r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4902
Expires: Mon, 05 Dec 2022 00:57:50 GMT
Date: Sun, 04 Dec 2022 23:36:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5651
Cache-Control: max-age=131360
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:08 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 12:05:28 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19550
Expires: Mon, 05 Dec 2022 05:01:58 GMT
Date: Sun, 04 Dec 2022 23:36:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 23:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 959
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: W11n0RqvOxQA+jiumMuSusJUwBVjQDUtQvd7VVfdUzife5oVUDRI5sMbiac1HZE26ITl2SbFb9E=
x-amz-request-id: 19TB2E05TJD9E7YW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 22:47:09 GMT
age: 2939
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:36:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 23:11:19 GMT
cache-control: public,max-age=3600
age: 1489
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.com/search/label/haftasonu%20ka%C3%A7ama%C4%9F%C4%B1?m=1
172.217.21.161301 Moved Permanently 227 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/haftasonu%20ka%C3%A7ama%C4%9F%C4%B1?m=1
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 535e36b0f604c10e253bc36bcf35cbab
6e0f6c0d565f851bd860ad7dae014ec195afe929
a0885b5850f0bdf478aed5c0d233e1f0e1202599b8f13ea7f83c16650e82391e
Analyzer Verdict Alert fortinet Malware
GET /search/label/haftasonu%20ka%C3%A7ama%C4%9F%C4%B1?m=1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/haftasonu%20ka%C3%A7ama%C4%9F%C4%B1?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 04 Dec 2022 23:36:08 GMT
Expires: Sun, 04 Dec 2022 23:36:08 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 227
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5629
Cache-Control: max-age=126272
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:08 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:40:40 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.70.68.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.68.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: woJr5kF/JuR8RTceqw+xqg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dnypPT40c4kSI7lON+jEL39GXHc=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Mon, 05 Dec 2022 01:26:50 GMT
Date: Sun, 04 Dec 2022 23:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Mon, 05 Dec 2022 01:26:50 GMT
Date: Sun, 04 Dec 2022 23:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Mon, 05 Dec 2022 01:26:50 GMT
Date: Sun, 04 Dec 2022 23:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Mon, 05 Dec 2022 01:26:50 GMT
Date: Sun, 04 Dec 2022 23:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Mon, 05 Dec 2022 01:26:50 GMT
Date: Sun, 04 Dec 2022 23:36:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b475d52dd164b9cc0efbecfd58282b6
973e77db7fb34c60e08719dc7196d865e8831cb2
3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pjwTv-Ry-1NHzZj6N-Mwul76sDeRSpLlVh7azqqqls44kH-mNhnggw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:59:53 GMT
age: 66977
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafdb4fe91795a9e16baebb085ccd818
f5ed5d03e6969f81349ad78fde0e71390a4ed391
f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 02:03:49 GMT
age: 77541
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2jx-M9MgKrJXU4yYsJzWqNXwruIGhFNWkD7GcPdqddnEzcNgFw2luw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:27:17 GMT
age: 72533
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9e228ec099cad3eea0fb1656da3536f
532cf52021a6cdb7b7963e9108b41590f58276fe
8e54f09dd66fdc35e5f54100cf6c56abf88cb7e724b08092e7ce82720d423135
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6236
x-amzn-requestid: 0215aac5-7c44-43b0-b2e9-baddeed42fe0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjiXEEXiIAMFqIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ae42d-5961705726e81a4e3b6a91c9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 05:52:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJp2wIEPM-swJMvp-n40xEtH1a7V8gi1ixzsxmuXoBG_UFglSeS-1g==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:21:31 GMT
age: 4479
etag: "532cf52021a6cdb7b7963e9108b41590f58276fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557fea28a0a540d2ffdadd828e03de0b
c314368e2e73dabf2c5d856e2c3e1fae610a3005
0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iT3IPDIK-qKf-y1_x7hZNSW-4GqKLNuX6U__8bY8eZP178PPnD0IeA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 5947
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb029b41d342a82250aef6d6f713be6e
cd754bb6094d2e456b95dce8daace45a0de8a121
c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8QEt6AHIT6gkW2X3RUuu1-K3lPlgjio-cckhiwppWK7vujPlBHrG7Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 18:59:33 GMT
age: 16597
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.73200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.73:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
content-type: text/css
age: 438497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5485
Cache-Control: max-age=118601
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Etag: "638c45c6-118"
Expires: Tue, 06 Dec 2022 08:32:51 GMT
Last-Modified: Sun, 04 Dec 2022 07:01:26 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-20442478-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 986bbc8526a95cd2c658a9ada2727098
cb207420d2a967bbeb11db11610da627b751b9b6
5d86baf6a5bf2b722defce3ba1766d369945cccd3739baac65748318c6e88a2d
GET /gtag/js?id=UA-20442478-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Sun, 04 Dec 2022 23:36:10 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1e5e51fbc58282a2410de240a13bac3d
03e7151c23e4ed5efc5a4415fc5dcb01f0d5e019
ad20d69cf3f84ec6bee56a570acbce60d0ade6bdf201397a1de2417fed11b3fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0cea1f27028c5221722ff5084de515a9
ab8d3ed2f944f6cf46d420d90dfad808018e6758
d54dd46f854e2086bd3d33d768c63d08f4ca85c9734f4bec6b74c2779255bee1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3624
Cache-Control: max-age=131820
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Etag: "638c80ae-117"
Expires: Tue, 06 Dec 2022 12:13:10 GMT
Last-Modified: Sun, 04 Dec 2022 11:12:46 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-19531429-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash fcee31b2cc7146df6331bdc02f48dc6a
0b6fb0e8590a2557ced27b4896d66a1a96818150
59456d10233b5c6ee05b143c866256994f11e04a26e416afd20871adacdda81b
GET /gtag/js?id=UA-19531429-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Sun, 04 Dec 2022 23:36:10 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Sun, 04 Dec 2022 23:36:10 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
142.250.74.65200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4484
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7fdb"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rollercoin.com/static/img/public_img/gen2/w160h600.gif
104.26.14.99200 OK 257 kB URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 104.26.14.99:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 257 kB (256868 bytes)
Hash 310de483225f5182ad7e10732d049749
47c20a51575f309719a5cc70fa770c29c3fea19b
5be1e183cfd4a31f6cf1973e887b6baaf9314e424c540f83497105535787b511
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:10 GMT
content-type: image/webp
content-length: 256868
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=323815
content-disposition: inline; filename="w160h600.webp"
etag: W/"4f0e7-18364eefb18"
last-modified: Thu, 22 Sep 2022 11:22:07 GMT
vary: Accept
x-powered-by: Express
cf-cache-status: HIT
age: 5181195
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLPdPSEVEbNkBGIlw8PFm2J8Pcva0Ct05e%2FGJ%2BFSTADgFf2qV1%2FyhastDZ5asR%2BEPgLLnu5EX%2FCcAQVeAQQcWLiF5efLeWyuargX5JNWg%2BjwtWkAYvOI%2BmGWaMr3T4qf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77485cd91983fab4-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5485
Cache-Control: max-age=118601
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Etag: "638c45c6-118"
Expires: Tue, 06 Dec 2022 08:32:51 GMT
Last-Modified: Sun, 04 Dec 2022 07:01:26 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
142.250.74.65200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 142.250.74.65:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6242
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7d8d"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.65200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 198baf3f7d853bc634b438561c189896
63640490c23c9d452cb566e3c8d9cb29cb9bef37
5edbbfadba784c3a27259984b189817862e146c0c550b6854bd6175be846aa41
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4527
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:00:17 GMT
expires: Tue, 28 Nov 2023 21:00:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 527753
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dusunmekvepaylasmak.blogspot.com/search/label/haftasonu%20ka%C3%A7ama%C4%9F%C4%B1?m=1
172.217.21.161200 OK 121 kB URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/haftasonu%20ka%C3%A7ama%C4%9F%C4%B1?m=1
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526)
Size 121 kB (120741 bytes)
Hash 1f2934fdb6a7db9b907b742bbafe4faa
6ae46b1a7c1652dbb8b888b22d3db2d5ded19f86
6b285f788c1f1090dea09c293450dd6590d10337b61c8804bc523695e251846d
Analyzer Verdict Alert fortinet Malware
GET /search/label/haftasonu%20ka%C3%A7ama%C4%9F%C4%B1?m=1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 04 Dec 2022 23:36:10 GMT
date: Sun, 04 Dec 2022 23:36:10 GMT
cache-control: private, max-age=0
last-modified: Tue, 29 Nov 2022 20:22:02 GMT
etag: W/"8ca8df289a2001deb99934e54cae67fa14d6127f41db94bab2f53714bb6870c1"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 120741
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-19531429-2&l=dataLayer&cx=c
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 14942290218dbac127c4fdb19b1b5f20
11234ae6fbae0524859cd4d8d8584889bba88798
804d5adf884506882e5a6112b5a5e7d8884ac9c44450411625ef642f05f06edb
GET /gtag/js?id=UA-19531429-2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Sun, 04 Dec 2022 23:36:10 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43587
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.106200 OK 982 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.106:0
Hash 80312920c5cd4a7ec9a80774351e82cf
cf1ffe6d60c169c109402e1a456e58dc9806603e
43a0c7dbd1e184f3a78f801dc9162c0ff6bb5b8bd592f78133584fc8aabf6ff0
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 23:36:10 GMT
date: Sun, 04 Dec 2022 23:36:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg
142.250.74.65200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 101cb2f6a85980b317ea2eb8293f8a8e
65646d427fdfe4e2cfd0663a211b8b9d3b98cb5c
2599d588436b93dbad44b9c1f222caa13b2d7db9fb81b3123b10543cb8a34fc8
GET /-capfoLN2DAs/YINZoH8ZnBI/AAAAAAAAIKI/eKWJJo3m_XUwYhnp6p1kjqg_772rg_VAQCLcBGAsYHQ/w72-h72-p-k-no-nu/B%25C4%25B0R%2BGAR%25C4%25B0P%2BA%25C5%259EK%2BH%25C4%25B0KAYES%25C4%25B0%2BNE%25C5%259EET%2BERTA%25C5%259E%2526LEYLA%2BERTA%25C5%259E.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20a3"
expires: Mon, 05 Dec 2022 23:36:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B_R GAR_P A_K H_KAYES_ NE_ET ERTA_&LEYLA ERTA_.jpg";filename*=UTF-8''B%C4%B0R%20GAR%C4%B0P%20A%C5%9EK%20H%C4%B0KAYES%C4%B0%20NE%C5%9EET%20ERTA%C5%9E%26LEYLA%20ERTA%C5%9E.jpg
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 2641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg
142.250.74.65200 OK 2.8 kB URL HTTP/2 1.bp.blogspot.com/-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d55d42497002238cef58073d9c761b05
4f9d7fb15fec1a928fb214ddc863962ae6f532a1
4bfb10d5a18713cb2911e63b1a36629868f87cea235bf04cffbcaee37508128e
GET /-ZVg1XeIgmog/UrBTsAIaBLI/AAAAAAAAIKM/1rW6JY_rops/w72-h72-p-k-no-nu/4+4+4+egitim-sistemi.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20a4"
