r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Fri, 23 Dec 2022 22:38:50 GMT
Date: Fri, 23 Dec 2022 19:56:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8247
Expires: Fri, 23 Dec 2022 22:13:44 GMT
Date: Fri, 23 Dec 2022 19:56:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11279
Expires: Fri, 23 Dec 2022 23:04:16 GMT
Date: Fri, 23 Dec 2022 19:56:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 19:46:11 GMT
content-type: application/json
age: 606
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8+b937U90yLfMpYjMnMLxRr5mH3JbLOl/pZtJw2VTvpbubN4LGJ87M88y2W2B2d3J0EoDjochgc=
x-amz-request-id: M9XK039Q95Y73JH7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 18:56:18 GMT
age: 3599
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 19:56:17 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 19:08:02 GMT
age: 2895
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.rafist.com/egitim/fabl-nedir-ozellikleri.html
185.179.25.119200 OK 15 kB URL HTTP/1.1 www.rafist.com/egitim/fabl-nedir-ozellikleri.html
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4843), with CRLF, LF line terminators
Hash 8f2a02f8c8d484bf8d7a52f1409e3345
693d8640a81a7fbbb436e6c7a0004bc3e9fa43d5
4992dcbe556c4e78578593ad4463af9225db94cfb699f664552c93b11d3e189e
GET /egitim/fabl-nedir-ozellikleri.html HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
set-cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9; path=/
x-pingback: http://www.rafist.com/xmlrpc.php
link: <http://www.rafist.com/wp-json/>; rel="https://api.w.org/", <http://www.rafist.com/wp-json/wp/v2/posts/27070>; rel="alternate"; type="application/json", <http://www.rafist.com/?p=27070>; rel=shortlink
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Fri, 23 Dec 2022 19:56:17 GMT
server: LiteSpeed
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 895
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Fri, 23 Dec 2022 19:56:18 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
code.jquery.com/jquery-1.10.2.min.js
69.16.175.42200 OK 33 kB URL HTTP/1.1 code.jquery.com/jquery-1.10.2.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32072)
Hash 68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 19:56:18 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 32788
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-16bb3"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1671825378.dop018.sk1.t,1671825378.cds243.sk1.c
www.google.com/friendconnect/script/friendconnect.js
142.250.74.132404 Not Found 1.6 kB URL HTTP/1.1 www.google.com/friendconnect/script/friendconnect.js
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8dc494040a252b9a3a9ea04255941cd6
663805a606e28589d28362cc1d8fa19a5bc56860
24d511499e91216fa0deefaf1c2875a378f83b01b170f2dfc50d27f2a4978a0a
GET /friendconnect/script/friendconnect.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1598
Date: Fri, 23 Dec 2022 19:56:18 GMT
www.rafist.com/wp-content/themes/internet-10/style.css
185.179.25.119200 OK 2.0 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/style.css
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
Hash e1755bf67f1a7fe1aa2dc6e805e24b75
a3df0dada92accd793a18022101c343ba269ed9a
78596413493a762a94bd0621551f6d997bcd94c11576a83b792741c632c7a209
GET /wp-content/themes/internet-10/style.css HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: text/css
last-modified: Mon, 23 Apr 2012 08:02:01 GMT
etag: "1c7f-4f950c79-6c21ba463c3d5095;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2014
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
www.rafist.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
185.179.25.119200 OK 10 kB URL HTTP/1.1 www.rafist.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 915898ebd9c4735f3af4fe57348658a9
85d4bddc401bb373c291e46e617f9daa12e7883d
e25d0e73f89dc6245fde7c71d631bbec9f4c56d52a9a796af2e890ba1304605b
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.2 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: text/css
last-modified: Mon, 06 Dec 2021 19:38:17 GMT
etag: "13abe-61ae66a9-674a08ebbb803691;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 10496
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
static.addtoany.com/buttons/share_save_171_16.png
104.22.70.197200 OK 1.7 kB URL HTTP/2 static.addtoany.com/buttons/share_save_171_16.png
IP 104.22.70.197:0
File type PNG image data, 171 x 16, 8-bit colormap, non-interlaced\012- data
Hash a9951636f4e162bbe9997b13099c3697
e7711c0e4056a64f5b96d3fbc542cf124f3f5f03
2bd00c5fbf0d687a1dab7f7874c1a57ed73b855813f313ac4e1ec274c58eaa29
GET /buttons/share_save_171_16.png HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:18 GMT
content-type: image/png
content-length: 1657
cache-control: max-age=315360000, immutable
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2572
age: 8628425
etag: "a0c-4ddea93a51d00"
last-modified: Thu, 30 May 2013 07:37:56 GMT
via: e3s
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77e3a8e608fc0d32-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.rafist.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
185.179.25.119200 OK 769 B URL HTTP/1.1 www.rafist.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (1391)
Hash 82e67f050afdb38c20ac6eb305f97c17
df1349df76d66a9cf64377cf335c67c337d85470
5f6c33116e2106cd0f2f28c16062f1d584e74b8539a14ed45e17957634d71b7e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.8.2 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:31:23 GMT
etag: "592-61ae650b-b5599861828c382d;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 769
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
www.rafist.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
185.179.25.119200 OK 241 B URL HTTP/1.1 www.rafist.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
Hash adf659d40cdbf40aa150c2c765242b7e
139f21a147d8ff38610e3b30224e333e5b2f4825
52082cf36af67385b80b5b67ae80cdef7296ef940bdd67a244bc582b89fb658b
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: text/css
last-modified: Mon, 06 Dec 2021 19:54:16 GMT
etag: "176-61ae6a68-60b34deb3f940692;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 241
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
www.rafist.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
185.179.25.119200 OK 129 B URL HTTP/1.1 www.rafist.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with no line terminators
Hash 5ef26b5e47e6951f43ecf2b1fc645222
081afb52577f6f3bb044fdea6d34a632c3cce7e8
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:52:28 GMT
etag: "81-61ae69fc-aec1ee974bcf1457;;;"
accept-ranges: bytes
content-length: 129
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
185.179.25.119200 OK 486 B URL HTTP/1.1 www.rafist.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (1519), with no line terminators
Hash 24fd55e75c0e55acafd43f93e8343c26
8d89ac6650f2b11623992db77fd1c48084a4ae18
820789fea848fa67db89200ffb57a82eebe880de4cc3db4bea6f98ffb9552cb8
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: text/css
last-modified: Mon, 06 Dec 2021 19:52:28 GMT
etag: "5ef-61ae69fc-32f5faac3a81a033;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 486
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
