dusunmekvepaylasmak.blogspot.hu/search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r
142.250.74.1302 Moved Temporarily 218 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.hu/search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f6f54a7eee05a39caa854113832c03c5
8fac9a456c0d3b8894936e373b31353c1c562ed8
d3f4a307d3b6d8086acd3156130d927a2e6041b2dd56183acc94ce2e125c0efe
Analyzer Verdict Alert fortinet Malware
GET /search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.hu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://dusunmekvepaylasmak.blogspot.com/search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 27 Feb 2023 19:48:03 GMT
Expires: Mon, 27 Feb 2023 19:48:03 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 218
Server: GSE
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 666c7f3c3342b2fdca31a2355ee20bea
09bd5cbacba34412f5fff9d44f97e46c8c76d001
cb3a380fc71bc65dfde35069f0fc441400974afcf28c0fbb6fec8f41e16f70c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB3A380FC71BC65DFDE35069F0FC441400974AFCF28C0FBB6FEC8F41E16F70C8"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8922
Expires: Mon, 27 Feb 2023 22:16:45 GMT
Date: Mon, 27 Feb 2023 19:48:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bc3cacbc6c565bf2955b507302b8fb41
7b773e19aff1d4904cec328c456513e80f917ba4
b45c582b42efef5e8bd5744333a137f13e94a93cafbaace39b36cfa1eeb041bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B45C582B42EFEF5E8BD5744333A137F13E94A93CAFBAACE39B36CFA1EEB041BD"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9678
Expires: Mon, 27 Feb 2023 22:29:21 GMT
Date: Mon, 27 Feb 2023 19:48:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 29cfccb9238759ed21dbb0d92cae75f8
f41ad1b02e353cd2b33af7618c71cc16fae2886e
91e392e78e584e8a82762dab0d5615aa1af3893237d601db3d45bb6fad488580
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91E392E78E584E8A82762DAB0D5615AA1AF3893237D601DB3D45BB6FAD488580"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11320
Expires: Mon, 27 Feb 2023 22:56:43 GMT
Date: Mon, 27 Feb 2023 19:48:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Feb 2023 19:07:58 GMT
content-type: application/json
age: 2405
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Cr90AHdfWYO3BZno9Gi1JlJwlq5PHDfVfsEv9v/qrZNoHoiFpr67pQhuo2004wUjXDzeImH44Ko=
x-amz-request-id: 0EEN0JZGN5JR1WP7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Feb 2023 19:14:15 GMT
age: 2028
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Feb 2023 19:48:03 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.com/search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r
142.250.74.1301 Moved Permanently 219 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8f0952741a1818fc4b8f7e56e21ec274
f2b0434e12a4099b6173e51741bb8438220ae322
1d6f0d6b93e2bc0811170529776b2be81b3de743a574166a23691f276c8accfb
Analyzer Verdict Alert fortinet Malware
GET /search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 27 Feb 2023 19:48:03 GMT
Expires: Mon, 27 Feb 2023 19:48:03 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 219
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Cache-Control, Backoff, Pragma, Expires, Last-Modified, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Feb 2023 19:12:25 GMT
age: 2138
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b2123cf59eb36162c254a9d66fec350e
545c5cb09302c3f0017f3019a70ffe6201d7d284
e2aa0d3edc26e7bd3ea9bcde09542128ac97436ecd6060488fff24bb6f47bb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 85cbb48f071581b644dd200623699bd6
0c9d7c3ca38562a97a4a6af3fb96f68982027594
d83caa4c6791e3b475a8ae8c255b84dc0bf0a8d06b65e5e6195af4f66e47eb86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D83CAA4C6791E3B475A8AE8C255B84DC0BF0A8D06B65E5E6195AF4F66E47EB86"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8832
Expires: Mon, 27 Feb 2023 22:15:16 GMT
Date: Mon, 27 Feb 2023 19:48:04 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kQ08yFkKGw9c6hzm0GAeaw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jeqTJtgVQlsIUXv7ZamD3R9ZIpk=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5d5cf3f527452c87e71b812f75d18aff
e5c41bc319d5831248d3b855ceedf0f9fcede64b
f6a19fa64c95712fdbcf654cc999a244f79fb0dc38b66745a08afad747f9e69c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6A19FA64C95712FDBCF654CC999A244F79FB0DC38B66745A08AFAD747F9E69C"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3364
Expires: Mon, 27 Feb 2023 20:44:09 GMT
Date: Mon, 27 Feb 2023 19:48:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5d5cf3f527452c87e71b812f75d18aff
e5c41bc319d5831248d3b855ceedf0f9fcede64b
