2023 07:04:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
q.addthis.com/feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0
23.38.200.123200 OK 67 B URL HTTP/2 q.addthis.com/feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c6791512135509ec6dd306203d09476c
e6ea311e67849b7d8d5e5d6692e11cb988d6ad7a
e051890e4ff2c7b299923692470a2e02268124b6d9b5128ec9cc4868773437fa
GET /feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0 HTTP/1.1
Host: q.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript;charset=UTF-8
surrogate-key: ra-58e226eb29c11f6c
cache-tag: ra-58e226eb29c11f6c
cache-control: max-age=0, s-maxage=3600
last-modified: Thu, 23 Feb 2023 06:34:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 67
date: Thu, 23 Feb 2023 07:04:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZvcE3653B9rnuK1wYYK64mDFXJ5dfSei2hnV68B6RqgVP4LolXWBD-GO12MU8_TQCMM9LBx2pHrgNKTDnEdNMLYmzCyZqUDJe4_BeV4a9KoveudZzNw9LG84pdcF2FhhSdNOTb8ya-9sIhp-U2YYCxNptiMCyzgUBsKxP-zVxBRZspDpumS3Ze8W10XMjAhb4WaaSOeekHvagbv9i7_cNVKmWQ1mBanMz1FWTBCr5JU8PCn05aecBh16akwsBUK1MG8aPf88lqgBfMlq6w0ZnHLN2dA-UH80XNIpg9hczhFKQT53HgsB2gCsDkP7w8VVwukJJY4owxx_ZHZHjXAzysibL2PjKgOjnDcOpv87QsQir8dwtH_si9HlIyGwFqCC75pnUSuCkMI135JXMk0yvllMwyuS-nK5u6SGg8yOxHMLGb89mnu7RXOufsDVJhBVMA0p7w
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ZvcE3653B9rnuK1wYYK64mDFXJ5dfSei2hnV68B6RqgVP4LolXWBD-GO12MU8_TQCMM9LBx2pHrgNKTDnEdNMLYmzCyZqUDJe4_BeV4a9KoveudZzNw9LG84pdcF2FhhSdNOTb8ya-9sIhp-U2YYCxNptiMCyzgUBsKxP-zVxBRZspDpumS3Ze8W10XMjAhb4WaaSOeekHvagbv9i7_cNVKmWQ1mBanMz1FWTBCr5JU8PCn05aecBh16akwsBUK1MG8aPf88lqgBfMlq6w0ZnHLN2dA-UH80XNIpg9hczhFKQT53HgsB2gCsDkP7w8VVwukJJY4owxx_ZHZHjXAzysibL2PjKgOjnDcOpv87QsQir8dwtH_si9HlIyGwFqCC75pnUSuCkMI135JXMk0yvllMwyuS-nK5u6SGg8yOxHMLGb89mnu7RXOufsDVJhBVMA0p7w
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=ZvcE3653B9rnuK1wYYK64mDFXJ5dfSei2hnV68B6RqgVP4LolXWBD-GO12MU8_TQCMM9LBx2pHrgNKTDnEdNMLYmzCyZqUDJe4_BeV4a9KoveudZzNw9LG84pdcF2FhhSdNOTb8ya-9sIhp-U2YYCxNptiMCyzgUBsKxP-zVxBRZspDpumS3Ze8W10XMjAhb4WaaSOeekHvagbv9i7_cNVKmWQ1mBanMz1FWTBCr5JU8PCn05aecBh16akwsBUK1MG8aPf88lqgBfMlq6w0ZnHLN2dA-UH80XNIpg9hczhFKQT53HgsB2gCsDkP7w8VVwukJJY4owxx_ZHZHjXAzysibL2PjKgOjnDcOpv87QsQir8dwtH_si9HlIyGwFqCC75pnUSuCkMI135JXMk0yvllMwyuS-nK5u6SGg8yOxHMLGb89mnu7RXOufsDVJhBVMA0p7w HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 07:04:13 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 3185838
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rollercoin.com/static/img/public_img/gen2/w160h600.gif
172.67.72.239301 Moved Permanently 0 B URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 172.67.72.239:0
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 23 Feb 2023 07:04:10 GMT
content-type: text/html
location: https://static.rollercoin.com/static/img/ref/gen2/w160h600.gif
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8LH3WbsEU2WF0%2BGzgQgJ99AkhS7eXygPa0%2BmoZoUNBsTG%2FHVe%2FxFf7KU0Nz%2BLfm7uyzZMaQJZo%2BpzDZ97Fm8Nbi67p2UUHIucIFKdjVvzMwiwPqYbF0Tz%2BaEf43r%2Bll"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79de1b181bd5b4eb-OSL
X-Firefox-Spdy: h2