www.rafist.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.179.25.119200 OK 4.2 kB URL HTTP/1.1 www.rafist.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:37:23 GMT
etag: "2bd8-61ae6673-d4aff6121782fbaa;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4168
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
www.rafist.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
185.179.25.119200 OK 4.9 kB URL HTTP/1.1 www.rafist.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (15224)
Hash c5861eec8c65717219134960db9e361e
7a9a5ed5ca3de9e30fa3c14d1ada2ecb6eb4505f
b96639b87d4a408e9cddadc6f2a1228cbb20678f3f069785fe0614c0db78430d
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.2 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:32:01 GMT
etag: "4705-61ae6531-82f5db8f0f3e14ce;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4937
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
www.rafist.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
185.179.25.119200 OK 31 kB URL HTTP/1.1 www.rafist.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (65447)
Hash 554969c8ed0e4b5eece1261c4e1e9cd0
3b514b21c2e26b2caa15054e43ed00184a8ebc38
4a10709ca76c5112fbaf69e065b4ef93dd37bcffd4ae39b351e56d40c9322123
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:37:22 GMT
etag: "15db1-61ae6672-3d85f05f45f39527;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 30969
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
toplist.sk/count.asp?id=1239364
88.86.101.4301 Moved Permanently 0 B URL HTTP/1.1 toplist.sk/count.asp?id=1239364
IP 88.86.101.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /count.asp?id=1239364 HTTP/1.1
Host: toplist.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://toplist.sk/count.asp?id=1239364
toplist.cz/count.asp?id=1258593
88.86.101.2301 Moved Permanently 0 B URL HTTP/1.1 toplist.cz/count.asp?id=1258593
IP 88.86.101.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /count.asp?id=1258593 HTTP/1.1
Host: toplist.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://toplist.cz/count.asp?id=1258593
www.rafist.com/wp-content/themes/internet-10/images/rss.gif
185.179.25.119200 OK 1.1 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/rss.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash 8241f89b2241fd3b946a5bedd9ba0788
740d56b5186d4e031e6b6a8c1493e8c82b266fe5
6511b1a23a8027bcf8e79861cedaa4a0919c06f90c969655fdf594086ccbd86e
GET /wp-content/themes/internet-10/images/rss.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:29 GMT
etag: "425-4f950dfd-7b6c67f0f4d453ea;;;"
accept-ranges: bytes
content-length: 1061
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/com_form.png
185.179.25.119200 OK 1.9 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/com_form.png
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash c01c0770d9ba38c354f0be88acdadaba
47745e2551c8e4982d5507261a6b54e7ab4409e0
6e2961ee278a2a38f92e87d4b71599df2ce94c4597b3f1914635a8b03c9c327b
GET /wp-content/themes/internet-10/images/com_form.png HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/png
last-modified: Mon, 23 Apr 2012 08:08:25 GMT
etag: "777-4f950df9-dae5c07302a5c1d4;;;"
accept-ranges: bytes
content-length: 1911
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/digg.gif
185.179.25.119200 OK 245 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/digg.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 14\012- data
Hash 2544327e9e076e0d47d7d61e3782e3da
0047c7c0cc5bacfbe040c836fee5708e22990f42
e4fb197ba9164b84bacc78856ea01599624d25065fd4df81499746e9ff62d66c
GET /wp-content/themes/internet-10/images/digg.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:26 GMT
etag: "f5-4f950dfa-62562bdd0dd74efa;;;"
accept-ranges: bytes
content-length: 245
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/comment.gif
185.179.25.119200 OK 257 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/comment.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash 3b967759fddccb24519d3a5d8a16adda
bb6d5bbd898ac8a6163cccdaedd24464c23bc4ff
f8e3fa1c28678c564afdf457d1d81f915b1bb8486298c0aae2fd3cd2b3bfa0ab
GET /wp-content/themes/internet-10/images/comment.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:25 GMT
etag: "101-4f950df9-1d9fcd4b228460a8;;;"
accept-ranges: bytes
content-length: 257
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/delicious.gif
185.179.25.119200 OK 103 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/delicious.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash 7b25927bd164778f4d3833065ad9ce3e
29aef72fab3d8ad3eaa87ca0c5c4039057cd875d
ba143df18daa5c1bb6f3187fca87f0abfa08865ec998b68cb5cc224d4c07eb54
GET /wp-content/themes/internet-10/images/delicious.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:25 GMT
etag: "67-4f950df9-1678e1f69de25baf;;;"
accept-ranges: bytes
content-length: 103
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/xmlsitemap.png
185.179.25.119200 OK 273 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/xmlsitemap.png
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type PNG image data, 80 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 035834fd82fcff368a9d1072008c5553
0b206c56943d48aaa201c7df4c65b2f896afe2dc
c8cedaabdc248b16aa9af0b24367126342b5e2b927106d731fd34ed54e3647ad
GET /wp-content/themes/internet-10/images/xmlsitemap.png HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/png
last-modified: Mon, 23 Apr 2012 08:08:32 GMT
etag: "111-4f950e00-4834b12f649ed77e;;;"
accept-ranges: bytes
content-length: 273
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 23 Dec 2022 19:56:18 GMT
Connection: keep-alive
Content-Length: 0
push.services.mozilla.com/
52.26.112.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.26.112.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jz6B2oJlXNsB093MxvRO1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lEVqvqWaaHcMFOYyEcqy0AgtD9o=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 741121729d6f68e58da96be0dc4df2bc
ccbb8bcc71accbb70760601057fd95b50cd2649f
5fc18a71ea64eeb4f353aa47c462ab29f06fd0cd86b739da84d49aca6fb21201
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1667
Cache-Control: max-age=94474
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:18 GMT
Etag: "63a4cf69-1d7"
Expires: Sat, 24 Dec 2022 22:10:52 GMT
Last-Modified: Thu, 22 Dec 2022 21:43:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.rafist.com/wp-content/themes/internet-10/images/tabmenu.gif
185.179.25.119200 OK 4.8 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/tabmenu.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 960 x 39\012- data
Hash e20eb47b9e6129e3a59feeaba88707e1
ca3298670d165744819b01c5398f37c98579338d
1fccde1d8c91f5923d301e6af228a3ec88022ba4de8ef3a647a0e7d4435fd596
GET /wp-content/themes/internet-10/images/tabmenu.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:32 GMT
etag: "12dc-4f950e00-f0a61be8075026e9;;;"
accept-ranges: bytes
content-length: 4828
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/searchbg.gif
185.179.25.119200 OK 5.3 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/searchbg.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 960 x 62\012- data
Hash dc50cf7cd190c424a469f362bfd3e0c6