f6a19fa64c95712fdbcf654cc999a244f79fb0dc38b66745a08afad747f9e69c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6A19FA64C95712FDBCF654CC999A244F79FB0DC38B66745A08AFAD747F9E69C"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3364
Expires: Mon, 27 Feb 2023 20:44:09 GMT
Date: Mon, 27 Feb 2023 19:48:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5d5cf3f527452c87e71b812f75d18aff
e5c41bc319d5831248d3b855ceedf0f9fcede64b
f6a19fa64c95712fdbcf654cc999a244f79fb0dc38b66745a08afad747f9e69c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6A19FA64C95712FDBCF654CC999A244F79FB0DC38B66745A08AFAD747F9E69C"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3364
Expires: Mon, 27 Feb 2023 20:44:09 GMT
Date: Mon, 27 Feb 2023 19:48:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5d5cf3f527452c87e71b812f75d18aff
e5c41bc319d5831248d3b855ceedf0f9fcede64b
f6a19fa64c95712fdbcf654cc999a244f79fb0dc38b66745a08afad747f9e69c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6A19FA64C95712FDBCF654CC999A244F79FB0DC38B66745A08AFAD747F9E69C"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3364
Expires: Mon, 27 Feb 2023 20:44:09 GMT
Date: Mon, 27 Feb 2023 19:48:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5d5cf3f527452c87e71b812f75d18aff
e5c41bc319d5831248d3b855ceedf0f9fcede64b
f6a19fa64c95712fdbcf654cc999a244f79fb0dc38b66745a08afad747f9e69c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6A19FA64C95712FDBCF654CC999A244F79FB0DC38B66745A08AFAD747F9E69C"
Last-Modified: Sat, 25 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3364
Expires: Mon, 27 Feb 2023 20:44:09 GMT
Date: Mon, 27 Feb 2023 19:48:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9dec12-5dfe-426d-81c1-b448af7d92a4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9dec12-5dfe-426d-81c1-b448af7d92a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0cba5c9e3e07db2f8dbdcb15ae7d352
d4cb67ae7d5eebe92b5149b56123b792c62bf916
440fa87101c072f931a38f2cfa08e39de26627333eca9a5fcf126d19cb636248
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9dec12-5dfe-426d-81c1-b448af7d92a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10922
x-amzn-requestid: 7570e40d-8924-4bec-bbfa-ec21196d61fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6k-VGr4oAMFfYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa81f5-778dfbbb6c0aeadb56585d14;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:47:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: e8en3cV4BUz7VqP8Jn9eULtgoPzDSsMEuYTqmVFMp4GopPpudy-ZoA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 22:26:00 GMT
age: 76925
etag: "d4cb67ae7d5eebe92b5149b56123b792c62bf916"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S8s54RJtScNtsl6uEFtBEHnTj4lb3l5xIWR96Kvr_SdwQQQMgSKNxA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 21:34:59 GMT
age: 79986
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec402fde-1c7d-4dbd-8447-addb3a661518.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec402fde-1c7d-4dbd-8447-addb3a661518.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffb8f5b4089baa7b82374b8fbe70ebe0
02facc492b9e6cd658e0cca772d302a881c1d99c
7f98075dee46110a3095e3c9821748846cb21167cfbdd835a9108f53f1306dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec402fde-1c7d-4dbd-8447-addb3a661518.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7926
x-amzn-requestid: afce3b0b-4fac-4c22-8557-604cb33a3b2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A0umGFmWoAMFjaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f82af3-34d2c99729dcd2a9591b6ef2;Sampled=0
x-amzn-remapped-date: Fri, 24 Feb 2023 03:11:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oMkeYQyU0a_ItGOMCRMMZ9PKMeJRzGUW-bzBhXip84Hg7UjtgqEKxw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 02:01:17 GMT
age: 64008
etag: "02facc492b9e6cd658e0cca772d302a881c1d99c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 32d08a3dc7c1e88313f487d74babdfe5
12f4693c36cb8980a5c740b735b7cf64542734e4
ae717a6760a0a6c179b950643eb3590c0ab5ec6cf159061246c6e8fc38a7ae89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F016462a1-fadc-4180-93f8-995cab0e1395.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: bd3ecc5c-1efc-4589-8789-48693fbfa6d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A6i2sGKkIAMFXtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fa7e90-7acdeb5b05f8bcf726309125;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 21:33:04 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: HFY94AdT51Cd3ZNITvsFjM5d4sNDYYuDns7lZsGEZJVK7SWaUYOp2Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 22:03:07 GMT
age: 78298