expires: Mon, 05 Dec 2022 23:36:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4+4+4+egitim-sistemi.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 2786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
142.250.74.65200 OK 11 kB URL HTTP/2 1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
IP 142.250.74.65:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 279edb5b823b4f55f7c83479a93225e3
01356acda7ff0acedb0051e71745fee61d67f62c
3935368604f5e255ee391a2f871167446fce3ed81b1df1fc7474b8e9cd358f17
GET /-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sa_l_kl__ya_am_sa_l_kl__beslenme.png";filename*=UTF-8''sa%C4%9Fl%C4%B1kl%C4%B1_ya%C5%9Fam_sa%C4%9Fl%C4%B1kl%C4%B1_beslenme.png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 10679
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Wed, 30 Nov 2022 20:21:47 GMT
cache-control: public, max-age=86400, no-transform
etag: "v13776"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg
142.250.74.65200 OK 3.5 kB URL HTTP/2 1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8ab41d14c1aa09a171e6f7fb8890d5c6
a8b93b1d387d1fbd63c629e849c332cc2b5406be
ef0d3d17010f324ae57a2ae20015c0d728f58c905b70a5518effa04ff160c982
GET /-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="10_aralik_insan_haklari_gunu.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3454
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Wed, 30 Nov 2022 20:21:47 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1fe3"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
142.250.74.65200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1866a1eda8caaedee6e9021f426d9d21
050f44f27fb2164dd65c28a937a89d9f7aa87fd4
6fbe535d995be032754b848a23901cd0eea3d102e279f3cb3a0c881fa52eb4e7
GET /-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20fb"
expires: Mon, 05 Dec 2022 23:36:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 2591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (4885)
Hash 3b61608d0a5c47f0f227731a2108507a
342fdb377d0400756a9524ce98f3ae2e230c72e4
77d56de1d9f64c2051ef49d5bbe40d61899ba16a9571587590543db3060ace26
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Sun, 04 Dec 2022 23:36:10 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15188178042393771422
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.46200 OK 31 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.46:0
File type ASCII text, with very long lines (580)
Hash 8b7cd98004b5a619d5ae2c11f7e4f95f
1f4a7476084e64124984e742593655247f8e8774
4a8f8a092ac4f6cdfb825ee9f028c08ec0154732dfeea23d9beaac3aed75dc4f
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 31306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 17:38:34 GMT
expires: Mon, 04 Dec 2023 17:38:34 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 21456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
142.250.74.65200 OK 2.2 kB URL HTTP/2 2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3feda69b54a7382821cea05719fd60f7
38c4c734a116c904aef9b12dee521f2d231dd1da
bc791c45c72bbb86a69ba1d4463e82b7cde6cb1f849606740e9ab1f8743c09ec
GET /-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="turkcell_vinn_3g_modem_ayarlari.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2162
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
104.18.10.207200 OK 27 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (28596)
Hash 499201bad159f8d097f525bd6a838dd5
890ad3766f6c7826bd2de4c02dfd78627878ecd8
594c789b1d91bdda18db13365cee133d5fb3635b7674247841d4a25c1f2ad985
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-03-10 20:26:25
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 9f906bfe8a0a96b9156c7a4ed4664168
cdn-cache: HIT
cf-cache-status: HIT
age: 19507759
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77485cd8d9f10b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg
142.250.74.65200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1122177369c440f76d151b7a4edfa980
44eaed05623ad05aff05e00c3d9b2a5ff4a8335d
373a198f79ff7304371ba901dacb92918e05808978932388a2e727fcc6e70617
GET /-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1fe3"
expires: Mon, 05 Dec 2022 23:36:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10_aralik_insan_haklari_gunu.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 3365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116406 bytes)
Hash 722e21e12eaa431752dfae3577fe0619
cdf8ee4381284ad6b6081663ae6ee322998e1b35
998242560562ed6542b378745338b65d06b0001ee9c4c9bb843166524bd4c407
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116406
date: Sun, 04 Dec 2022 23:36:10 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
2.bp.blogspot.com/-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png
142.250.74.65200 OK 9.5 kB URL HTTP/2 2.bp.blogspot.com/-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png
IP 142.250.74.65:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 305d8fe3e2814664363d50f38c6f1453
aab5de26887140b7f27847196bfcc9aae7a7d7c2
cec8134471a879005b14d26803e313bbbcb5e0ab2c2e5af693604ef142980c0d
GET /-b_ZayJi_MU0/WKoOrsFiSxI/AAAAAAAAeO0/Jk-YlSPl5H49R022xSiqce1qnmKk3ljIgCLcB/s72-c/facebook_arkadas_gizliligi_duzenleme.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v78ef"
expires: Mon, 05 Dec 2022 23:36:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="facebook_arkadas_gizliligi_duzenleme.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 9459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
142.250.74.65200 OK 3.9 kB URL HTTP/2 1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f91fb184622c776de69f08e56b12601c
5800b6197cc43faa89c793e1aafe440e1da702d0
9056fe9741c4a058dc1111aac665ca879e406cdf4b44ac0f4fd64ebb7912202d
GET /-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Mon, 05 Dec 2022 23:36:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 3855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
142.250.74.65200 OK 4.1 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6d50be519c80191ee9043c30938eb53c
5c764bc1ae85cca9936117ea0ec1ca7de8989a28
58c82626ef5bbae4f1cbc39e7df75682d1d9c678cf2a2d0e4b280779d5b5089c
GET /_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v96"
expires: Mon, 05 Dec 2022 23:36:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kosgeb.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 4100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg
142.250.74.65200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 875a5eb0b263a336d4dba17b36b67d98
4eedf6bb827cf2cfba70af9f579b7a39b6cd8581
b08d7462edc4af114d3250b105b4689fbc3bd36c687fb6149df5da0a8341d285
GET /_FfC0Fw3HxcE/TRo33GUkBRI/AAAAAAAAAHo/gnp8VLgEBf0/s72-c/sigara-yasagi-bulent-duzgit.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigara-yasagi-bulent-duzgit.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3364
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Wed, 30 Nov 2022 20:21:47 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7a"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.65200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 85d832115b9dab07ebb58a2c7a42d25b
77b4c1ee9e67c8a915b8629376aa07d95e1052ff
4821081ed8a16ebe7abcad687dc6ebe6baa3e46461980aee72897c738815c82a
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/s72-c/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4521
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/w72-h72-p-k-no-nu/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
142.250.74.65200 OK 3.3 kB URL HTTP/2 4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/w72-h72-p-k-no-nu/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1fb88aedadc72caa56cd793eabc62623
e8c2207b0aba853a5725322cd577174749c75dd6
311782b56080c358de1925a2c19e8154ce31a4b33d55b8c3c05032de16603409
GET /-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/w72-h72-p-k-no-nu/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1e5"
expires: Mon, 05 Dec 2022 23:36:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 3262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1
104.18.10.207200 OK 71 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 70728, version 4.393\012- data
Hash 926c93d201fe51c8f351e858468980c3
977357f82830f57fbdac2492dd421e5dcce44a1a
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
GET /font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:10 GMT
content-type: font/woff2
content-length: 70728
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "926c93d201fe51c8f351e858468980c3"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/25/2022 04:42:02
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f44a837d0cb5a6153c7f1e321d659dfb
cdn-cache: HIT
cf-cache-status: HIT
age: 485292
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77485cdbceb2b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
142.250.74.65200 OK 3.3 kB URL HTTP/2 4.bp.blogspot.com/-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 224d3ec59a39b8cdd2d4c077d110c666
74bfa0bc3bbd7d8928b4b92eed15d3fec387dc96
8e58417455611270809624f5418459976924a39b03d7b3cc7e34f2408d5a45aa
GET /-bFZ2VZE22V0/Tis_QtOxbPI/AAAAAAAAAeU/J3hNDLWPsV8/s72-c/sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sigaranin_zararlari-sigara-cigara-sigaranin_faydalari.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3254
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1e5"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
142.250.74.65200 OK 2.5 kB URL HTTP/2 4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 56135157d216e4eec2eb28a4eeb1fbb9
ef67d140c4ecf6ac7f339eb3e5d45fabe21b2e9b
2e1a2083a1acc23a31793d7a9a35810e6c44c8112a413dee00c0c2848c02b751
GET /-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/s72-c/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kopek_memesi_Hidradenitis_s_pp_rativa.jpg";filename*=UTF-8''kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2545
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Thu, 01 Dec 2022 11:12:38 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png
142.250.74.65404 Not Found 1.7 kB URL HTTP/2 4.bp.blogspot.com/-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png
IP 142.250.74.65:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
GET /-t6PUd9SQc58/TxXyNwiALKI/AAAAAAAACZM/h4Py-D4D_6E/w72-h72-p-k-no-nu/ilk_telefon_kulubesi.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:10 GMT
server: fife
content-length: 1742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
142.250.74.130200 OK 119 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.130:0
File type ASCII text, with very long lines (6148)
Size 119 kB (119174 bytes)
Hash bf83137a9d07bfdf14a1ccd4fc756f03
c425f634319da7dd968de290821cb3d077b8d43a
5acabe009ea0c2e4f5b2143ab7cd3a5782030a4888621e00330ed769c186c4df
GET /pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 04 Dec 2022 23:36:10 GMT
expires: Sun, 04 Dec 2022 23:36:10 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15408932193792040891
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
216.58.207.227200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:43:30 GMT
expires: Wed, 29 Nov 2023 15:43:30 GMT
cache-control: public, max-age=31536000
age: 460360
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:42:14 GMT
expires: Thu, 30 Nov 2023 20:42:14 GMT
cache-control: public, max-age=31536000
age: 356036
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
216.58.207.227200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:45:39 GMT
expires: Thu, 30 Nov 2023 19:45:39 GMT
cache-control: public, max-age=31536000
age: 359431
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 299209
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 360440
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 360440
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:22:03 GMT
expires: Sun, 18 Dec 2022 15:22:03 GMT
cache-control: public, max-age=1209600