c6ab373f20adfd8003ed654030f7dacf14897024
0d74b8e82110e6876d0c21c498d894a0d62c5189f190a172810d052d89b1704c
GET /wp-content/themes/internet-10/images/searchbg.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:30 GMT
etag: "14c7-4f950dfe-a28a27adb3e534e9;;;"
accept-ranges: bytes
content-length: 5319
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/barbg.gif
185.179.25.119200 OK 982 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/barbg.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 82 x 32\012- data
Hash 8a4331a30416cf454ad2b0abc835c896
13f3a5a40cb75258f71b43b98abaa566138a4963
2367039c876efe5532796cdfeec5298a8026316c7091c7b8b44c425084f16558
GET /wp-content/themes/internet-10/images/barbg.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:23 GMT
etag: "3d6-4f950df7-558634703051d872;;;"
accept-ranges: bytes
content-length: 982
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/folder.gif
185.179.25.119200 OK 274 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/folder.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash e00a9767c5e0d703eef931e036cd63fa
e220ba12f15c75236e06da840e5d97701e58072c
30d9435caaf4e28152d2b2d76b191b7ccc34b57bd48d402a3d9071320d4b972e
GET /wp-content/themes/internet-10/images/folder.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:26 GMT
etag: "112-4f950dfa-b849865e8fab9f1e;;;"
accept-ranges: bytes
content-length: 274
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/timeicon.gif
185.179.25.119200 OK 207 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/timeicon.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash cebf0d8c08804c222a97850ff556d6f7
f97818deec45a2787cdd059aefcae010b18a441b
490f47c0dad65dc119f7c92455c40dd2b7f63bdb48b97690cb97441db7207258
GET /wp-content/themes/internet-10/images/timeicon.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:32 GMT
etag: "cf-4f950e00-bd2d01fd4ac1a30b;;;"
accept-ranges: bytes
content-length: 207
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9863489c9dc3bbb2ebd87cfba1fc982a
b8ac67d17ab624ccab2ecad45f6474782efb9fdb
bd67cf137cf0640cd0d87b6d961f26f27a82916435c5240d9966baa0320f4102
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD67CF137CF0640CD0D87B6D961F26F27A82916435C5240D9966BAA0320F4102"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6749
Expires: Fri, 23 Dec 2022 21:48:47 GMT
Date: Fri, 23 Dec 2022 19:56:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c04eb488a274207a90312b81017dc17
45eb29a575e67b031b2941d27268fb273ab44819
07a3a0fd0902febda661c16a5ce4cbb412cb36b55e87031de1876ca4b927dfa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07A3A0FD0902FEBDA661C16A5CE4CBB412CB36B55E87031DE1876CA4B927DFA7"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9940
Expires: Fri, 23 Dec 2022 22:41:58 GMT
Date: Fri, 23 Dec 2022 19:56:18 GMT
Connection: keep-alive
www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rafist.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: /jLRZsOwEsJLJ0eL6zxJo0KBY2mxQg5CxNMt1m1ayhXGY6j06y1IqRpDF5hrmus2insrXAS55V1cw/QkZYFKnQ==
content-length: 0
date: Fri, 23 Dec 2022 19:56:18 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 741121729d6f68e58da96be0dc4df2bc
ccbb8bcc71accbb70760601057fd95b50cd2649f
5fc18a71ea64eeb4f353aa47c462ab29f06fd0cd86b739da84d49aca6fb21201
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1667
Cache-Control: max-age=94474
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:18 GMT
Etag: "63a4cf69-1d7"
Expires: Sat, 24 Dec 2022 22:10:52 GMT
Last-Modified: Thu, 22 Dec 2022 21:43:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
www.rafist.com/wp-content/themes/internet-10/images/shadow.gif
185.179.25.119200 OK 1.1 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/shadow.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 65 x 70\012- data
Hash 0c5cd362d75428a7056c36db279d3408
b6d425fa3360e9f36c310028ccc5dc7020be3474
c33f60eeb7b27583fd79c56c6b7ae208092d9deae86b9098bbcb9937824602b0
GET /wp-content/themes/internet-10/images/shadow.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:30 GMT
etag: "469-4f950dfe-1369923be64a2334;;;"
accept-ranges: bytes
content-length: 1129
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.kalipci.com/images/cnc.png
185.179.25.119200 OK 55 kB URL HTTP/1.1 www.kalipci.com/images/cnc.png
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 6b019c92889629583a42e6df5115bb5e
9e1a58bc67037f36cbda05165d4d385ccc075e3d
8b92a316e4e7650ed1ce79ab3377baa0b25d033bc0f2753d69428914670496f1
GET /images/cnc.png HTTP/1.1
Host: www.kalipci.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/png
last-modified: Tue, 02 Aug 2016 13:47:21 GMT
etag: "d6ff-57a0a469-d98890f38df5442a;;;"
accept-ranges: bytes
content-length: 55039
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FDestegi%2F173214066036266&width=270&colorscheme=light&connections=8&stream=false&header=true&height=290
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FDestegi%2F173214066036266&width=270&colorscheme=light&connections=8&stream=false&header=true&height=290
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FDestegi%2F173214066036266&width=270&colorscheme=light&connections=8&stream=false&header=true&height=290 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FDestegi%2F173214066036266&width=270&colorscheme=light&connections=8&stream=false&header=true&height=290
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 23 Dec 2022 19:56:18 GMT
Connection: keep-alive
Content-Length: 0
www.google.com/friendconnect/script/friendconnect.js
142.250.74.132404 Not Found 1.6 kB URL HTTP/1.1 www.google.com/friendconnect/script/friendconnect.js
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8dc494040a252b9a3a9ea04255941cd6
663805a606e28589d28362cc1d8fa19a5bc56860
24d511499e91216fa0deefaf1c2875a378f83b01b170f2dfc50d27f2a4978a0a
GET /friendconnect/script/friendconnect.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1598
Date: Fri, 23 Dec 2022 19:56:18 GMT
www.rafist.com/wp-content/themes/internet-10/images/boxtop.gif
185.179.25.119200 OK 538 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/boxtop.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 292 x 19\012- data
Hash 56e961a57fd7ce4a784c4dddef635620
cbc329427dc680a1b5a4fa1cd9142d42608e3973
5d4c304e65461b75fe2b0a30ffc4583a8058413737284d04e2814dc5a55f1d9b
GET /wp-content/themes/internet-10/images/boxtop.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:24 GMT
etag: "21a-4f950df8-47e429598fac3d5;;;"
accept-ranges: bytes
content-length: 538
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/box.gif
185.179.25.119200 OK 4.1 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/box.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 292 x 1500\012- data
Hash 1361a4fbc6a62dc167c7f727516e6bf1
821d3644e658d66c84f9dd292dfb1b6f498a4106
cfeba418f8b0fc736a60ad586dec665f7c6c900033d07ed0a71cb444287500fc
GET /wp-content/themes/internet-10/images/box.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:24 GMT
etag: "fff-4f950df8-872f56007a53cc9b;;;"
accept-ranges: bytes
content-length: 4095
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/gbox.gif
185.179.25.119200 OK 622 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/gbox.gif
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 960 x 35\012- data
Hash 74b83d05db89ac7f9371aa2d3db8a9a4
dc4998e4e519e1afe2edb7b84a2484976bf1eb45
4a16648e3dbc15a146cf35d92d322ab4c81bccb1893daa0f393d3af7f20ffbba
GET /wp-content/themes/internet-10/images/gbox.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:18 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:27 GMT
etag: "26e-4f950dfb-31fc738e46d7fa4d;;;"
accept-ranges: bytes
content-length: 622
date: Fri, 23 Dec 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/Z4iR9Jq38WK.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.9 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/Z4iR9Jq38WK.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 73a7901544d5e35ddbad5677e4d442ec
40b1d634be74bdf9593ef741efb2d4509cf9e2df
527f958c88ac376a34bf3e567ea9d62df43847a42b8739f843333fe3de961e51
GET /rsrc.php/v3/y9/l/0,cross/Z4iR9Jq38WK.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 23 Dec 2023 18:04:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: c6eQFUTV413brVZ35NRC7A==
x-fb-debug: e3hB1PMvNjpec0bl/yvMbRZISEM/j6NK+zyb6wmshgQvj4I26U3CSdxHbvRNiPdPBXPR/LbQZMb8rl2WferS0g==
content-length: 4910
x-fb-trip-id: 1904183273
date: Fri, 23 Dec 2022 19:56:18 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
srv.sayyac.net/sa.js?_salogin=rafist&_sav=4.3
31.186.15.180200 OK 0 B URL HTTP/1.1 srv.sayyac.net/sa.js?_salogin=rafist&_sav=4.3
IP 31.186.15.180:0
ASN #197720 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sa.js?_salogin=rafist&_sav=4.3 HTTP/1.1
Host: srv.sayyac.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 19:56:18 GMT
Content-Type: application/x-javascript
Content-Length: 0
Last-Modified: Wed, 16 Mar 2022 15:00:14 GMT
Connection: close
ETag: "6231fb7e-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-Ranges: bytes
toplist.cz/count.asp?id=1258593
88.86.101.2200 OK 17 kB URL HTTP/2 toplist.cz/count.asp?id=1258593
IP 88.86.101.2:0
File type PNG image data, 88 x 31, 4-bit colormap, non-interlaced\012- data
Hash cde030e26e6865fbb80d2d056500860c
c7e32ec0ac67cad1705055bd92ac3a069545dd8d
a11edabba48e0cecd557d9ff2f06980b4d65115d7661abba51008e1aab6f9da2
GET /count.asp?id=1258593 HTTP/1.1
Host: toplist.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rafist.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:18 GMT
server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9
pragma: no-cache
cache-control: private,no-cache,no-store,must-revalidate,max-age=0
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
x-w: 4
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
142.250.74.110200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Fri, 23 Dec 2022 19:06:10 GMT
Expires: Fri, 23 Dec 2022 21:06:10 GMT
Cache-Control: public, max-age=7200
Age: 3009
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.rafist.com/favicon.ico
185.179.25.119200 OK 4.8 kB URL HTTP/1.1 www.rafist.com/favicon.ico
IP 185.179.25.119:0
ASN #59674 Aysima Bilisim Teknolojileri
File type MS Windows icon resource - 4 icons, 16x16, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel\012- data
Hash 0c2638253fbb0b1fac78238fbb0f70be
e98a61f9be45f619be47e1bfbfbbeba9876ad77a
d0959bcb72da7102d3744f6d3c0c6c1822aa15af07a5536edda59849c010b748
GET /favicon.ico HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/egitim/fabl-nedir-ozellikleri.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aToyNzA3MDt9
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 19:56:19 GMT
content-type: image/x-icon
last-modified: Mon, 23 Apr 2012 07:54:32 GMT
etag: "1e26-4f950ab8-48322b867f0c3a88;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4765
date: Fri, 23 Dec 2022 19:56:19 GMT
server: LiteSpeed
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fwww.rafist.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fwww.rafist.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fwww.rafist.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 159186
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Dec 2022 19:56:19 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a06281b6bb06069d21666372c708f6c0
c7622a20b3fb40dcb00f393382601e95ff59a8c2
8b7f74ecc617d58979a40b30abe40faca246e302528c3fe3d086f339574a7809
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2029672632&utmhn=www.rafist.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&utmhid=935064656&utmr=-&utmp=%2Fegitim%2Ffabl-nedir-ozellikleri.html&utmht=1671825377667&utmac=UA-5464494-5&utmcc=__utma%3D16126261.1203835410.1671825378.1671825378.1671825378.1%3B%2B__utmz%3D16126261.1671825378.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=415014984&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.110200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2029672632&utmhn=www.rafist.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&utmhid=935064656&utmr=-&utmp=%2Fegitim%2Ffabl-nedir-ozellikleri.html&utmht=1671825377667&utmac=UA-5464494-5&utmcc=__utma%3D16126261.1203835410.1671825378.1671825378.1671825378.1%3B%2B__utmz%3D16126261.1671825378.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=415014984&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2029672632&utmhn=www.rafist.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&utmhid=935064656&utmr=-&utmp=%2Fegitim%2Ffabl-nedir-ozellikleri.html&utmht=1671825377667&utmac=UA-5464494-5&utmcc=__utma%3D16126261.1203835410.1671825378.1671825378.1671825378.1%3B%2B__utmz%3D16126261.1671825378.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=415014984&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 19:56:19 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 31b92dcf24f74d1adeb282e62192d5ae
00f1b66d5aa8f1ad6e99af7fb35a204c3eb269e5
3da487c07eb2b8406b58ffebb85a542620f793f4b650de901d85540dd251d2f1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 19:56:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 23:33:42 GMT
Expires: Wed, 28 Dec 2022 23:33:41 GMT
Etag: "00f1b66d5aa8f1ad6e99af7fb35a204c3eb269e5"
Cache-Control: max-age=444441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e3a8eb9f36b505-OSL
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=pub-7960993394641930&plah=www.rafist.com&bust=31071251
142.250.74.162200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=pub-7960993394641930&plah=www.rafist.com&bust=31071251
IP 142.250.74.162:0
File type ASCII text, with very long lines (5821)
Size 120 kB (119796 bytes)
Hash c9ed7ec0d7645643cec6c9ac55791ab0
ee7a31e7ee8bbfbf232680b7c7591498c568bbfe
8f77b0622f2d7bc35c9d8032169a42295dd87178335cb57e1ecf4d992baacef0
GET /pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=pub-7960993394641930&plah=www.rafist.com&bust=31071251 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Dec 2022 19:56:19 GMT
expires: Fri, 23 Dec 2022 19:56:19 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 9448190301574451420
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119796
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 12eb1979ceab5147205129f6d736db94
1cc882358f522aea296aac8c9115ce85568e25bf
e9cc51d466be299eb90e7c24b2069df97f1e6ffce4ae8787c93700e1ffc3449a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4318