age: 29647
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 265687
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 284127
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cb439dd80ba82164b879c340b9778147
2bbd26b48daa0b8d2a190f7e8857c716dea279ca
3ab3afbcebe7c744b6446fbb471bda45722313cae36b3020e152e75425a3f760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a2365b2356f35547e7a8a0eeac1a5e71
f070192cf1ad964c90dd00bdf6b04fa598618d61
50415514239bdc4345cb6f75e5aba42fe0f093aaf21de22276aaeceab84c0450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 04 Dec 2022 23:36:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1
216.58.207.226200 OK 253 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 0d58acdaba5422d09d03f141a9e9f9af
647ff5c076a07c28e896ac7ef060136c104b6faf
9966087b064cdbfee4b8d0409d2a53df7e6e2293ecb1e4fee5a50befd6518858
GET /gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 04 Dec 2022 23:36:11 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 04 Dec 2022 23:36:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a2365b2356f35547e7a8a0eeac1a5e71
f070192cf1ad964c90dd00bdf6b04fa598618d61
50415514239bdc4345cb6f75e5aba42fe0f093aaf21de22276aaeceab84c0450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 7f764c4680827337635bad6e4c83a0fc
e985917107b9bdd30cfe2c887a456ba4413b6315
0781e2103f3efe13a1dda9e5dc38c5df2915b247a6f4972ba5b5c43f5c5d60b9
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:36:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Dec 2022 23:36:10 GMT
ETag: "e985917107b9bdd30cfe2c887a456ba4413b6315"
Last-Modified: Sun, 04 Dec 2022 23:36:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77485cdb5e961bfa-OSL
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 04 Dec 2022 23:36:11 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 3
Date: Sun, 04 Dec 2022 23:36:09 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 7f764c4680827337635bad6e4c83a0fc
e985917107b9bdd30cfe2c887a456ba4413b6315
0781e2103f3efe13a1dda9e5dc38c5df2915b247a6f4972ba5b5c43f5c5d60b9
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:36:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Dec 2022 23:36:10 GMT
ETag: "e985917107b9bdd30cfe2c887a456ba4413b6315"
Last-Modified: Sun, 04 Dec 2022 23:36:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77485cdc1c860b39-OSL
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=68508867.1670196968&jid=320540993&gjid=1428625463&_gid=1813307330.1670196968&_u=YEBAAUACQAAAACAAI~&z=1627764888
108.177.14.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=68508867.1670196968&jid=320540993&gjid=1428625463&_gid=1813307330.1670196968&_u=YEBAAUACQAAAACAAI~&z=1627764888
IP 108.177.14.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-20442478-1&cid=68508867.1670196968&jid=320540993&gjid=1428625463&_gid=1813307330.1670196968&_u=YEBAAUACQAAAACAAI~&z=1627764888 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 23:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=ao2d3b4emhlvqpe1lllnymgm; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Tue, 06-Dec-2022 00:36:09 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Sun, 04 Dec 2022 23:36:09 GMT
Content-Length: 318
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 3
Date: Sun, 04 Dec 2022 23:36:09 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=55774
date: Sun, 04 Dec 2022 23:36:11 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:04 GMT
expires: Sun, 04 Dec 2022 23:51:04 GMT
cache-control: public, max-age=900
age: 8
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
83.66.162.128200 OK 4.5 kB URL HTTP/1.1 widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (19781), with no line terminators
Hash d917d10a568917376ce065e84ebc04c0
eb368dc21cb28adcf22ce221b590729598658d2c
4f45f209d3645945394cdb1866967a741b66258f65d42fb7dc0b163a4a1d39ec
GET //content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01 HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 8506149
Date: Sun, 28 Aug 2022 12:46:44 GMT
Expires: Thu, 22 Dec 2022 23:31:43 GMT
Cache-Control: public
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Last-Modified: Wed, 22 Dec 2021 23:31:43 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 4521
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7889b2bc6f932635fcaa5092a121abfd
cc1ed134e94daf140a77f71b8da33fefd495595e
c948939c415ef40a400e2be440171a10f55c821003fc4f5b67a2de73e00b5688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 13dc85b9faf49e6a9bf32608b0fcf56d
2ded5a6b67364d3f7875ce1598683ac2c97937d0
7924016b948a369b3a0bcb336f32dd8f10b14893ba1d9437c4fc171190eb5899
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 13dc85b9faf49e6a9bf32608b0fcf56d
2ded5a6b67364d3f7875ce1598683ac2c97937d0
7924016b948a369b3a0bcb336f32dd8f10b14893ba1d9437c4fc171190eb5899
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
216.58.211.1200 OK 29 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
IP 216.58.211.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58626)
Hash 4533f01950ee4127fde9f48c9078e344
cf98dd72eb6b5c2d59d0a63d639f6f23aec8c4bb
85850d91fb15b9421c2ea0310832deab6c6edda9ed09d219c8fb63a3ec1d8320
GET /pagead/js/r20221110/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Sun, 04 Dec 2022 05:12:16 GMT
expires: Sun, 18 Dec 2022 05:12:16 GMT
cache-control: public, max-age=1209600
age: 66236
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
216.58.211.1200 OK 738 B URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (689)
Hash 967ef6a57e8b77199566733e307ed863
2a53e944b3e713cc785dcd64c8a1c114082c7caf
a16bd3409e52b93408e8ca34af1f6c0bf03ad36d44979db141c777ba0f1199e1
GET /pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 738
x-xss-protection: 0
date: Sun, 04 Dec 2022 05:12:16 GMT
expires: Sun, 18 Dec 2022 05:12:16 GMT
cache-control: public, max-age=1209600
age: 66236
etag: 1394486882873449110
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 9.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1596)
Hash 6b277303de172776fc303dfc195982ef
fe6c6af5791742485ae21c4dc02edbee2b426886
c536ada7aa8f4679e0e4f0b99703aab79f6fe32659d777f9c01a7785aa06a36d
GET /pagead/js/r20221110/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9428
x-xss-protection: 0
date: Sun, 04 Dec 2022 05:12:02 GMT
expires: Sun, 18 Dec 2022 05:12:02 GMT
cache-control: public, max-age=1209600
age: 66250
etag: 246362764157784863
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 55759f9da35e8f555f96f540a1787599
a3dc90a985c5e965c3b26a51b21f68ae18c0ed47
ee18ea4f9915524effa02d027d8c64a9c2a92ea31a6fa4df9032d5dcec7a30f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4717
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Last-Modified: Sun, 04 Dec 2022 22:17:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 55759f9da35e8f555f96f540a1787599
a3dc90a985c5e965c3b26a51b21f68ae18c0ed47
ee18ea4f9915524effa02d027d8c64a9c2a92ea31a6fa4df9032d5dcec7a30f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4717
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Last-Modified: Sun, 04 Dec 2022 22:17:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Sun, 04 Dec 2022 05:12:02 GMT
expires: Sun, 18 Dec 2022 05:12:02 GMT
cache-control: public, max-age=1209600
age: 66250
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019
142.250.74.35200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (2317)
Hash 672af10ab698efba2355841bfd81329b
9645421a0c97b3ef7807935fc347d89f1787d28f
0e4e6eeffa4bd3b79591b67255e83d1c6952fb98f269d7024609ae491f26fc1b
GET /mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4197
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 00:52:01 GMT
expires: Mon, 27 Feb 2023 00:52:01 GMT
cache-control: public, max-age=7776000
age: 513851
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/c42ecac5b0a5717c99bf1e3a0e3a76fe.js?tag=exit_2019
142.250.74.35200 OK 9.5 kB URL HTTP/2 www.gstatic.com/mysidia/c42ecac5b0a5717c99bf1e3a0e3a76fe.js?tag=exit_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (1740)
Hash 0f62398e9b59fd7a21041a38fbd353d7
966a7cfb8628ba45b2385db484194813acc1c078
3ed29b22b28206ebd7ee81ed3e4ee0fa01220682237996d36bfcaa056b9df03b
GET /mysidia/c42ecac5b0a5717c99bf1e3a0e3a76fe.js?tag=exit_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 9519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 01:51:54 GMT
expires: Mon, 27 Feb 2023 01:51:54 GMT
cache-control: public, max-age=7776000
age: 510258
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 04 Dec 2022 23:36:12 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36143)
Hash a08dfd96c563f96f7d11b4858aecfa13
d9abee2c38b89d3dea85e76bb741bb8f4f993d49
fedde263fa3b4116029d93d0250f5eab845964d5fcf24e40ffbcd9bf292a0db4
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 06:09:06 GMT
expires: Thu, 30 Nov 2023 06:09:06 GMT
cache-control: public, max-age=31536000
age: 408426
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 67e4709c84acec8eddbeb11d56e7d0fd
32a14eeba023499cda0d49fd785ac7626f4a5582
8953090ad9df36f81c3393cc6c67c87b6ad521b8806c7ea004e0b4354b9e1c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 45c222f17353dab7e30940a423ce4548
41bd834281cd99685d0e23cb52f30e94b7fc48cc
6f2431046b0a18ee8a0d8a608b9ca2acfd3c19b75bdc79bfff00aaa7f514cf03
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 04 Dec 2022 23:36:12 GMT
server: ESF
cache-control: private
content-length: 30852
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0c244629557856f731df6a3141c94929
965c50534cf2ad34cf0c9b85fc3dbaf90375489c
5155092a96a313754ed2332d9e9deb225fd276fe3b9952ddb94cc4ab9a017735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.65200 OK 4.6 kB URL HTTP/2 yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 7f0d8c8d9cbb88ed7c0dc10ee1a2b0ae
830e3dfe396cc6bc3a448d0ed13e4f1d25fdef58
0f8e403418f768e45267ca0edb3223d1a3c5e1dec070040b6399c0a89773cbf4
GET /vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4552
x-xss-protection: 0
date: Sun, 04 Dec 2022 21:40:21 GMT
expires: Wed, 30 Nov 2022 20:15:49 GMT
cache-control: public, max-age=86400, no-transform
age: 6951
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
216.58.211.22200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 216.58.211.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 23:36:12 GMT
expires: Mon, 05 Dec 2022 01:36:12 GMT
cache-control: public, max-age=7200
etag: "1668598177"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a/default-user=s45-c
216.58.207.225200 OK 316 B URL HTTP/2 lh3.googleusercontent.com/a/default-user=s45-c
IP 216.58.207.225:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 9fae1841320a0eaa434a022513f60859
245fac7a1ba86adda5bf5571babef7d5280672a4
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
GET /a/default-user=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 316
x-xss-protection: 0
date: Sun, 04 Dec 2022 20:03:03 GMT
expires: Wed, 23 Nov 2022 11:56:17 GMT
cache-control: public, max-age=86400, no-transform
age: 12789
etag: "v0"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c
216.58.207.225200 OK 677 B URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c
IP 216.58.207.225:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 80127b2ef0ff1a4d1172873896063ca1
89c3255969cda140c45f927fc5f2d0364df9b6e1
9435c16195af2f0b99e230108154228b63661029b39d6857f1aba97ca30e6a59
GET /a-/ACNPEu_qS3Bs9TC10RgJYQoydMVCGuNIIG9en_hE0TGW4Q=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 05 Dec 2022 23:36:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:12 GMT
server: fife
content-length: 677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
216.58.207.225200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE
IP 216.58.207.225:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 67e8fed9092e88476cbeefc66a6cb069
ba8b0844a20242784ffb79ea9a7c367f8986e2e3
a376ed35f3eb2e1fc3e699a5d0748c47ed27a53dcf1565d7e4238a38137795b7