Cache-Control: max-age=123736
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Etag: "63a5375d-139"
Expires: Sun, 25 Dec 2022 06:18:35 GMT
Last-Modified: Fri, 23 Dec 2022 05:06:37 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
widgets.amung.us/small.js
172.67.8.141200 OK 3.5 kB URL HTTP/1.1 widgets.amung.us/small.js
IP 172.67.8.141:0
File type ASCII text, with very long lines (8560), with no line terminators
Hash 08283f674ed2a3a87b0ca0b64950ef28
1d6018c4a9104d337726cfe9f67b43ff37acc0cb
442e1c2e9e1692d86c6c4df3c68167fbddb4ec4ec7fa90258fd683f5a5f3578d
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 19:56:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Sat, 17 Dec 2022 20:58:51 GMT
etag: W/"639e2d8b-2170"
expires: Sat, 24 Dec 2022 19:56:19 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77e3a8eae9beb4ed-OSL
syndication.twitter.com/settings?session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
104.244.42.8200 OK 413 B URL HTTP/2 syndication.twitter.com/settings?session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
IP 104.244.42.8:0
File type JSON data\012- , ASCII text, with very long lines (1169), with no line terminators
Hash dcb17110e4a6846ad567aa1d4474c1a8
3cb8b14ad883a58470eb1e1c4ee7b0f5ff346114
c8b223d1b58c2c84b787daf5bde63869465bf0e21d1358db493d1fdd7bb1e472
GET /settings?session_id=f1b565bc048378e9f5e257a8630c1c091445dc52 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:18 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 23 Dec 2022 19:56:19 GMT
content-length: 413
content-encoding: gzip
x-transaction-id: b40e05044b87ec71
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 107
x-connection-hash: 8fbb053dbb08ef4ca3209b2a200f7fb5832e90582b3a0f8ca6d827636b1f68e1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 118e9e463e1e5174953658f35fb83427
8c2ba52661133dc0d78d0a756996ddb690112e35
8d56cd051472c79b399e7fe5165f4bf46761fb30b519177a8ff76da17214dd36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ecc130cabc8432a4c29a8ee3c411345f
ec68a99dcefeae0499da898b048d5a1a850d6256
71a24b7303015b50931d655a2761bd377379b2d8a1fba34d90311bdc1462e5d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.rafist.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.rafist.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.rafist.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Dec 2022 19:56:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.rafist.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.rafist.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.rafist.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Dec 2022 19:56:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 23 Dec 2022 19:56:19 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 118e9e463e1e5174953658f35fb83427
8c2ba52661133dc0d78d0a756996ddb690112e35
8d56cd051472c79b399e7fe5165f4bf46761fb30b519177a8ff76da17214dd36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ecc130cabc8432a4c29a8ee3c411345f
ec68a99dcefeae0499da898b048d5a1a850d6256
71a24b7303015b50931d655a2761bd377379b2d8a1fba34d90311bdc1462e5d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=250&slotname=9615964169&adk=1925752539&adf=1032968991&pi=t.ma~as.9615964169&w=300&lmt=1671825377&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=26&bdt=692&idt=556&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=2851880759737&frm=20&pv=2&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=164&ady=423&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=OI9vlyPkYC&p=http%3A//www.rafist.com&dtd=671
216.58.211.2400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=250&slotname=9615964169&adk=1925752539&adf=1032968991&pi=t.ma~as.9615964169&w=300&lmt=1671825377&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=26&bdt=692&idt=556&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=2851880759737&frm=20&pv=2&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=164&ady=423&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=OI9vlyPkYC&p=http%3A//www.rafist.com&dtd=671
IP 216.58.211.2:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-7960993394641930&output=html&h=250&slotname=9615964169&adk=1925752539&adf=1032968991&pi=t.ma~as.9615964169&w=300&lmt=1671825377&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=26&bdt=692&idt=556&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=2851880759737&frm=20&pv=2&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=164&ady=423&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=OI9vlyPkYC&p=http%3A//www.rafist.com&dtd=671 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Dec 2022 19:56:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Dec-2022 20:11:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=600&slotname=1657224608&adk=3061699995&adf=3066035636&pi=t.ma~as.1657224608&w=160&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=7&bdt=692&idt=629&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169%2C1314715223%2C1314715223&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=887&ady=462&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=vkwHKEQEy0&p=http%3A//www.rafist.com&dtd=699
216.58.211.2400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=600&slotname=1657224608&adk=3061699995&adf=3066035636&pi=t.ma~as.1657224608&w=160&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=7&bdt=692&idt=629&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169%2C1314715223%2C1314715223&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=887&ady=462&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=vkwHKEQEy0&p=http%3A//www.rafist.com&dtd=699
IP 216.58.211.2:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-7960993394641930&output=html&h=600&slotname=1657224608&adk=3061699995&adf=3066035636&pi=t.ma~as.1657224608&w=160&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=7&bdt=692&idt=629&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169%2C1314715223%2C1314715223&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=887&ady=462&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=vkwHKEQEy0&p=http%3A//www.rafist.com&dtd=699 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Dec 2022 19:56:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Dec-2022 20:11:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=15&slotname=1314715223&adk=371351906&adf=325288813&pi=t.ma~as.1314715223&w=468&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=5&bdt=692&idt=626&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169%2C1314715223&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=245&ady=1912&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sXCT9qihxx&p=http%3A//www.rafist.com&dtd=691
216.58.211.2400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=15&slotname=1314715223&adk=371351906&adf=325288813&pi=t.ma~as.1314715223&w=468&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=5&bdt=692&idt=626&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169%2C1314715223&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=245&ady=1912&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sXCT9qihxx&p=http%3A//www.rafist.com&dtd=691
IP 216.58.211.2:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-7960993394641930&output=html&h=15&slotname=1314715223&adk=371351906&adf=325288813&pi=t.ma~as.1314715223&w=468&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=5&bdt=692&idt=626&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169%2C1314715223&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=245&ady=1912&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=sXCT9qihxx&p=http%3A//www.rafist.com&dtd=691 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Dec 2022 19:56:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Dec-2022 20:11:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=250&slotname=9615964169&adk=1925752539&adf=1461408954&pi=t.ma~as.9615964169&w=300&lmt=1671825377&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=9&bdt=693&idt=572&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=494&ady=423&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Yfut9UQufq&p=http%3A//www.rafist.com&dtd=678
216.58.211.2400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=250&slotname=9615964169&adk=1925752539&adf=1461408954&pi=t.ma~as.9615964169&w=300&lmt=1671825377&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=9&bdt=693&idt=572&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=494&ady=423&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Yfut9UQufq&p=http%3A//www.rafist.com&dtd=678
IP 216.58.211.2:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-7960993394641930&output=html&h=250&slotname=9615964169&adk=1925752539&adf=1461408954&pi=t.ma~as.9615964169&w=300&lmt=1671825377&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=9&bdt=693&idt=572&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=494&ady=423&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Yfut9UQufq&p=http%3A//www.rafist.com&dtd=678 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Dec 2022 19:56:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Dec-2022 20:11:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=15&slotname=1314715223&adk=371351906&adf=1013883472&pi=t.ma~as.1314715223&w=468&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=8&bdt=693&idt=622&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=245&ady=1837&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7IQ0sqGOLq&p=http%3A//www.rafist.com&dtd=684
216.58.211.2400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7960993394641930&output=html&h=15&slotname=1314715223&adk=371351906&adf=1013883472&pi=t.ma~as.1314715223&w=468&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=8&bdt=693&idt=622&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=245&ady=1837&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7IQ0sqGOLq&p=http%3A//www.rafist.com&dtd=684
IP 216.58.211.2:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-7960993394641930&output=html&h=15&slotname=1314715223&adk=371351906&adf=1013883472&pi=t.ma~as.1314715223&w=468&lmt=1671825378&url=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&wgl=1&dt=1671825377324&bpp=8&bdt=693&idt=622&shv=r20221207&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9615964169%2C9615964169&correlator=2851880759737&frm=20&pv=1&ga_vid=1203835410.1671825378&ga_sid=1671825378&ga_hid=935064656&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=245&ady=1837&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071251%2C44780792&oid=2&pvsid=3924541092331216&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7IQ0sqGOLq&p=http%3A//www.rafist.com&dtd=684 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Dec 2022 19:56:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Dec-2022 20:11:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
IP 216.58.211.3:0
Hash 57931fe101b089bd715adec30f3b431f
2911a6699c29896946d74aea6cf4cae4cc6b0bd5
1df15c4322f6552412ca243adc7f0f0686e6a78ac06b22bfaf98000881052d32
POST /s/gts1p5/JNJj-Xek6-M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
93.184.220.66200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7017), with no line terminators
Hash 83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 159187
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 23 Dec 2022 19:56:19 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 512a3073e0c9af16e4582aa8af548d72
0ee9ed603c8d1ec40836c3ae4ec06240f7e43d7e
f58c74695548bbd70570429c8a6d5b1edd6fe72924bf214fb163715ae4e31484
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.rafist.com&callback=_gfp_s_&client=ca-pub-7960993394641930&gpid_exp=1
216.58.207.194200 OK 250 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.rafist.com&callback=_gfp_s_&client=ca-pub-7960993394641930&gpid_exp=1
IP 216.58.207.194:0
File type ASCII text, with very long lines (387), with no line terminators
Hash 08e12d9c322ec8655cdff8b9fda715b0
3973f1e470a2f75b192961c9579f9d787865a49d
6ebc0550db5bda36ea300739124b6b8532414ae3a17ed574a7bc667c2baa96f0
GET /gampad/cookie.js?domain=www.rafist.com&callback=_gfp_s_&client=ca-pub-7960993394641930&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Dec 2022 19:56:19 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3934
Expires: Fri, 23 Dec 2022 21:01:53 GMT
Date: Fri, 23 Dec 2022 19:56:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3934
Expires: Fri, 23 Dec 2022 21:01:53 GMT
Date: Fri, 23 Dec 2022 19:56:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3934
Expires: Fri, 23 Dec 2022 21:01:53 GMT
Date: Fri, 23 Dec 2022 19:56:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3934
Expires: Fri, 23 Dec 2022 21:01:53 GMT
Date: Fri, 23 Dec 2022 19:56:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3934
Expires: Fri, 23 Dec 2022 21:01:53 GMT
Date: Fri, 23 Dec 2022 19:56:19 GMT
Connection: keep-alive
platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
93.184.220.66200 OK 15 kB URL HTTP/1.1 platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26401)
Hash 5b6eacf8366355e295156bc22b73d149
99b2bc06459f9bdd5f56be679f9e4b037240dbc1
4a9108d556fbb6eed9ab92f81b4fd15202ed5504ad32d39ee2ff19445fe943c0
GET /widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 158811
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Dec 2022 19:56:19 GMT
Etag: "309f7bc00699d43138a43b3eefbc89f6+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 15412
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 23 Dec 2022 19:56:19 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FGP2S7V05eAwwnHzdlYQJC9ZW-5xLD8Aqi7XBCcJtaqbVoNCocGFhw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:50:42 GMT
age: 65137
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 159176
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Dec 2022 19:56:19 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c1a3c98-ff73-4c90-ad24-b2223ae207cd.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c1a3c98-ff73-4c90-ad24-b2223ae207cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 181fbb7e44b44baa067e51cdc7f4d4e2
7f0c20921a04f92e79393ea10c85db9460f9d165
1cd612257cd0388e48cc855a4c03b6b167da3bd60afd6b4a41d9c6a7922efdbd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c1a3c98-ff73-4c90-ad24-b2223ae207cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7763