GET /p/AF1QipPwBUCzx41OkpeXl27kAkL5klA9ciu2cwt5iglj=s45-c?key=CI6u2rzss7PajQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v17f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:12 GMT
server: fife
content-length: 3831
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
216.58.207.225200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE
IP 216.58.207.225:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 381e323dcc3c52d299f378cca24308c4
b3c153fe7a7f36ffea3888717dfddbb49d1d6db7
71f66f8405cfb78d7cee560d8f609e451ce1cb453b5b8a337e0045c559a5867f
GET /p/AF1QipN-0aAPNxsNBR1eDrY9zoL_GFn_a8WZTMxc8Z32=s45-c?key=CIu7lKDyiKrDiQE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6dad"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 23:36:12 GMT
server: fife
content-length: 4723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0346d7fd06e31723aa4d91b652637808
13791c6b65cf8dbd68515e18eda658c41148855c
1fb355bd160bac617153c0a5a0a25807ce1fee3779a2a49c1c2fea23b1373680
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5254
Cache-Control: max-age=134910
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Etag: "638c8664-139"
Expires: Tue, 06 Dec 2022 13:04:42 GMT
Last-Modified: Sun, 04 Dec 2022 11:37:08 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d1f33dd107e66ab22168618bc5b7614c
0d4ac80691c09ef344f806c42c307dcd48eb2fd4
a0ec42a5d446599e66565a3620547e2e9171a08de4839f481a221372130212a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4633
Cache-Control: max-age=118446
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Etag: "638c4881-13a"
Expires: Tue, 06 Dec 2022 08:30:18 GMT
Last-Modified: Sun, 04 Dec 2022 07:13:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d1f33dd107e66ab22168618bc5b7614c
0d4ac80691c09ef344f806c42c307dcd48eb2fd4
a0ec42a5d446599e66565a3620547e2e9171a08de4839f481a221372130212a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4649
Cache-Control: max-age=118462
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Etag: "638c4881-13a"
Expires: Tue, 06 Dec 2022 08:30:34 GMT
Last-Modified: Sun, 04 Dec 2022 07:13:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d1f33dd107e66ab22168618bc5b7614c
0d4ac80691c09ef344f806c42c307dcd48eb2fd4
a0ec42a5d446599e66565a3620547e2e9171a08de4839f481a221372130212a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4633
Cache-Control: max-age=118446
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Etag: "638c4881-13a"
Expires: Tue, 06 Dec 2022 08:30:18 GMT
Last-Modified: Sun, 04 Dec 2022 07:13:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d1f33dd107e66ab22168618bc5b7614c
0d4ac80691c09ef344f806c42c307dcd48eb2fd4
a0ec42a5d446599e66565a3620547e2e9171a08de4839f481a221372130212a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3484
Cache-Control: max-age=117297
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:12 GMT
Etag: "638c4881-13a"
Expires: Tue, 06 Dec 2022 08:11:09 GMT
Last-Modified: Sun, 04 Dec 2022 07:13:05 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEOoujWMyKu1wHBe3_9we9wASAAA&wp=Y40u6wAEEF8KewdyAA2KdKjR1uuyrIiZChp6XQ
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEOoujWMyKu1wHBe3_9we9wASAAA&wp=Y40u6wAEEF8KewdyAA2KdKjR1uuyrIiZChp6XQ
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPTpDbOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEOoujWMyKu1wHBe3_9we9wASAAA&wp=Y40u6wAEEF8KewdyAA2KdKjR1uuyrIiZChp6XQ HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 276983
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbWzWQAAnYNiAgIAAAC_oV1-pfcQ9BDqLo1jAOl_UJJ82wZa51YAEgMB&wp=Y40u6wAEOX0KGKgKAAbJ1PJbgrXZpmgPevmMvw
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPTpDbWzWQAAnYNiAgIAAAC_oV1-pfcQ9BDqLo1jAOl_UJJ82wZa51YAEgMB&wp=Y40u6wAEOX0KGKgKAAbJ1PJbgrXZpmgPevmMvw
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kPTpDbWzWQAAnYNiAgIAAAC_oV1-pfcQ9BDqLo1jAOl_UJJ82wZa51YAEgMB&wp=Y40u6wAEOX0KGKgKAAbJ1PJbgrXZpmgPevmMvw HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 277296
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y40u6wAEVpUDogomAAOrI7NBju1Q8xlnqMr-fQ&u=%7CxCItIx9T4vVMTq8IRSzKk5ARNkUsyP8rUVBeSTEuiW8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYo_N4ow7Uxjo7-iE2opnbfbSdMG5oQfgAupLT4hh505lV2vv6T0IIJY11ONmYHEZWvFMLo0NWU1lMFrDWh0ImBYA5Q2rg4DWtRrES1SM4f4HthY8lbxwrac6R2xGPBQNsKIvcGuOv6ZTMu-sZ_dEfaiNYygCd_3HG1VuL3nupZUNuLo_t1VQwnzZGS9qqcne0hHmLG0Om2gVkS8kTJVP24ZWDpqqTsY_65-AYvoBmOIsf7eiAj55c5N28WM299TDDu3UK9zXy-TySwt-hpbf0uONC1kPRPvDMwaq3y8ycllEegnyaj0lu4fkWent8rx-CQfP2grteeRNtY1lmjBa-vpnaTXPDBESpDI3k-s-DHwT9JjDz12Bhu9I9fMGKdfaV8iw1oRsK06J8vwu0pGn1kUmFuHcuW-ELuSkXdef3DQltgZfiNP7SX-GI2azYT5YJ1pTpPAiWM4t0YLBHCi0res2pZDYtVSKay_Ef8Xp3GxJAhGDmmL0_e054RTG5xDdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk_X_6y6NY5WtEaaUiM0Po9aOiAzJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAkS_tBqXrLE-qAMBqgSkAk_Q-mMWL_e_0aYcJSk6Aa1DkLwfLXSBvj0g8B1KlOpoqukHt0kzrCfI_jLF7R2trYqG7z5-popTLM0gB8MmSySndZlwKFBDifTFcaoM1M0lQe_ZJDFizgOg46-A-HYZeMFQqtiOH4FHq2EzerFEc9lqAjxICbSxIm_B35pk6PKq1ymV5qKZsVn1iyylRPK_-yIfZ51XTR_rJqUvboZ-V0-D5mAHiP3lsyWby768tdBNsqlfPOytlaozFYlyoDoV78Tx8EK3AVtKD-9YNNivkVMwURr9sf8VYC7DBlvIAhx8XVwYlbiIwNSRO8zb379QyhWk6j01vxEi85vIn_MyZk5Xl1f15ZgrkFF6QnjLWqERJTu-adRyQ-GiFf_gHghx_jaMpM-ABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GlavCldlHKThE2J8Y80YmQm8lyQ%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 50 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y40u6wAEVpUDogomAAOrI7NBju1Q8xlnqMr-fQ&u=%7CxCItIx9T4vVMTq8IRSzKk5ARNkUsyP8rUVBeSTEuiW8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYo_N4ow7Uxjo7-iE2opnbfbSdMG5oQfgAupLT4hh505lV2vv6T0IIJY11ONmYHEZWvFMLo0NWU1lMFrDWh0ImBYA5Q2rg4DWtRrES1SM4f4HthY8lbxwrac6R2xGPBQNsKIvcGuOv6ZTMu-sZ_dEfaiNYygCd_3HG1VuL3nupZUNuLo_t1VQwnzZGS9qqcne0hHmLG0Om2gVkS8kTJVP24ZWDpqqTsY_65-AYvoBmOIsf7eiAj55c5N28WM299TDDu3UK9zXy-TySwt-hpbf0uONC1kPRPvDMwaq3y8ycllEegnyaj0lu4fkWent8rx-CQfP2grteeRNtY1lmjBa-vpnaTXPDBESpDI3k-s-DHwT9JjDz12Bhu9I9fMGKdfaV8iw1oRsK06J8vwu0pGn1kUmFuHcuW-ELuSkXdef3DQltgZfiNP7SX-GI2azYT5YJ1pTpPAiWM4t0YLBHCi0res2pZDYtVSKay_Ef8Xp3GxJAhGDmmL0_e054RTG5xDdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk_X_6y6NY5WtEaaUiM0Po9aOiAzJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAkS_tBqXrLE-qAMBqgSkAk_Q-mMWL_e_0aYcJSk6Aa1DkLwfLXSBvj0g8B1KlOpoqukHt0kzrCfI_jLF7R2trYqG7z5-popTLM0gB8MmSySndZlwKFBDifTFcaoM1M0lQe_ZJDFizgOg46-A-HYZeMFQqtiOH4FHq2EzerFEc9lqAjxICbSxIm_B35pk6PKq1ymV5qKZsVn1iyylRPK_-yIfZ51XTR_rJqUvboZ-V0-D5mAHiP3lsyWby768tdBNsqlfPOytlaozFYlyoDoV78Tx8EK3AVtKD-9YNNivkVMwURr9sf8VYC7DBlvIAhx8XVwYlbiIwNSRO8zb379QyhWk6j01vxEi85vIn_MyZk5Xl1f15ZgrkFF6QnjLWqERJTu-adRyQ-GiFf_gHghx_jaMpM-ABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GlavCldlHKThE2J8Y80YmQm8lyQ%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14733), with CRLF, LF line terminators
Hash 388f376d7fba0ac7eee8297690f479c3
ecac143172674466feb6143dbb0a920d81110276
97ac3d8d7d28f15011265798491db3cdceb8e44f23eb39213891e235d29c8f4c
GET /delivery/r/afr.php?z=Y40u6wAEVpUDogomAAOrI7NBju1Q8xlnqMr-fQ&u=%7CxCItIx9T4vVMTq8IRSzKk5ARNkUsyP8rUVBeSTEuiW8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XYo_N4ow7Uxjo7-iE2opnbfbSdMG5oQfgAupLT4hh505lV2vv6T0IIJY11ONmYHEZWvFMLo0NWU1lMFrDWh0ImBYA5Q2rg4DWtRrES1SM4f4HthY8lbxwrac6R2xGPBQNsKIvcGuOv6ZTMu-sZ_dEfaiNYygCd_3HG1VuL3nupZUNuLo_t1VQwnzZGS9qqcne0hHmLG0Om2gVkS8kTJVP24ZWDpqqTsY_65-AYvoBmOIsf7eiAj55c5N28WM299TDDu3UK9zXy-TySwt-hpbf0uONC1kPRPvDMwaq3y8ycllEegnyaj0lu4fkWent8rx-CQfP2grteeRNtY1lmjBa-vpnaTXPDBESpDI3k-s-DHwT9JjDz12Bhu9I9fMGKdfaV8iw1oRsK06J8vwu0pGn1kUmFuHcuW-ELuSkXdef3DQltgZfiNP7SX-GI2azYT5YJ1pTpPAiWM4t0YLBHCi0res2pZDYtVSKay_Ef8Xp3GxJAhGDmmL0_e054RTG5xDdQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk_X_6y6NY5WtEaaUiM0Po9aOiAzJntKxXNWdkfdwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAkS_tBqXrLE-qAMBqgSkAk_Q-mMWL_e_0aYcJSk6Aa1DkLwfLXSBvj0g8B1KlOpoqukHt0kzrCfI_jLF7R2trYqG7z5-popTLM0gB8MmSySndZlwKFBDifTFcaoM1M0lQe_ZJDFizgOg46-A-HYZeMFQqtiOH4FHq2EzerFEc9lqAjxICbSxIm_B35pk6PKq1ymV5qKZsVn1iyylRPK_-yIfZ51XTR_rJqUvboZ-V0-D5mAHiP3lsyWby768tdBNsqlfPOytlaozFYlyoDoV78Tx8EK3AVtKD-9YNNivkVMwURr9sf8VYC7DBlvIAhx8XVwYlbiIwNSRO8zb379QyhWk6j01vxEi85vIn_MyZk5Xl1f15ZgrkFF6QnjLWqERJTu-adRyQ-GiFf_gHghx_jaMpM-ABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GlavCldlHKThE2J8Y80YmQm8lyQ%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:11 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Z5hDZqw_hvZvKFTaq3hzcEEtXoCXl4rcDppm39qTq5Z65yLdXxROPAA9iAe53FEKUGZDOxHPeim_p_PhgUeCb5GOS3Y7LG4NM14-Mt7hGGDmZ8qXrxZZXAX-OyYrBSIYcE-idGrjZ_b6Zt9YC-Ned-uMbOWmscXdsq5VztCPOfNMg1Keas7WqyqcST-ncR-iNBsIOP4TuWMcZFumKfeZD9On-K_BLXwMZHFmX3ifMO5LRrBBcDjnk2vK5nBO0J3pM2b4nQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 47999127
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
104.17.24.14200 OK 4.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (2171)
Hash 44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 277685
expires: Fri, 24 Nov 2023 23:36:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pr5Xrrsu%2BVOKVvs7mlqWqSuK6z%2F3DdIE77ISvXM%2FXEqY%2FQex%2BGGnQ8%2FyJw4q%2FuHvsYCUHWef6uXYSR7qh9Y2lg5tuPvT146Cuytsyj74JH81K7Tvxxht%2BKL9uGAsLsOYoCs6%2Bki"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77485ce98a8eb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLed-Lenser%2Fled_lenser_h19r_core_1.jpg&ups=1&v=3&w=800&s=kYC3zukmuaE7nVXbFew1WnI3
178.250.2.135200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLed-Lenser%2Fled_lenser_h19r_core_1.jpg&ups=1&v=3&w=800&s=kYC3zukmuaE7nVXbFew1WnI3
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x593, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash deb631945ecc22642e927b1691f4da2a
b69fb40d850c25006f8cc5002cd520f0dc36ce48
c59b651c18fcd7a2f7efee4304f4608ea0cd2a1cf29fdb4ecf4dab767d77498f
GET /img/img?c=3&cq=256&h=800&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fimages%2Ftaskulamput%2Ftuotekuvat%2FLed-Lenser%2Fled_lenser_h19r_core_1.jpg&ups=1&v=3&w=800&s=kYC3zukmuaE7nVXbFew1WnI3 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=100
expires: Sun, 04 Dec 2022 23:37:53 GMT
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20448
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5513
Cache-Control: max-age=171539
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:13 GMT
Etag: "638d1477-13a"
Expires: Tue, 06 Dec 2022 23:15:12 GMT
Last-Modified: Sun, 04 Dec 2022 21:43:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5512
Cache-Control: max-age=171538
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:13 GMT
Etag: "638d1477-13a"
Expires: Tue, 06 Dec 2022 23:15:11 GMT
Last-Modified: Sun, 04 Dec 2022 21:43:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400
178.250.2.135200 OK 44 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8ff08c075236ba4e925d1faf40802e8
3d431faaea572b190081a95caa024ccf30441bc3
fb8c3d12c4bbeef1c1e5ba9b9bdd31d8b2f9de9a51e4449b140eec52ea6266bb
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=27277
expires: Mon, 05 Dec 2022 07:10:51 GMT
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 44252
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=104&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=596&s=0ZzhlqmcQ3jQ508ODbzA02IA
178.250.2.135200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=104&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=596&s=0ZzhlqmcQ3jQ508ODbzA02IA
IP 178.250.2.135:0
File type PNG image data, 415 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash e9b0fd59da29f2602796f49b90db422f
ea6484f5cf21f1bb301e9c98b1fd22f22f786bee
4ebe73165f0a173af9aaf37d37dd09ceee42cc06dadad2d10c564e3c39558128
GET /img/img?h=104&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2Fa21d783007334b99b7401f1425c637a2_horizontal_gray.png&v=3&w=596&s=0ZzhlqmcQ3jQ508ODbzA02IA HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30434898
expires: Wed, 22 Nov 2023 05:44:32 GMT
date: Sun, 04 Dec 2022 23:36:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14495
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5510