x-amzn-requestid: 298c4f10-c248-43a4-878e-8f119819bdc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhBhLFy8IAMFtMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37c6d-30fed0cc51ee789b0f7e6fcc;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:36:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TY2LKtYdHxtj1hfP7lFi4R1E6mJmDUZkr-SbobElcCXqBlNXJEtXsA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 22:33:01 GMT
age: 76998
etag: "7f0c20921a04f92e79393ea10c85db9460f9d165"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5dd6622433d537fbb91a04bd3b57d873
552f216608b819b4f65f0574e421f4a761f0d721
5e9b03133d928378a775ab52ec6e58cd7753aa2975a4966534353c0d6bc46af5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11471
x-amzn-requestid: 20d9459a-710b-4fcf-bfce-9f0c5f513740
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbNEqGPnoAMFcDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a12884-4a93ab9047181db109d328e2;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 03:14:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qFwWS-f0U1hSbrFFgBiGNzXRvZyvR90n_MI7jfYfWsyv2W6jH8D-9w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 04:54:20 GMT
age: 54119
etag: "552f216608b819b4f65f0574e421f4a761f0d721"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=roa03d91thhu&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&c=s&x=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&y=&a=0&d=1.803&v=27&r=5051
104.22.74.171200 OK 50 B URL HTTP/1.1 whos.amung.us/pingjs/?k=roa03d91thhu&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&c=s&x=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&y=&a=0&d=1.803&v=27&r=5051
IP 104.22.74.171:0
File type ASCII text, with no line terminators
Hash bd0a0e5f5e708504f4ac60ac1e3e8f93
9d2cd3125daf1704255bd3f605b0ec468efc58b2
5aa003be51b3fd63027592a10a14fdeec0ff1c0f7bb90f462b2fd022815cc532
GET /pingjs/?k=roa03d91thhu&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler&c=s&x=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&y=&a=0&d=1.803&v=27&r=5051 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 19:56:19 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e3a8eecfe80d3a-ARN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61b1b9ece5581fe0b212144f45243f1a
d161c613f1491ae6ab63b536c50c6630e80d6382
f5a2b23b66a05734b86755986573c07c5f75bc6cbe67d2b769aee9ef402b2c14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7117
x-amzn-requestid: 470b959f-7f5f-4a64-8d8d-bfc91856fad2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUnBBFhZIAMFhiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e8539-3916bad034c86d5503e456f2;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UIB-d7y4AawAml6oXhsAeoIud_U-fhQzha7VwRqY9AgNaYtJ49nlzg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 05:06:41 GMT
age: 53378
etag: "d161c613f1491ae6ab63b536c50c6630e80d6382"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 512a3073e0c9af16e4582aa8af548d72
0ee9ed603c8d1ec40836c3ae4ec06240f7e43d7e
f58c74695548bbd70570429c8a6d5b1edd6fe72924bf214fb163715ae4e31484
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ee73339f3e7eaeb4c1ecab1a24632a8
48ff42e4329102d6a006b8f947bfaf29c0a5de17
ae5787d0df124d7d95ccaaf58148bb46c931610ca908cd58787748da5b75a1c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12794
x-amzn-requestid: 82617475-f461-429b-b38d-0c84eee33754
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk55IGPioAMFi1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a509d3-0dfc997d3853974a08914362;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:52:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -24dBoLhaZcF6kjZCYp8EJSAYmslMmv15G3oPgPAydPxVA0j51Vs3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:52:20 GMT
age: 65039
etag: "48ff42e4329102d6a006b8f947bfaf29c0a5de17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
93.184.220.66200 OK 15 kB URL HTTP/1.1 platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26401)
Hash 5b6eacf8366355e295156bc22b73d149
99b2bc06459f9bdd5f56be679f9e4b037240dbc1
4a9108d556fbb6eed9ab92f81b4fd15202ed5504ad32d39ee2ff19445fe943c0
GET /widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 158811
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Dec 2022 19:56:19 GMT
Etag: "309f7bc00699d43138a43b3eefbc89f6+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 15412
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88dede3fbbab789a953b46f7abd99bec
fdd5a2c09ec16ffccd33bde9f503171607b65653
a45d65e7e99c7eca94d2ded3741d1823a8ff1358065021e837b65247fd0e96ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8838
x-amzn-requestid: 0dc7c87e-41a8-4bb9-94d3-fe58274100c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqFaxoAMFk-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-58fd6c175081eb4b11663189;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iI3L3JYjnY8hPns-f2AQwmQTZgsnPsLUFHPF4GyNC0D-JdYWsdCm1A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:49:55 GMT
age: 79584
etag: "fdd5a2c09ec16ffccd33bde9f503171607b65653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
93.184.220.66200 OK 15 kB URL HTTP/1.1 platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26401)
Hash 5b6eacf8366355e295156bc22b73d149
99b2bc06459f9bdd5f56be679f9e4b037240dbc1
4a9108d556fbb6eed9ab92f81b4fd15202ed5504ad32d39ee2ff19445fe943c0
GET /widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 157156
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Dec 2022 19:56:19 GMT
Etag: "309f7bc00699d43138a43b3eefbc89f6+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 15412
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0&t=Fabl%20Nedir%3F%20%E2%80%93%20%C3%96zellikleri%20-%20Rafist%20Genel%20Bilgiler HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 23 Dec 2022 19:56:19 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378318%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378318%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378318%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:18 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 23 Dec 2022 19:56:19 GMT
content-length: 43
x-transaction-id: a6a4b9625b303cd2
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: 8fbb053dbb08ef4ca3209b2a200f7fb5832e90582b3a0f8ca6d827636b1f68e1
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378316%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378316%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378316%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:19 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 23 Dec 2022 19:56:19 GMT
content-length: 43
x-transaction-id: 5446c066c82eadc9
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 8fbb053dbb08ef4ca3209b2a200f7fb5832e90582b3a0f8ca6d827636b1f68e1
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378315%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378315%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378315%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:19 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 23 Dec 2022 19:56:19 GMT
content-length: 43
x-transaction-id: 486290bb8e2732b2
strict-transport-security: max-age=631138519
x-response-time: 114
x-connection-hash: 8fbb053dbb08ef4ca3209b2a200f7fb5832e90582b3a0f8ca6d827636b1f68e1