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:13 GMT
Etag: "638bc2f5-138"
Last-Modified: Sun, 04 Dec 2022 22:04:23 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5513
Cache-Control: max-age=171539
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:13 GMT
Etag: "638d1477-13a"
Expires: Tue, 06 Dec 2022 23:15:12 GMT
Last-Modified: Sun, 04 Dec 2022 21:43:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7d6fc12b56a98cf23a1ffc768497aea2
9c4b8f5a3332d37a08a9cc0aaa73e13318fbadba
f793f10b9b4276c9b38dc2752938f50937208e94b7f9d76e180003e80d9d6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5512
Cache-Control: max-age=171538
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:13 GMT
Etag: "638d1477-13a"
Expires: Tue, 06 Dec 2022 23:15:11 GMT
Last-Modified: Sun, 04 Dec 2022 21:43:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A44d88a01-9af6-4c33-9951-c8fde1e3a182%2FSOL_Port_Cambrils_1SQUARE_800X800.jpg&v=3&w=800&s=r4fB-xY0SRp4XfKUh1vw-XwF&b=400
178.250.2.135200 OK 27 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A44d88a01-9af6-4c33-9951-c8fde1e3a182%2FSOL_Port_Cambrils_1SQUARE_800X800.jpg&v=3&w=800&s=r4fB-xY0SRp4XfKUh1vw-XwF&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bf38564390ff307890d813a3cf6ce622
5bf96c8ca5e6c2cb0f3e981fd33ee1913c5362d9
6c3797b62aa1946a19d952b4ce7083b8e1b39fc7455ba884dec5daa25f7eae22
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A44d88a01-9af6-4c33-9951-c8fde1e3a182%2FSOL_Port_Cambrils_1SQUARE_800X800.jpg&v=3&w=800&s=r4fB-xY0SRp4XfKUh1vw-XwF&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31062
expires: Mon, 05 Dec 2022 08:13:55 GMT
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 27186
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA
178.250.2.135200 OK 82 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e6a8f452c86c3953f54669bc0bab438e
9fe6177189a16fcd76c9e02342bfa3f9de1a771e
18c2ee2b697f9911e87437615c49a15b1857aa747fb3d2479b20960ea32b0037
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=40149
expires: Mon, 05 Dec 2022 10:45:23 GMT
date: Sun, 04 Dec 2022 23:36:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 82200
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA&b=400
178.250.2.135200 OK 28 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1579cf890b816206889a2b4b51240f76
bd5995b4cfecca8caa29b77f5251c38cec8ee028
346358815d56f2e77f5c25d8c733647688a0772af6af571647d5c767b82b92e9
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A976b125e-e2de-4bdc-9dd7-9adc7dfbec65%2FSol_House_Costa_del_Sol_1SQUARE_800X800.jpg&v=3&w=800&s=7W7V3A7O2fqUc6A4I7Cf3GSA&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=40149
expires: Mon, 05 Dec 2022 10:45:23 GMT
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 28004
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1
178.250.2.135200 OK 119 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 119 kB (119138 bytes)
Hash d4583915e8f0f477e3d0f3d574178d04
9d108ebad48bd9c2cab219ceb9f672c6df3bc4f5
8dcada67312cc34fc712ef9177721a44169eb6a6d2a709f2d22aa294248ccbf5
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3Ad73c8379-bf91-4d74-864a-b86b2031c722%2FHotel_SPA_Porta_Maris_1SQUARE_800X800.jpg&v=3&w=800&s=4X0X-Nu4RfmYu4fZ7RRnlTf1 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=27277
expires: Mon, 05 Dec 2022 07:10:51 GMT
date: Sun, 04 Dec 2022 23:36:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 119138
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_flush_mount_1.jpg&v=3&w=400&s=u2KMFwPa0WZqPqMhdB6GWfvG&b=400
178.250.2.135200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_flush_mount_1.jpg&v=3&w=400&s=u2KMFwPa0WZqPqMhdB6GWfvG&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x392, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9b60946cbe44d8a1083fa5a1604d0e62
1659b300fcc7f8c0bc3bbb962df6d03788feda88
9ecfb2c02118df8be7375386ad19d9408fc7bb26d621d400de32f88e52b8fd95
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FExtralight_Purelux_Major_S530_V2__Straight__53_cm__216_W__Ref_50%2Fpurelux_major_unlimited_complete_set_flush_mount_1.jpg&v=3&w=400&s=u2KMFwPa0WZqPqMhdB6GWfvG&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Sun, 04 Dec 2022 23:36:13 GMT
date: Sun, 04 Dec 2022 23:36:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12616
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x215, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a8c54ae76cb59ff01aa7db465e05573f
904693dd7924a11b52841bc98295618881ad6b43
166e8af8adca384f1ee68949bb463e69545efa4ae7e8b7361f884500b1ce9e06
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fproducts%2FOlight_Baton_3_Black%2Folight_baton3_1.jpg&v=3&w=400&s=uyHCUjFs6BzE-ObiIYtRVxqd&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=0
expires: Sun, 04 Dec 2022 23:36:13 GMT
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11438
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FLED_Driving_light_BAR_Strands_SIBERIA_Double_Row_22_91W%2Fstrands_siberia_dr_22_complete_kit_11.jpg&v=3&w=400&s=RoXmCwxtfI2aYxmaNdMXQKX3&b=400
178.250.2.135200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FLED_Driving_light_BAR_Strands_SIBERIA_Double_Row_22_91W%2Fstrands_siberia_dr_22_complete_kit_11.jpg&v=3&w=400&s=RoXmCwxtfI2aYxmaNdMXQKX3&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66043504be452bc019e8f526b802c65a
2cc27faf02b5f780e72a7802ae92ffd53a9b592c
60436c1ec2dd4fd45dbcd1e0ee1c67ae620f1168deebdfdf26d3d61367966969
GET /img/img?c=3&cq=256&h=400&m=0&partner=54197&q=80&r=0&u=https%3A%2F%2Fcdn.handshake.fi%2Fi%2Fbundles%2FLED_Driving_light_BAR_Strands_SIBERIA_Double_Row_22_91W%2Fstrands_siberia_dr_22_complete_kit_11.jpg&v=3&w=400&s=RoXmCwxtfI2aYxmaNdMXQKX3&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=434
expires: Sun, 04 Dec 2022 23:43:28 GMT
date: Sun, 04 Dec 2022 23:36:13 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12616
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=eQX_AOs8uVFphtQHWgSlVhzC
178.250.2.135200 OK 4.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=eQX_AOs8uVFphtQHWgSlVhzC
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x205, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 408c031c22524a27aa5504099129a64a
f525dd01f41c7695cda5e6faf19438b6be05121c
3bc62b12960c71a8c5587d76f310d3e1585ac2e0ed4704f4e9123258f62d3120
GET /img/img?h=360&m=0&partner=54197&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F53339%2F180905%2F5137ccbcd8d14251b15403c6b23109e9_logo2.jpg&v=3&w=196&s=eQX_AOs8uVFphtQHWgSlVhzC HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30967614
expires: Tue, 28 Nov 2023 09:43:07 GMT
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4808
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=libqTMzSUYSURKRSeWXAlJU3MvaZjS6k6VIOj9V4XunGJOzZOCLveJjX5oUiwWf8u-lbIM2RrWaMxLNkjKpx3Pu9Cw6_Bj9AQD8N5W1wC32BUc6PCzIIcsdmYthBYzGZKLvYEMQqoO3RS8LLImSmIZXe-qei5rWajEUbvvDy4wWt0KPkmRnwGfu2ziWgRjkHavzEzhtTi6BvuYjjh2IOzn0aIYI1r6w4Nw20gOlvsKoJawnD9NzqVJAxq3KBOnxhYFzjCIA2BJH09sRUYdiAWJ1nMeSKxCM2n4AIEbucwLzIYbrK8WMDFHbKppocsO-A5g2ySbZp_DoYUX0dF2Rn47lwRWTBtJv42f7_K54CCrG_kyN5ZsdWzNTEKwAnGDbTnibvZz6iI1dB7cZlVz7X7nQqMt46r7QZjlaYKeY9oLnNQXDF7DwugKr54rDrrqgUY8BIDrnEeIKpFacJLuliuDZ6iuIJcgB2r-y219kuuF1tsMEQ0obmNj-l-jK-U5XnaQAgwA&z=Y40u6wAEOX0KGKgKAAbJ1PJbgrXZpmgPevmMvw
178.250.0.160200 OK 9.1 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=libqTMzSUYSURKRSeWXAlJU3MvaZjS6k6VIOj9V4XunGJOzZOCLveJjX5oUiwWf8u-lbIM2RrWaMxLNkjKpx3Pu9Cw6_Bj9AQD8N5W1wC32BUc6PCzIIcsdmYthBYzGZKLvYEMQqoO3RS8LLImSmIZXe-qei5rWajEUbvvDy4wWt0KPkmRnwGfu2ziWgRjkHavzEzhtTi6BvuYjjh2IOzn0aIYI1r6w4Nw20gOlvsKoJawnD9NzqVJAxq3KBOnxhYFzjCIA2BJH09sRUYdiAWJ1nMeSKxCM2n4AIEbucwLzIYbrK8WMDFHbKppocsO-A5g2ySbZp_DoYUX0dF2Rn47lwRWTBtJv42f7_K54CCrG_kyN5ZsdWzNTEKwAnGDbTnibvZz6iI1dB7cZlVz7X7nQqMt46r7QZjlaYKeY9oLnNQXDF7DwugKr54rDrrqgUY8BIDrnEeIKpFacJLuliuDZ6iuIJcgB2r-y219kuuF1tsMEQ0obmNj-l-jK-U5XnaQAgwA&z=Y40u6wAEOX0KGKgKAAbJ1PJbgrXZpmgPevmMvw
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d9fcff337a3f0b0267b236e88535352a
b4cdfc39731c4968a21b667eadc6723c8f7cba01
17e109ca02ab0dd156c501d024f6b926a0e6626ee94114f7da8f1a62ee85523d
GET /delivery/lgn.php?cppv=3&cpp=libqTMzSUYSURKRSeWXAlJU3MvaZjS6k6VIOj9V4XunGJOzZOCLveJjX5oUiwWf8u-lbIM2RrWaMxLNkjKpx3Pu9Cw6_Bj9AQD8N5W1wC32BUc6PCzIIcsdmYthBYzGZKLvYEMQqoO3RS8LLImSmIZXe-qei5rWajEUbvvDy4wWt0KPkmRnwGfu2ziWgRjkHavzEzhtTi6BvuYjjh2IOzn0aIYI1r6w4Nw20gOlvsKoJawnD9NzqVJAxq3KBOnxhYFzjCIA2BJH09sRUYdiAWJ1nMeSKxCM2n4AIEbucwLzIYbrK8WMDFHbKppocsO-A5g2ySbZp_DoYUX0dF2Rn47lwRWTBtJv42f7_K54CCrG_kyN5ZsdWzNTEKwAnGDbTnibvZz6iI1dB7cZlVz7X7nQqMt46r7QZjlaYKeY9oLnNQXDF7DwugKr54rDrrqgUY8BIDrnEeIKpFacJLuliuDZ6iuIJcgB2r-y219kuuF1tsMEQ0obmNj-l-jK-U5XnaQAgwA&z=Y40u6wAEOX0KGKgKAAbJ1PJbgrXZpmgPevmMvw HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:12 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2996122
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.2.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Wed, 29 Nov 2023 23:36:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qEEYlfnTBSVdD-mFds6_mLz8BV9GITBBxQLuD4nH7_toCHPoDT3Pu_ZnnA-utKP0FbnRaHZJhrYUyzQayEVkAROHxhxpu3gU0kUaW51pTZtCzD8OIMLuN4KAtEwcrpAzsPK38KoFp1hYoE67gkUaBDtclwE7LYL8aArcjTT7rlRhuz14viP8urDrLAo5Q1Je3YmQpjeMKSN-HjEOKledTQxULYHrwP6YrqREn5HREg4V0wAZg3p52xPT-qFKMQxU5phB0T0a9MpcXu6BIx-N72xP_SYpRlYW73bG4AVi2-0mYQT9KCZieOx3xhKZAYZaACkm1JoDK6rzZO-gvKDwzS7DqbMBPNBqeEr8PWnKJtK1485IYoKgO9RsAAKP-t8gL0DAIsHFtx1jOPxNgxG9I3VpCNDc9GhI2LZtzpNFsr2igID2
178.250.0.160200 OK 227 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qEEYlfnTBSVdD-mFds6_mLz8BV9GITBBxQLuD4nH7_toCHPoDT3Pu_ZnnA-utKP0FbnRaHZJhrYUyzQayEVkAROHxhxpu3gU0kUaW51pTZtCzD8OIMLuN4KAtEwcrpAzsPK38KoFp1hYoE67gkUaBDtclwE7LYL8aArcjTT7rlRhuz14viP8urDrLAo5Q1Je3YmQpjeMKSN-HjEOKledTQxULYHrwP6YrqREn5HREg4V0wAZg3p52xPT-qFKMQxU5phB0T0a9MpcXu6BIx-N72xP_SYpRlYW73bG4AVi2-0mYQT9KCZieOx3xhKZAYZaACkm1JoDK6rzZO-gvKDwzS7DqbMBPNBqeEr8PWnKJtK1485IYoKgO9RsAAKP-t8gL0DAIsHFtx1jOPxNgxG9I3VpCNDc9GhI2LZtzpNFsr2igID2
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Size 227 kB (226624 bytes)
Hash 20a6155a068c5c01faf7ce7f1f87d732
9dd005382ecc3bf0c2a152a0f2d1f83a08d57502
d3ce6fe49f7d48ea71ffe56bf57029f5c53893a0e2717e422a198bc32606f62f
GET /delivery/lg.php?cppv=3&cpp=qEEYlfnTBSVdD-mFds6_mLz8BV9GITBBxQLuD4nH7_toCHPoDT3Pu_ZnnA-utKP0FbnRaHZJhrYUyzQayEVkAROHxhxpu3gU0kUaW51pTZtCzD8OIMLuN4KAtEwcrpAzsPK38KoFp1hYoE67gkUaBDtclwE7LYL8aArcjTT7rlRhuz14viP8urDrLAo5Q1Je3YmQpjeMKSN-HjEOKledTQxULYHrwP6YrqREn5HREg4V0wAZg3p52xPT-qFKMQxU5phB0T0a9MpcXu6BIx-N72xP_SYpRlYW73bG4AVi2-0mYQT9KCZieOx3xhKZAYZaACkm1JoDK6rzZO-gvKDwzS7DqbMBPNBqeEr8PWnKJtK1485IYoKgO9RsAAKP-t8gL0DAIsHFtx1jOPxNgxG9I3VpCNDc9GhI2LZtzpNFsr2igID2 HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:12 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2824863
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.2.130200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Wed, 29 Nov 2023 23:36:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A44d88a01-9af6-4c33-9951-c8fde1e3a182%2FSOL_Port_Cambrils_1SQUARE_800X800.jpg&v=3&w=800&s=r4fB-xY0SRp4XfKUh1vw-XwF
178.250.2.135200 OK 75 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A44d88a01-9af6-4c33-9951-c8fde1e3a182%2FSOL_Port_Cambrils_1SQUARE_800X800.jpg&v=3&w=800&s=r4fB-xY0SRp4XfKUh1vw-XwF
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65cf4afac6616d75d6cfcab0c32b7e7c
9386de40b980ab65216d15d6d3c1f0ac6ff637cf
e197958f1568382d9973f82816ff6fa4eb8d5ff8ec4239f6af4c41b87325726c
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A44d88a01-9af6-4c33-9951-c8fde1e3a182%2FSOL_Port_Cambrils_1SQUARE_800X800.jpg&v=3&w=800&s=r4fB-xY0SRp4XfKUh1vw-XwF HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31062
expires: Mon, 05 Dec 2022 08:13:55 GMT
date: Sun, 04 Dec 2022 23:36:12 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 74862
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2ae9f42f00345c8a895df8e5dcde06c0
6c6dabbcdd07a76039e178e3d0604ecbbaa03668
8a8361308413adc59b055b74ee48db03bdcae73de64b813c4d1334e66eb78d25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5381
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:13 GMT
Last-Modified: Sun, 04 Dec 2022 22:06:32 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 04 Dec 2022 23:36:13 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638d2eec6490179efe6f187f1981481d
37.157.5.141302 Found 53 kB URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638d2eec6490179efe6f187f1981481d
IP 37.157.5.141:0
Hash f14df09afc3ed7843aeec9287601a5ba
1ab8a52bfe535a03c06cc6834be3b696eb9f908c
c5cb43d831d637815fa50a87744e93aee1940048bceb515bcb7ce14ffbf3cd0e
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638d2eec6490179efe6f187f1981481d HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=88449&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=Z5hDZqw_hvZvKFTaq3hzcEEtXoCXl4rcDppm39qTq5Z65yLdXxROPAA9iAe53FEKUGZDOxHPeim_p_PhgUeCb5GOS3Y7LG4NM14-Mt7hGGDmZ8qXrxZZXAX-OyYrBSIYcE-idGrjZ_b6Zt9YC-Ned-uMbOWmscXdsq5VztCPOfNMg1Keas7WqyqcST-ncR-iNBsIOP4TuWMcZFumKfeZD9On-K_BLXwMZHFmX3ifMO5LRrBBcDjnk2vK5nBO0J3pM2b4nQ&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=Z5hDZqw_hvZvKFTaq3hzcEEtXoCXl4rcDppm39qTq5Z65yLdXxROPAA9iAe53FEKUGZDOxHPeim_p_PhgUeCb5GOS3Y7LG4NM14-Mt7hGGDmZ8qXrxZZXAX-OyYrBSIYcE-idGrjZ_b6Zt9YC-Ned-uMbOWmscXdsq5VztCPOfNMg1Keas7WqyqcST-ncR-iNBsIOP4TuWMcZFumKfeZD9On-K_BLXwMZHFmX3ifMO5LRrBBcDjnk2vK5nBO0J3pM2b4nQ&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=Z5hDZqw_hvZvKFTaq3hzcEEtXoCXl4rcDppm39qTq5Z65yLdXxROPAA9iAe53FEKUGZDOxHPeim_p_PhgUeCb5GOS3Y7LG4NM14-Mt7hGGDmZ8qXrxZZXAX-OyYrBSIYcE-idGrjZ_b6Zt9YC-Ned-uMbOWmscXdsq5VztCPOfNMg1Keas7WqyqcST-ncR-iNBsIOP4TuWMcZFumKfeZD9On-K_BLXwMZHFmX3ifMO5LRrBBcDjnk2vK5nBO0J3pM2b4nQ&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=88449&adfrmid=0
109.232.197.33302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=88449&adfrmid=0
IP 109.232.197.33:0
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=88449&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 04 Dec 2022 23:36:13 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=88449&adfrmid=0
static.criteo.net/flash/icon/privacy.svg
178.250.2.130200 OK 5.1 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.2.130:0
Hash b851a4d3d1d523e162e8ca1d0b0bccf8
c8ff14d0bce7511ecac3adec9a056fffdc8b93f1
ea0464bb6447ab340eaa66c3bc01e3e6eaf57f3fc213ea2246283790553bdfcf
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Wed, 29 Nov 2023 23:36:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 04 Dec 2022 23:36:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=mnWhd6w_hvZvKFTaTSe9C4W_JvN8f5jWeBOpNKdyuMPHBctPM_CxbnrXjdB0_VZfksG6XmpqA1WRLfy3wHtIQMohn_McyJVEXJ13r7Tsxr8VvvJ_KndTF-mNF6MbGfej5M81STePvfqXFwfn0-7v8XPaefLO61VUZ1BrGMIExfTTZWA1WNkPPIdnbKpj1z2ybFGesaF3_eFFASlFwP1TuLPgaBmgzuJB9R0m0ymSEKetd8znWsVCyKvFmXIO1-XncsNLqA&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=mnWhd6w_hvZvKFTaTSe9C4W_JvN8f5jWeBOpNKdyuMPHBctPM_CxbnrXjdB0_VZfksG6XmpqA1WRLfy3wHtIQMohn_McyJVEXJ13r7Tsxr8VvvJ_KndTF-mNF6MbGfej5M81STePvfqXFwfn0-7v8XPaefLO61VUZ1BrGMIExfTTZWA1WNkPPIdnbKpj1z2ybFGesaF3_eFFASlFwP1TuLPgaBmgzuJB9R0m0ymSEKetd8znWsVCyKvFmXIO1-XncsNLqA&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=mnWhd6w_hvZvKFTaTSe9C4W_JvN8f5jWeBOpNKdyuMPHBctPM_CxbnrXjdB0_VZfksG6XmpqA1WRLfy3wHtIQMohn_McyJVEXJ13r7Tsxr8VvvJ_KndTF-mNF6MbGfej5M81STePvfqXFwfn0-7v8XPaefLO61VUZ1BrGMIExfTTZWA1WNkPPIdnbKpj1z2ybFGesaF3_eFFASlFwP1TuLPgaBmgzuJB9R0m0ymSEKetd8znWsVCyKvFmXIO1-XncsNLqA&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:13 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33002e87ed87cec83ec76bdfe55cb33a
a2dafcefab949833412ab20508096c9974b9e359
f73d30247eb325d9dc9531381224e8942b39b56c264ade1618855f1fad9eda2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6181
Cache-Control: max-age=137267
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:14 GMT
Etag: "638c8bfc-1d7"
Expires: Tue, 06 Dec 2022 13:44:01 GMT
Last-Modified: Sun, 04 Dec 2022 12:01:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.221.16200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (1957)
Hash 596986fd981a243ceb9b051a26db6787
448cfd35f1efeccfb4e01b8bd1b1f27fd71f5479
4899f50c56415ab0cc8817d9973177fea888d4e797679bf312005fcfdc403e62
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7538e5aa3d1b71cc9a2f70de61af809b
etag: "fa30f9bc658547f67199f4d8cc08bba9"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 04 Dec 2022 23:38:55 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: WWmG/ZgaJDzrmwUaJttnhw==
x-fb-debug: b2tYr2rdakU9asz6ZyZFFvL/phL/K+QIwD/sW6xYfOTKkW39il8gp/YqZoCkYeC20XZG7LM5yQWRvGY0UC4OdA==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Sun, 04 Dec 2022 23:36:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33002e87ed87cec83ec76bdfe55cb33a
a2dafcefab949833412ab20508096c9974b9e359
f73d30247eb325d9dc9531381224e8942b39b56c264ade1618855f1fad9eda2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6181
Cache-Control: max-age=137267
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:14 GMT
Etag: "638c8bfc-1d7"
Expires: Tue, 06 Dec 2022 13:44:01 GMT
Last-Modified: Sun, 04 Dec 2022 12:01:00 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
m.addthis.com/live/red_lojson/300lo.json?si=638d2ee8ddd1a64d&bkl=0&bl=1&pdt=2788&sid=638d2ee8ddd1a64d&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670196970895&jsl=1&uvs=638d2ee88cf5f77b000&skipb=1&callback=addthis.cbs.jsonp__0214094099528165940
23.38.200.123200 OK 91 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=638d2ee8ddd1a64d&bkl=0&bl=1&pdt=2788&sid=638d2ee8ddd1a64d&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670196970895&jsl=1&uvs=638d2ee88cf5f77b000&skipb=1&callback=addthis.cbs.jsonp__0214094099528165940
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 1614aed502c54417d66f1f0f73dd88fe
7fa9f9df6aa085f597e201f1ce8bb850b618ff90
e122e17d4b7cb336c952a32a0473bd334be580d5c42ef83703bb01b66f730356
GET /live/red_lojson/300lo.json?si=638d2ee8ddd1a64d&bkl=0&bl=1&pdt=2788&sid=638d2ee8ddd1a64d&pub=ra-58e226eb29c11f6c&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dusunmekvepaylasmak.blogspot.com&fp=search%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=D%C3%BC%C5%9F%C3%BCnmek%2CHaber%2Cmagazin%2Csosyal%20medya%2Cpayla%C5%9F%C4%B1m%2Cdo%C4%9Fru%20bilgi%2Ckarikat%C3%BCr%2Cg%C3%BCndem%2Ck%C3%BClt%C3%BCr%20sanat%2Csinema%2Ctelevizyon%2Ctiyatro&colc=1670196970895&jsl=1&uvs=638d2ee88cf5f77b000&skipb=1&callback=addthis.cbs.jsonp__0214094099528165940 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 91
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sun, 04 Dec 2022 23:36:14 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
23.38.200.123200 OK 1.3 kB URL HTTP/2 v1.addthisedge.com/live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (3821), with no line terminators
Hash 4adc016f0378d43b1e4d8a48395311fb
de42f6825c8d2ef4989b84479d9731baa195bbaa
70f1c455a93fbc3c54102023dd47c6bcc3ff290302ac6e517cd87b74e4efc205
GET /live/boost/ra-58e226eb29c11f6c/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 1250
etag: 727245640--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=57, s-maxage=86400
date: Sun, 04 Dec 2022 23:36:14 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sun, 04 Dec 2022 23:36:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
23.38.200.123200 OK 29 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash f4a430f112d94f56cbeddcde217f69b6
01c1580d462c4977c7194746540f813e6b5675ce
f8999cbfee6629cf5f2f77d325a508f30a1adc6f1ab7506c462bf467930f36da
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28570
date: Sun, 04 Dec 2022 23:36:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=88449&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=88449&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=88449&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:36:15 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: etuix=MggiEpH2hwUdut5Bx3Z3GkkWJkCHOKGqnAA2C.JnRPC2lYBthaDhgw--; expires=Mon, 01 Jan 2024 23:36:15 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et0=njPQ6wCLHo5zfZd6sV2hgv6PfOmT0_2viwVbUX6VUeDw0vBI8Ixn.oO5uh3R3kOQ5rOFdT9g35He2WgE6Nn4DjV9ua.ga1Bg7qbY0EzMNgivMgKFANY_B3zUXmzk3Pu7EMQ-; expires=Mon, 01 Jan 2024 23:36:15 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Mon, 01 Jan 2024 23:36:15 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A7a7c34af-dead-482f-9211-60279e41e12c%2FSOL_Guadalmar_1SQUARE_800X800.jpg&v=3&w=800&s=-tz9xkZsgx7m1RFkTp1OJROj&b=400
178.250.2.135200 OK 29 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A7a7c34af-dead-482f-9211-60279e41e12c%2FSOL_Guadalmar_1SQUARE_800X800.jpg&v=3&w=800&s=-tz9xkZsgx7m1RFkTp1OJROj&b=400
IP 178.250.2.135:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47cd1a0c1441ee198eef9176c952c460
c38f06f26adc10a3a6c9f79591c22c427befb3f9
7195b5d86eca9bf81a08d574d7e2353120a8c2a22957fcef817f45362fdfabc7
GET /img/img?c=3&cq=256&h=800&m=0&partner=93075&q=80&r=2&u=https%3A%2F%2Fads1.melia.com%2Fdam%2Fjcr%3A7a7c34af-dead-482f-9211-60279e41e12c%2FSOL_Guadalmar_1SQUARE_800X800.jpg&v=3&w=800&s=-tz9xkZsgx7m1RFkTp1OJROj&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1788
expires: Mon, 05 Dec 2022 00:06:03 GMT
date: Sun, 04 Dec 2022 23:36:15 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 29152
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ
178.250.2.135200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ
IP 178.250.2.135:0
File type PNG image data, 196 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash bc381116221b106493d972a9262c65e3
980f03704c3d56409200806ffc1b8269240383a4
391ed2f12f92968f164c061b48e5421254b9aae4dfce080b727d60dd6c1cb72e
GET /img/img?h=244&m=0&partner=93075&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F5031%2F190729%2F140cfb81012347f3b8e333cbb4c840de_the_main_hotel_brand_gray.png&v=3&w=196&s=_0VlK9q82TmthCuW5OnxfCPJ HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30967771
expires: Tue, 28 Nov 2023 09:45:47 GMT
date: Sun, 04 Dec 2022 23:36:15 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10921
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a694f95cadca94d72398ae11daec93bf
18b761cf34636c0185e332dd76ff22b4f8c83518
5ce2d2c85324af69a70645caaecba846ab00bd9c606815b04fb330a4a25fa2ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4683
Cache-Control: max-age=141530
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 23:36:15 GMT
Etag: "638ca27e-139"
Expires: Tue, 06 Dec 2022 14:55:05 GMT
Last-Modified: Sun, 04 Dec 2022 13:37:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