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378320%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378320%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671825378320%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=f1b565bc048378e9f5e257a8630c1c091445dc52 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:19 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 23 Dec 2022 19:56:19 GMT
content-length: 43
x-transaction-id: 1425702a707da4ba
strict-transport-security: max-age=631138519
x-response-time: 118
x-connection-hash: 8fbb053dbb08ef4ca3209b2a200f7fb5832e90582b3a0f8ca6d827636b1f68e1
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=anehAeJVKr4lROadbi-bpO&dn=TI&cc=1&r=
67.202.105.33200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=anehAeJVKr4lROadbi-bpO&dn=TI&cc=1&r=
IP 67.202.105.33:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=anehAeJVKr4lROadbi-bpO&dn=TI&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Sat, 24 Dec 2022 19:56:19 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Fri, 23 Dec 2022 19:56:19 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 23 Dec 2022 19:56:20 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 23 Dec 2022 19:56:20 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 23 Dec 2022 19:56:20 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0
67.202.105.34204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0
IP 67.202.105.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671825377641&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 23 Dec 2022 19:56:20 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0efe6c6adeed3fcee312af52fd09aa65
4e6bcd2a7af8e40806bb432987e92e195396cf71
580daa8185c8d6d478f6ca1a0d0a993bb3ac0c4b6b7d79ca6873436fc6a003e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 23 Dec 2022 19:56:20 GMT
expires: Fri, 23 Dec 2022 19:56:20 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
172.217.21.161200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 17:31:48 GMT
expires: Sat, 23 Dec 2023 17:31:48 GMT
cache-control: public, max-age=31536000
age: 8672
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 29d3696d17220dcd271363e420d6d592
16fb6e6352605346ddca3f28e69ed5e3b3980057
3a5946f894fc0ec400905c1a88a943fb60b5170dc0fc6946c13f800964af79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 19:56:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d59a2fde076746e4255dcfcc9322d856
66727c8d36cfed8d9ba3b91467c301f229de425d
1cb719ff89ef82191e7d6466eda05738619f47eadfe59911194442705096ad88
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 23 Dec 2022 19:56:20 GMT
date: Fri, 23 Dec 2022 19:56:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-5jhccriWQKkuJPKy7RlfDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.162200 OK 0 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.162:0
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Fri, 23 Dec 2022 19:56:18 GMT
Expires: Fri, 23 Dec 2022 19:56:18 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 8433675403400709945
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36246
X-XSS-Protection: 0
static.addtoany.com/menu/page.js
104.22.70.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 104.22.70.197:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:18 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 128644
etag: W/"c04-5ee0ab04c6251"
last-modified: Tue, 22 Nov 2022 08:09:18 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77e3a8e608fb0d32-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sc.tynt.com/script/sc/anehAeJVKr4lROadbi-bpO.js
104.18.36.173200 OK 0 B URL HTTP/2 sc.tynt.com/script/sc/anehAeJVKr4lROadbi-bpO.js
IP 104.18.36.173:0
GET /script/sc/anehAeJVKr4lROadbi-bpO.js HTTP/1.1
Host: sc.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:19 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
status: 200 OK
x-rack-cache: fresh
cache-control: max-age=86400, public, s-maxage=172800
last-modified: Wed, 21 Dec 2022 15:08:58 GMT
x-xss-protection: 1; mode=block
x-request-id: 2c29c7ad-2b0c-4b26-bc64-09c5ae71de7d
x-content-digest: 72a6195042fe9092998fb2abfd618ab5ee05170f
x-runtime: 0.002764
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Fri, 23 Dec 2022 08:10:23 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
cf-ray: 77e3a8ebe8ccb512-OSL
X-Firefox-Spdy: h2
toplist.sk/count.asp?id=1239364
88.86.101.4200 OK 0 B URL HTTP/2 toplist.sk/count.asp?id=1239364
IP 88.86.101.4:0
GET /count.asp?id=1239364 HTTP/1.1
Host: toplist.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rafist.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:18 GMT
server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9
pragma: no-cache
cache-control: private,no-cache,no-store,must-revalidate,max-age=0
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
x-w: 9
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&j=
141.101.120.10200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&j=
IP 141.101.120.10:0
GET /i/?l=http%3A%2F%2Fwww.rafist.com%2Fegitim%2Ffabl-nedir-ozellikleri.html&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:19 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Fri, 23-Dec-2022 21:19:39 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Fri, 23-Dec-2022 23:56:19 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1671825379; Domain=dtscout.com; Expires=Sun, 02-Apr-2023 19:56:19 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.658
expires: Fri, 23 Dec 2022 19:56:18 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kv7Vzxp2Ds4Bk0D224aAugj7HeFjqwxB%2BgPUYuxOIs6bKQ94MMAWPrDJ1HN%2BSWBHPrJuD3nSL%2BJTlVVIR2RlMTT5yHUyt0HadxwVhc62j%2BGN6UdsubF6apxuQfk2Pps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e3a8ee1ea7f15a-ARN
content-encoding: br
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
104.18.36.173200 OK 0 B IP 104.18.36.173:0
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:19 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:21 GMT
vary: Accept-Encoding
etag: W/"62d96951-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 188943
expires: Mon, 26 Dec 2022 19:56:19 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 77e3a8f01d39b512-OSL
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=rafist.com&_ss=32lk9cpcoj&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6zv2&_cb=_dtspv.c
141.101.120.10200 OK 0 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=rafist.com&_ss=32lk9cpcoj&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6zv2&_cb=_dtspv.c
IP 141.101.120.10:0
GET /pv/?_a=v&_h=rafist.com&_ss=32lk9cpcoj&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6zv2&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Cookie: m=1; oa=1; df=1671825379
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 19:56:20 GMT
content-type: application/javascript
x-t: 0.133
x-c: 0
expires: Fri, 23 Dec 2022 19:56:19 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qV8IlUvCd07jQTEyTJcg%2B2P42wKze%2BMKSpPGWUKGqP%2BZnA8bXe9xMje8L0uqYUgpwHjiz%2FGGG8XzljHN3DJw8pIL7xIt45RS9W%2F5100rx56dF8RI5xNzM10%2Bljgr5Vk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e3a8f00f94f15a-ARN
content-encoding: br
X-Firefox-Spdy: h2