ads.eu.criteo.com/delivery/r/afr.php?z=Y40u6wAC0JMKGJTMAAvK1MxqBIdKf2UMoOAIFg&u=%7CxCItIx9T4vUln86DPsjAGIFoPblPzrletbzZPL3SYXE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIT0MjWuWij4bIRK6-hfTEG3SfN_NpIV86n-K2Mi05JpLVrHRYpGpvnhQjYIU9jNw0pB_HbiCMAC54ZQwXwIuYYRztjdPCIbaFXUQ3m_8kb50l3T4zrcZcUgpyB6OJge1shypx3Ej8g8qHseIfRPzRp0t-b53_EBWqd4Ok5RUtM6s7AezJOX45HD8mViBjAwlzfgrOBTW7b2is54P43JFHZ9OxCXMKwSgD4uYnscfg8_zbOzGjvSPUy6o_0C8rtYuEbBnEOI5umxsWDTMYkwfU2K_66lqnLgqqbCnZc3GMDQIbqEA6jETujM6POob4LHkjTPaLvM3FsQ0hkSOGmUxM93Q3xkTIWBrPogeTtNA6CdmHfiVpRo10J0PytZCAAvpmF510p_NOdwmfn2A9ul7rJ5K5lBePSud4cloVByIbo6RDOelbsdOQJ-kM3huPx-MzrH-G9BtBTxxdN6sKW_wdWqcFXJpTOt2uVxIPN85RcnYED1SbP7kmWIMpuZ7TD2PQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgFAA6y6NY5OhC8ypYtSVr4AOyZ7SsVz16qGGiAHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ8CT9D8sU_xgUD3ZbW3UPF7U4r5AhIPuIiog6srzUT4tWcp07Ze0BBfguVVS56ymcSsHfKKbUtyjEU3r83uzFjAu8asaFnrHiQ4Je_7WxVAsQ-cplwDEZ-jq6FIjttJpcv80UrbVqJsCWYv8_2PjR6jR45jBsKKrTbQ5kSY2nBuHbu4v1fstiglTcYJPlb4m3ZJBJuysigWf_lhr1WbHBlHxQnbMcBDRqzRuSvt_U1yXjp0Gk9piCUqX810knyBME57j6HZy1ed5j4j1G_S7q3NCexgiITgB46hsZHHy5-FTpDjT2DGZOeHTyePpOgl7znR85ZuQbPMOZVXNMzoZgHTJ-D7VB-bUqvfobveD4qmD_Kkv_zx6cUAv1dfUbdy5RSABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_35spUqTXYjTnkRv0xxzjbrtp4r-Q%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 42 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y40u6wAC0JMKGJTMAAvK1MxqBIdKf2UMoOAIFg&u=%7CxCItIx9T4vUln86DPsjAGIFoPblPzrletbzZPL3SYXE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIT0MjWuWij4bIRK6-hfTEG3SfN_NpIV86n-K2Mi05JpLVrHRYpGpvnhQjYIU9jNw0pB_HbiCMAC54ZQwXwIuYYRztjdPCIbaFXUQ3m_8kb50l3T4zrcZcUgpyB6OJge1shypx3Ej8g8qHseIfRPzRp0t-b53_EBWqd4Ok5RUtM6s7AezJOX45HD8mViBjAwlzfgrOBTW7b2is54P43JFHZ9OxCXMKwSgD4uYnscfg8_zbOzGjvSPUy6o_0C8rtYuEbBnEOI5umxsWDTMYkwfU2K_66lqnLgqqbCnZc3GMDQIbqEA6jETujM6POob4LHkjTPaLvM3FsQ0hkSOGmUxM93Q3xkTIWBrPogeTtNA6CdmHfiVpRo10J0PytZCAAvpmF510p_NOdwmfn2A9ul7rJ5K5lBePSud4cloVByIbo6RDOelbsdOQJ-kM3huPx-MzrH-G9BtBTxxdN6sKW_wdWqcFXJpTOt2uVxIPN85RcnYED1SbP7kmWIMpuZ7TD2PQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgFAA6y6NY5OhC8ypYtSVr4AOyZ7SsVz16qGGiAHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ8CT9D8sU_xgUD3ZbW3UPF7U4r5AhIPuIiog6srzUT4tWcp07Ze0BBfguVVS56ymcSsHfKKbUtyjEU3r83uzFjAu8asaFnrHiQ4Je_7WxVAsQ-cplwDEZ-jq6FIjttJpcv80UrbVqJsCWYv8_2PjR6jR45jBsKKrTbQ5kSY2nBuHbu4v1fstiglTcYJPlb4m3ZJBJuysigWf_lhr1WbHBlHxQnbMcBDRqzRuSvt_U1yXjp0Gk9piCUqX810knyBME57j6HZy1ed5j4j1G_S7q3NCexgiITgB46hsZHHy5-FTpDjT2DGZOeHTyePpOgl7znR85ZuQbPMOZVXNMzoZgHTJ-D7VB-bUqvfobveD4qmD_Kkv_zx6cUAv1dfUbdy5RSABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_35spUqTXYjTnkRv0xxzjbrtp4r-Q%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30086), with CRLF, LF line terminators
Hash b53f6a995b166df1711977125f984270
33d1437f9939de371d5ae94b959b8ccdb3494abe
e7da4ef1d2601d76c4062c24cf9c79b45ef0a6ae6caea441bc501433149aa558
GET /delivery/r/afr.php?z=Y40u6wAC0JMKGJTMAAvK1MxqBIdKf2UMoOAIFg&u=%7CxCItIx9T4vUln86DPsjAGIFoPblPzrletbzZPL3SYXE%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIT0MjWuWij4bIRK6-hfTEG3SfN_NpIV86n-K2Mi05JpLVrHRYpGpvnhQjYIU9jNw0pB_HbiCMAC54ZQwXwIuYYRztjdPCIbaFXUQ3m_8kb50l3T4zrcZcUgpyB6OJge1shypx3Ej8g8qHseIfRPzRp0t-b53_EBWqd4Ok5RUtM6s7AezJOX45HD8mViBjAwlzfgrOBTW7b2is54P43JFHZ9OxCXMKwSgD4uYnscfg8_zbOzGjvSPUy6o_0C8rtYuEbBnEOI5umxsWDTMYkwfU2K_66lqnLgqqbCnZc3GMDQIbqEA6jETujM6POob4LHkjTPaLvM3FsQ0hkSOGmUxM93Q3xkTIWBrPogeTtNA6CdmHfiVpRo10J0PytZCAAvpmF510p_NOdwmfn2A9ul7rJ5K5lBePSud4cloVByIbo6RDOelbsdOQJ-kM3huPx-MzrH-G9BtBTxxdN6sKW_wdWqcFXJpTOt2uVxIPN85RcnYED1SbP7kmWIMpuZ7TD2PQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgFAA6y6NY5OhC8ypYtSVr4AOyZ7SsVz16qGGiAHAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ8CT9D8sU_xgUD3ZbW3UPF7U4r5AhIPuIiog6srzUT4tWcp07Ze0BBfguVVS56ymcSsHfKKbUtyjEU3r83uzFjAu8asaFnrHiQ4Je_7WxVAsQ-cplwDEZ-jq6FIjttJpcv80UrbVqJsCWYv8_2PjR6jR45jBsKKrTbQ5kSY2nBuHbu4v1fstiglTcYJPlb4m3ZJBJuysigWf_lhr1WbHBlHxQnbMcBDRqzRuSvt_U1yXjp0Gk9piCUqX810knyBME57j6HZy1ed5j4j1G_S7q3NCexgiITgB46hsZHHy5-FTpDjT2DGZOeHTyePpOgl7znR85ZuQbPMOZVXNMzoZgHTJ-D7VB-bUqvfobveD4qmD_Kkv_zx6cUAv1dfUbdy5RSABobN4Yrhz8qO0AGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_35spUqTXYjTnkRv0xxzjbrtp4r-Q%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:14 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=a-9bOqw_hvZvKFTa3exw4VNToLHhbjTPRYcdh54XCOVPQ-TmkAgDdaFN2s-0hrNKo27KhTKUSpiJT1tNeu4hDFe3UDRNRdbBl2aZal_y-3nbV2MBwMc0TojiH0gvJhzxj1JwBOJ0yxWwSngv1r6BIAeth8ebVOiZqaR2uA8aZcr90MKr_dMWRpl-6OCmoxfF4s6_JPEJDjQyetSFF9xPU-6eiTLb3oZliZLfMH8AztMJKQ8FORlES6LNsz2W_h4ZBXHG1A"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 45699301
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
s7.addthis.com/static/images/cvlbx/beachSummer.jpg
23.38.200.123200 OK 88 kB URL HTTP/2 s7.addthis.com/static/images/cvlbx/beachSummer.jpg
IP 23.38.200.123:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x800, components 3\012- data
Hash 2c026aa51bcd25d6b33218d4aa5f6d83
dc4d354fbae246e6f8e4f3d959720d2f006adb33
2e8cb0f4f4f8506bfeb3a39189a6b975e80018e5aa8cd49ed48cb9c4219a8958
GET /static/images/cvlbx/beachSummer.jpg HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/jpeg
content-length: 88467
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-15993"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 04 Dec 2022 23:36:15 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
23.38.200.123200 OK 394 B URL HTTP/2 s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (564), with no line terminators
Hash 09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Sun, 04 Dec 2022 23:36:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
23.38.200.123200 OK 127 B URL HTTP/2 s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c16f2b8f73dfadd8068f3f840cdf7bc5
48f837510b3e187dde91ce56bdd8453830ce64b2
aa41e2ad8da9c442cc1c812d157425bdb3e7e9ff2aec76ee3ac41bbfec720a0e
GET /static/208.92c9dfa16a7b958c8a95.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-70"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 127
date: Sun, 04 Dec 2022 23:36:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/195.461912c47007775093ae.js
23.38.200.123200 OK 298 B URL HTTP/2 s7.addthis.com/static/195.461912c47007775093ae.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (384), with no line terminators
Hash b3a09bfb320e3798865e9543432f891f
1b852bdc37086072c734acec0af4d1971e6ec320
62048a133b36399f6990ddbf705fc3a2cd9a8a9d010e1fb89ed8bdd25d56fca3
GET /static/195.461912c47007775093ae.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-180"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 298
date: Sun, 04 Dec 2022 23:36:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=68347&adfrmid=0
109.232.197.33302 Found 0 B URL HTTP/1.1 mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=68347&adfrmid=0
IP 109.232.197.33:0
ASN #50234 Eulerian Technologies S.a.s.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=68347&adfrmid=0 HTTP/1.1
Host: mm.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Cookie: etuix=MggiEpH2hwUdut5Bx3Z3GkkWJkCHOKGqnAA2C.JnRPC2lYBthaDhgw--; et0=njPQ6wCLHo5zfZd6sV2hgv6PfOmT0_2viwVbUX6VUeDw0vBI8Ixn.oO5uh3R3kOQ5rOFdT9g35He2WgE6Nn4DjV9ua.ga1Bg7qbY0EzMNgivMgKFANY_B3zUXmzk3Pu7EMQ-; et=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 04 Dec 2022 23:36:15 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 0
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Location: https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=68347&adfrmid=0
s7.addthis.com/static/151.67aec2e0546e639563bb.js
23.38.200.123200 OK 815 B URL HTTP/2 s7.addthis.com/static/151.67aec2e0546e639563bb.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (1679), with no line terminators
Hash 8c45a93a76f9e93cb7fe7a8dce9e1dbf
6604f1a4e77d07d55298cecc9c93e0e22e73a616
aa24ec471544fe8d4f18d29ba153a281c809ace19fcd29cdbaac9ed4c2254d92
GET /static/151.67aec2e0546e639563bb.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-68f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 815
date: Sun, 04 Dec 2022 23:36:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=638d2ee88cf5f77b&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
23.38.200.123204 No Content 0 B URL HTTP/2 m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=638d2ee88cf5f77b&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
IP 23.38.200.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=638d2ee88cf5f77b&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
expires: Sun, 04 Dec 2022 23:36:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 23:36:15 GMT
X-Firefox-Spdy: h2
mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=68347&adfrmid=0
109.232.197.110200 OK 43 B URL HTTP/1.1 mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=68347&adfrmid=0
IP 109.232.197.110:0
ASN #50234 Eulerian Technologies S.a.s.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 718e8bd317b47c1018a861f423615c1c
874d28c9586324d5d16558065197cea533f10b67
11e3a37194c2691ff2eb5c2237cb14a9269c30e844dc48047f9324391477f11f
GET /dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=68347&adfrmid=0 HTTP/1.1
Host: mml1.melia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.eu.criteo.com/
Connection: keep-alive
Cookie: etuix=MggiEpH2hwUdut5Bx3Z3GkkWJkCHOKGqnAA2C.JnRPC2lYBthaDhgw--; et0=njPQ6wCLHo5zfZd6sV2hgv6PfOmT0_2viwVbUX6VUeDw0vBI8Ixn.oO5uh3R3kOQ5rOFdT9g35He2WgE6Nn4DjV9ua.ga1Bg7qbY0EzMNgivMgKFANY_B3zUXmzk3Pu7EMQ-; et=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 23:36:15 GMT
Server: EWS
Accept-Ranges: none
Content-Length: 43
Connection: Close
Pragma: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
X-XSS-Protection: 0
Content-Type: image/gif
Set-Cookie: et0=xwMeM8z1prCIOocE4Pd0q3XG676GUDrnRt4uor6sGnT.0XSEKCdF4IxUhp3tSMVDw6oHa_OVR1fTb0LgeiMRhgMlx3y69I4yCVNS7Su8xSvUEfw7Z7AOEXNgIOWCA5fRxUA-; expires=Mon, 01 Jan 2024 23:36:15 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
et=1; expires=Mon, 01 Jan 2024 23:36:15 GMT; domain=.melia.com; path=/; SameSite=None; secure; HttpOnly
q.addthis.com/feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0
23.38.200.123200 OK 462 B URL HTTP/2 q.addthis.com/feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (3495), with no line terminators
Hash 81056508c29d02baaebcb618cfbae35a
92a7851793e72136cbd133d3ef4330c5aed2e620
1a86a5f665633d648eaa13b98d4ce7dd17de8a9396e6cf55b4cb27f06fbe0ddf
GET /feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0 HTTP/1.1
Host: q.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript;charset=UTF-8
content-length: 462
surrogate-key: ra-58e226eb29c11f6c
cache-tag: ra-58e226eb29c11f6c
cache-control: max-age=0, s-maxage=3600
last-modified: Sun, 04 Dec 2022 22:40:45 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 04 Dec 2022 23:36:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&callback=_ate.cbs.rcb_318u0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&callback=_ate.cbs.rcb_318u0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash a211a35c218ea3de97bc14473435e023
8a31ab8ef3f34aab4f18422cba91514c09957a3e
ab1e3781785b5bb2fc575cb51fa0ab4af95b9966d55028e605e0b8427fc9999d
GET /url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&callback=_ate.cbs.rcb_318u0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/haftasonu%20ka%c3%a7ama%c4%9f%c4%b1
last-modified: Sun, 04 Dec 2022 23:36:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Sun, 04 Dec 2022 23:36:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://dusunmekvepaylasmak.blogspot.com/search/label/haftasonu%20ka%C3%A7ama%C4%9F%C4%B1
last-modified: Sun, 04 Dec 2022 23:00:00 GMT
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 04 Dec 2022 23:36:15 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&callback=_ate.cbs.rcb_3zzv0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&callback=_ate.cbs.rcb_3zzv0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash ab958015be6f459e175417345d1e9591
e3733d3cfca6ccdd79c9a39b9c30b43ba1f46452
6426f7e14d24b1783cd72af6c9400ebd9adc966ec50796469c248b7b7c5078f9
GET /url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fhaftasonu%2520ka%25C3%25A7ama%25C4%259F%25C4%25B1&callback=_ate.cbs.rcb_3zzv0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/haftasonu%20ka%c3%a7ama%c4%9f%c4%b1
last-modified: Sun, 04 Dec 2022 23:36:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Sun, 04 Dec 2022 23:36:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=68508867.1670196968&jid=320540993&_u=YEBAAUACQAAAACAAI~&z=781656775
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=68508867.1670196968&jid=320540993&_u=YEBAAUACQAAAACAAI~&z=781656775
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-20442478-1&cid=68508867.1670196968&jid=320540993&_u=YEBAAUACQAAAACAAI~&z=781656775 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 23:36:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.2.130200 OK 1.1 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.2.130:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- assembler source, ASCII text, with very long lines (1423)
Hash 4163ae8d6b6314137488958fe8842d27
d1bebefbf4ff7ab422ea8cde7bf13b6e14982474
5fb35012da2f834a633c50ad25e5c0819d80dd8a81e249ff7bf48cc10a76add4
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Wed, 29 Nov 2023 23:36:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=a-9bOqw_hvZvKFTa3exw4VNToLHhbjTPRYcdh54XCOVPQ-TmkAgDdaFN2s-0hrNKo27KhTKUSpiJT1tNeu4hDFe3UDRNRdbBl2aZal_y-3nbV2MBwMc0TojiH0gvJhzxj1JwBOJ0yxWwSngv1r6BIAeth8ebVOiZqaR2uA8aZcr90MKr_dMWRpl-6OCmoxfF4s6_JPEJDjQyetSFF9xPU-6eiTLb3oZliZLfMH8AztMJKQ8FORlES6LNsz2W_h4ZBXHG1A&sds=2&rev=83599&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=a-9bOqw_hvZvKFTa3exw4VNToLHhbjTPRYcdh54XCOVPQ-TmkAgDdaFN2s-0hrNKo27KhTKUSpiJT1tNeu4hDFe3UDRNRdbBl2aZal_y-3nbV2MBwMc0TojiH0gvJhzxj1JwBOJ0yxWwSngv1r6BIAeth8ebVOiZqaR2uA8aZcr90MKr_dMWRpl-6OCmoxfF4s6_JPEJDjQyetSFF9xPU-6eiTLb3oZliZLfMH8AztMJKQ8FORlES6LNsz2W_h4ZBXHG1A&sds=2&rev=83599&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=a-9bOqw_hvZvKFTa3exw4VNToLHhbjTPRYcdh54XCOVPQ-TmkAgDdaFN2s-0hrNKo27KhTKUSpiJT1tNeu4hDFe3UDRNRdbBl2aZal_y-3nbV2MBwMc0TojiH0gvJhzxj1JwBOJ0yxWwSngv1r6BIAeth8ebVOiZqaR2uA8aZcr90MKr_dMWRpl-6OCmoxfF4s6_JPEJDjQyetSFF9xPU-6eiTLb3oZliZLfMH8AztMJKQ8FORlES6LNsz2W_h4ZBXHG1A&sds=2&rev=83599&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:15 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e0a722aa4ab6a02302de1bc801144fa6
54d68775a825868e724ddbef3f5bb51e2a8562cd
dfac57f27582a063941df7e72cd19f50a682889263190dfed8b119c416bb96d7
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1344
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 04 Dec 2022 23:36:15 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media.boomads.com/images/offer/odul-20222910073038755.jpg
83.66.162.75200 OK 22 kB URL HTTP/1.1 media.boomads.com/images/offer/odul-20222910073038755.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 616x117, components 3\012- data
Hash 24cd3f4c54967c20e2c2ed6e258b36ef
84bf01ace88003ad22edfc985c139807e13b7434
8a386ca865acc7093fd1932c37f7a1e110e7fc62a943fb40d25dd2a8135d1dbb
GET /images/offer/odul-20222910073038755.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 16:29:18 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"1fa6ad5768ebd81:0"
Content-Type: image/jpeg
Last-Modified: Sat, 29 Oct 2022 07:30:38 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 22186
static.criteo.net/animejs/animejs.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.2.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Wed, 29 Nov 2023 23:36:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y40u6wAEEF8KewdyAA2KdKjR1uuyrIiZChp6XQ&u=%7CxCItIx9T4vWcMmwzleaom2P31Z%2Fzv7pbNAOxczeN7e0%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhcxMvdPglnkvtM-wUfxXb8pCD2rL72nvHuhQSU5DWE8UQMg4a74gehI9vuwPDjuUqDiqYvhQXh-BTI5Wfi9S7WkHL_-6JXKIrEQG8odNOicL7tpU8HGILV2KPIBPA3fa25c16FXJp2fSQOBfaAVYA221856FuvrKwXRH4FipMSH25mqPXVSl_K6H-P3f6s5pOtdz25fboAed5CdpTUiW_T3GYg3LjAsFAYfgB3-IB3aZ1p6GKY8haDlPdW62gDL7mdUryVr-IAi7Y46aDmmCFy4-w4funahBNKKhQd71ZG5NS3dmSRMuQRLaGI7kdSOi2-H-KWtWDcodQuY5DQoU-2dhnIppz2MaXHcPpc9ZF05reRjmJmkuc2VHwkP6ydH5uZ9DmWr3xHTcgF3JpzO4fxCeu5dPuyjiQSRqtR212-BgCZrT_4IJvpaRFoqQ2mFnhSxgs5w5bUWBTJ7N0vK6LSJN_lRkrez_WcQsA80bhBcI1cjF4I2mCXs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD13R6y6NY9-gEPKO7AP0lLbwC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ4CT9BHTG5Wllbg_OgVadBXrZsWY7hDaO9CJFHDcCpUWRFsF76GG_7zxMIKY9ycHmBmPi8R8O9Umh7E7OXm0iQSYSvxOb17izb9RUS8iigCmWHhe17xW-0cN6_eVwzIhJhSEdH14U-q5zJuCKMRzx_gARNQFmNjW2zdRBEt6J1VanLy_fNlsOrtNX6RctHc952ALnr0x6QrAhTq5KJoUyNDAyGqdr5WNAcvfHa5ALhdciU-ArbQvYKm9qbDSuwzQ1cWUhdV7rpuA7aBcZZRSV-nQ19Y-QzZSpSsp7daEMiOXCsmfYwAAxHajgSlhoBdU8FbjuMULzyc-5fyAInE9RcWL46nV1POObbNyD9vJb7uJbZToStWT2vEaMCKmjBAC4AGmbyzraL5uIExoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3D2HuIr6CNcyrxApOYQQLSNVndYQ%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y40u6wAEEF8KewdyAA2KdKjR1uuyrIiZChp6XQ&u=%7CxCItIx9T4vWcMmwzleaom2P31Z%2Fzv7pbNAOxczeN7e0%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhcxMvdPglnkvtM-wUfxXb8pCD2rL72nvHuhQSU5DWE8UQMg4a74gehI9vuwPDjuUqDiqYvhQXh-BTI5Wfi9S7WkHL_-6JXKIrEQG8odNOicL7tpU8HGILV2KPIBPA3fa25c16FXJp2fSQOBfaAVYA221856FuvrKwXRH4FipMSH25mqPXVSl_K6H-P3f6s5pOtdz25fboAed5CdpTUiW_T3GYg3LjAsFAYfgB3-IB3aZ1p6GKY8haDlPdW62gDL7mdUryVr-IAi7Y46aDmmCFy4-w4funahBNKKhQd71ZG5NS3dmSRMuQRLaGI7kdSOi2-H-KWtWDcodQuY5DQoU-2dhnIppz2MaXHcPpc9ZF05reRjmJmkuc2VHwkP6ydH5uZ9DmWr3xHTcgF3JpzO4fxCeu5dPuyjiQSRqtR212-BgCZrT_4IJvpaRFoqQ2mFnhSxgs5w5bUWBTJ7N0vK6LSJN_lRkrez_WcQsA80bhBcI1cjF4I2mCXs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD13R6y6NY9-gEPKO7AP0lLbwC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ4CT9BHTG5Wllbg_OgVadBXrZsWY7hDaO9CJFHDcCpUWRFsF76GG_7zxMIKY9ycHmBmPi8R8O9Umh7E7OXm0iQSYSvxOb17izb9RUS8iigCmWHhe17xW-0cN6_eVwzIhJhSEdH14U-q5zJuCKMRzx_gARNQFmNjW2zdRBEt6J1VanLy_fNlsOrtNX6RctHc952ALnr0x6QrAhTq5KJoUyNDAyGqdr5WNAcvfHa5ALhdciU-ArbQvYKm9qbDSuwzQ1cWUhdV7rpuA7aBcZZRSV-nQ19Y-QzZSpSsp7daEMiOXCsmfYwAAxHajgSlhoBdU8FbjuMULzyc-5fyAInE9RcWL46nV1POObbNyD9vJb7uJbZToStWT2vEaMCKmjBAC4AGmbyzraL5uIExoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3D2HuIr6CNcyrxApOYQQLSNVndYQ%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=Y40u6wAEEF8KewdyAA2KdKjR1uuyrIiZChp6XQ&u=%7CxCItIx9T4vWcMmwzleaom2P31Z%2Fzv7pbNAOxczeN7e0%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08CvvQxzre8M6Xis5J01hBxehhcxMvdPglnkvtM-wUfxXb8pCD2rL72nvHuhQSU5DWE8UQMg4a74gehI9vuwPDjuUqDiqYvhQXh-BTI5Wfi9S7WkHL_-6JXKIrEQG8odNOicL7tpU8HGILV2KPIBPA3fa25c16FXJp2fSQOBfaAVYA221856FuvrKwXRH4FipMSH25mqPXVSl_K6H-P3f6s5pOtdz25fboAed5CdpTUiW_T3GYg3LjAsFAYfgB3-IB3aZ1p6GKY8haDlPdW62gDL7mdUryVr-IAi7Y46aDmmCFy4-w4funahBNKKhQd71ZG5NS3dmSRMuQRLaGI7kdSOi2-H-KWtWDcodQuY5DQoU-2dhnIppz2MaXHcPpc9ZF05reRjmJmkuc2VHwkP6ydH5uZ9DmWr3xHTcgF3JpzO4fxCeu5dPuyjiQSRqtR212-BgCZrT_4IJvpaRFoqQ2mFnhSxgs5w5bUWBTJ7N0vK6LSJN_lRkrez_WcQsA80bhBcI1cjF4I2mCXs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD13R6y6NY9-gEPKO7AP0lLbwC8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakCRL-0GpessT6oAwGqBJ4CT9BHTG5Wllbg_OgVadBXrZsWY7hDaO9CJFHDcCpUWRFsF76GG_7zxMIKY9ycHmBmPi8R8O9Umh7E7OXm0iQSYSvxOb17izb9RUS8iigCmWHhe17xW-0cN6_eVwzIhJhSEdH14U-q5zJuCKMRzx_gARNQFmNjW2zdRBEt6J1VanLy_fNlsOrtNX6RctHc952ALnr0x6QrAhTq5KJoUyNDAyGqdr5WNAcvfHa5ALhdciU-ArbQvYKm9qbDSuwzQ1cWUhdV7rpuA7aBcZZRSV-nQ19Y-QzZSpSsp7daEMiOXCsmfYwAAxHajgSlhoBdU8FbjuMULzyc-5fyAInE9RcWL46nV1POObbNyD9vJb7uJbZToStWT2vEaMCKmjBAC4AGmbyzraL5uIExoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3D2HuIr6CNcyrxApOYQQLSNVndYQ%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:12 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mnWhd6w_hvZvKFTaTSe9C4W_JvN8f5jWeBOpNKdyuMPHBctPM_CxbnrXjdB0_VZfksG6XmpqA1WRLfy3wHtIQMohn_McyJVEXJ13r7Tsxr8VvvJ_KndTF-mNF6MbGfej5M81STePvfqXFwfn0-7v8XPaefLO61VUZ1BrGMIExfTTZWA1WNkPPIdnbKpj1z2ybFGesaF3_eFFASlFwP1TuLPgaBmgzuJB9R0m0ymSEKetd8znWsVCyKvFmXIO1-XncsNLqA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 78888576
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.2.130:0
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Wed, 29 Nov 2023 23:36:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zN_FdiPcXEEotVk8xXoJnxpbKa-T87_DiN39ZlNlSHc9wfvyu8GuarJqdy-tF4Yb5mOWVbNaVC_fyORrxnEp4Cu4XSR2VPUAeMiV1GlcLyk3tFbNCojSDwuG3sBTCYzPZkq_TpdDU_02lUlm6kgJK2Cmgfg84D6rjvVA6AXcB7MuXVqyu4hT-1mDZUsmuBMNWGLbWSbjsPW0Xun_S62BvNPyararhLT13AJM4vMYxR_Xqo4QixndtIqeQbHpTfsvYDAtA64xMvkvhBE0HnhS3WrNtHP_geMSbWu51J-gsOxl11Oweco98c1ifGIwwNHkj0WJCbCpF9EdmgtLFsE3GVWO7iVvaEPrRJkkskoxL-BPLV-_KAJPu3GVnXPxgVDDfXMUXjUJpMz2jqBfHB86ewDMbzGXkb6Io2V-9qUjt7LllILr
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zN_FdiPcXEEotVk8xXoJnxpbKa-T87_DiN39ZlNlSHc9wfvyu8GuarJqdy-tF4Yb5mOWVbNaVC_fyORrxnEp4Cu4XSR2VPUAeMiV1GlcLyk3tFbNCojSDwuG3sBTCYzPZkq_TpdDU_02lUlm6kgJK2Cmgfg84D6rjvVA6AXcB7MuXVqyu4hT-1mDZUsmuBMNWGLbWSbjsPW0Xun_S62BvNPyararhLT13AJM4vMYxR_Xqo4QixndtIqeQbHpTfsvYDAtA64xMvkvhBE0HnhS3WrNtHP_geMSbWu51J-gsOxl11Oweco98c1ifGIwwNHkj0WJCbCpF9EdmgtLFsE3GVWO7iVvaEPrRJkkskoxL-BPLV-_KAJPu3GVnXPxgVDDfXMUXjUJpMz2jqBfHB86ewDMbzGXkb6Io2V-9qUjt7LllILr
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=zN_FdiPcXEEotVk8xXoJnxpbKa-T87_DiN39ZlNlSHc9wfvyu8GuarJqdy-tF4Yb5mOWVbNaVC_fyORrxnEp4Cu4XSR2VPUAeMiV1GlcLyk3tFbNCojSDwuG3sBTCYzPZkq_TpdDU_02lUlm6kgJK2Cmgfg84D6rjvVA6AXcB7MuXVqyu4hT-1mDZUsmuBMNWGLbWSbjsPW0Xun_S62BvNPyararhLT13AJM4vMYxR_Xqo4QixndtIqeQbHpTfsvYDAtA64xMvkvhBE0HnhS3WrNtHP_geMSbWu51J-gsOxl11Oweco98c1ifGIwwNHkj0WJCbCpF9EdmgtLFsE3GVWO7iVvaEPrRJkkskoxL-BPLV-_KAJPu3GVnXPxgVDDfXMUXjUJpMz2jqBfHB86ewDMbzGXkb6Io2V-9qUjt7LllILr HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:15 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2897376
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.2.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 23:36:13 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Wed, 29 Nov 2023 23:36:13 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ac_AcpJQosmtLdw2GZ5AHCqbDWi0y0aX5MAflz8Ss0B9FQnge2fKuxTUecBFSndFZG6oeMgdCJ6bR0Uar4PpujXmsELQrPaZunl7uVeQ7pmlYkIqwJlom4K9kroOW5D5egPEglF7QRDBf3iyzxw0skow6EZ_F58RUQI7akFBAYdIA1rqdNwoK82EfZc5ZCyByCmSq9DaKLN3SFA_PbZMt5SY5eIRoYV5XyAxyfC-ehsU4CtKtZamuItvTwpsGp2cD_jFFtgRsn0r0s_q0Ex2p4pZ-tPaVCjCOZHPpRYp1XNm0r2SVavv8SdzAnYfO5QAZS6EH2AfUXUPxjPz56acX946YsbBAn1vNURdZW9gQ0ia8TNNVIloqDADHEm6Y7FG0SjmOTUm8TKwrxDkS9HVCTJFQC8dZHTv7Sol8QPryhQT7PFB
178.250.0.160200 OK 0 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ac_AcpJQosmtLdw2GZ5AHCqbDWi0y0aX5MAflz8Ss0B9FQnge2fKuxTUecBFSndFZG6oeMgdCJ6bR0Uar4PpujXmsELQrPaZunl7uVeQ7pmlYkIqwJlom4K9kroOW5D5egPEglF7QRDBf3iyzxw0skow6EZ_F58RUQI7akFBAYdIA1rqdNwoK82EfZc5ZCyByCmSq9DaKLN3SFA_PbZMt5SY5eIRoYV5XyAxyfC-ehsU4CtKtZamuItvTwpsGp2cD_jFFtgRsn0r0s_q0Ex2p4pZ-tPaVCjCOZHPpRYp1XNm0r2SVavv8SdzAnYfO5QAZS6EH2AfUXUPxjPz56acX946YsbBAn1vNURdZW9gQ0ia8TNNVIloqDADHEm6Y7FG0SjmOTUm8TKwrxDkS9HVCTJFQC8dZHTv7Sol8QPryhQT7PFB
IP 178.250.0.160:0
GET /delivery/lg.php?cppv=3&cpp=ac_AcpJQosmtLdw2GZ5AHCqbDWi0y0aX5MAflz8Ss0B9FQnge2fKuxTUecBFSndFZG6oeMgdCJ6bR0Uar4PpujXmsELQrPaZunl7uVeQ7pmlYkIqwJlom4K9kroOW5D5egPEglF7QRDBf3iyzxw0skow6EZ_F58RUQI7akFBAYdIA1rqdNwoK82EfZc5ZCyByCmSq9DaKLN3SFA_PbZMt5SY5eIRoYV5XyAxyfC-ehsU4CtKtZamuItvTwpsGp2cD_jFFtgRsn0r0s_q0Ex2p4pZ-tPaVCjCOZHPpRYp1XNm0r2SVavv8SdzAnYfO5QAZS6EH2AfUXUPxjPz56acX946YsbBAn1vNURdZW9gQ0ia8TNNVIloqDADHEm6Y7FG0SjmOTUm8TKwrxDkS9HVCTJFQC8dZHTv7Sol8QPryhQT7PFB HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 23:36:12 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2615524
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638d2eee02fd6ea79fbb9ab9f4f8cbeb
37.157.5.141302 Found 0 B URL HTTP/2 a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638d2eee02fd6ea79fbb9ab9f4f8cbeb
IP 37.157.5.141:0
GET /adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=638d2eee02fd6ea79fbb9ab9f4f8cbeb HTTP/1.1
Host: a1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 23:36:15 GMT
content-type: text/html; charset=utf-8
location: https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=68347&adfrmid=0
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
media.boomads.com/images/offer/strategy-plaza-20221011074814694.jpg
83.66.162.75200 OK 0 B URL HTTP/1.1 media.boomads.com/images/offer/strategy-plaza-20221011074814694.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
GET /images/offer/strategy-plaza-20221011074814694.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 16:16:52 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"af848cad8f4d81:0"
Content-Type: image/jpeg
Last-Modified: Thu, 10 Nov 2022 07:48:14 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 379117
media.boomads.com/images/offer/messi-campaign-20222910072716532.png
83.66.162.75200 OK 0 B URL HTTP/1.1 media.boomads.com/images/offer/messi-campaign-20222910072716532.png
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
GET /images/offer/messi-campaign-20222910072716532.png HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 08:24:49 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"7f3927df67ebd81:0"
Content-Type: image/png
Last-Modified: Sat, 29 Oct 2022 07:27:16 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 121729