etag: "12f4693c36cb8980a5c740b735b7cf64542734e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20aa394-e9e1-42e1-bfe2-87bf5f21211a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20aa394-e9e1-42e1-bfe2-87bf5f21211a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acdc95cb094faaa1bc8de6466e534d82
3e66ae8d704653a3a3b60423256bd99175e75fe7
153bf472aa6f75d30c321bb77014bb7126113cf7529af9f91327592887d34ead
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20aa394-e9e1-42e1-bfe2-87bf5f21211a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10875
x-amzn-requestid: e1a6aa11-ddea-4ace-a51d-2274d999bf9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A91zIEfnIAMFi8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbd013-1bbce6907a7bce643bb8cffa;Sampled=0
x-amzn-remapped-date: Sun, 26 Feb 2023 21:33:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: R3HyxH9gwESC5TNs5fwFU-G06xWfU3oCZvTUiln7PEH-WY-vt1z_fw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 21:52:32 GMT
age: 78933
etag: "3e66ae8d704653a3a3b60423256bd99175e75fe7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ddd461-0486-4e4d-b696-2371823c5e14.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ddd461-0486-4e4d-b696-2371823c5e14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c032cec1a16da61168946d24f7cf5fab
19bdee3d97ef45fcf316537eba10d29e68f4809c
cd123878e4c4464610fef1cdb2e40409e1c03473954f63b6dd044bfbcf73f07b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ddd461-0486-4e4d-b696-2371823c5e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7645
x-amzn-requestid: 5705420a-44e3-4719-8595-620696e29f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A92ihFxwIAMFfAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbd143-3529246d52399e377b565ddf;Sampled=0
x-amzn-remapped-date: Sun, 26 Feb 2023 21:38:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Kcu85Bm5HY3n0KPxdKppTiQZuIBffD11WsUlJWBV3JO-om0R1s6n9A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1f41b5f27f3ec2e93db2155dbc56900c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Feb 2023 21:43:20 GMT
age: 79485
etag: "19bdee3d97ef45fcf316537eba10d29e68f4809c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b2123cf59eb36162c254a9d66fec350e
545c5cb09302c3f0017f3019a70ffe6201d7d284
e2aa0d3edc26e7bd3ea9bcde09542128ac97436ecd6060488fff24bb6f47bb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 998988a55843efcacaf19ad7a8834cc5
2ae49743a0fbbbb8bce1c144a553f0e7b9893f6d
694758e1ee0c03ed0feb732e6656e89c63f13e861cd94f68b9cb925579ec61dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b2ffc9a96adf221d32379861c71882a5
c658e2f09fd511b44cff41f22288b7940f52789b
344a5c0709897a8d63161912d29eab016ae6049691a48f6cd4909622ee00a64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Feb 2023 11:17:19 GMT
expires: Sat, 24 Feb 2024 11:17:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 23 Feb 2023 05:52:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 289847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b2ffc9a96adf221d32379861c71882a5
c658e2f09fd511b44cff41f22288b7940f52789b
344a5c0709897a8d63161912d29eab016ae6049691a48f6cd4909622ee00a64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6b1e856a0ebbdc1a22b0a9253398f992
e712ead8041d97b860f587501f7ba13d3e29cf53
937f7555179a0dcbab6da37e4e31598853e25e7dfd52edb1ea9a3f24611c779e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-19531429-2
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2
IP 172.217.21.168:0
File type ASCII text, with very long lines (2206)
Hash 9d4cacfb86dd69bc57d26dd74be2c0ee
9c90e8e3e24def117e91df594465714b1156b9bf
fc88b422efb6776dd96116a946b28e625742724c0338d842b5cbedadd06b1f28
GET /gtag/js?id=UA-19531429-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Feb 2023 19:48:06 GMT
expires: Mon, 27 Feb 2023 19:48:06 GMT
cache-control: private, max-age=900
last-modified: Mon, 27 Feb 2023 18:33:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44526
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2267c41ae33ba19dc2746e635fb3a4ce
1708d26622ef73a72ae428ce3c0982f8741e54d9
9947507f3d7299e256ad9b9fa2b06482e23de4108bcdb314b3c7f140d26e6ab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-20442478-1
172.217.21.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (2206)
Hash 17fd9a9fd471d929a2dcc80bb6a69c18
65198c12d545718a8f817082f234c417256795f2
731230ac53e2741beb1727a6b8cee245df880cfeefa796516d7d8b3be539e94f
GET /gtag/js?id=UA-20442478-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Feb 2023 19:48:06 GMT
expires: Mon, 27 Feb 2023 19:48:06 GMT
cache-control: private, max-age=900
last-modified: Mon, 27 Feb 2023 18:33:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44551
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/_FfC0Fw3HxcE/TRmv4yvn5pI/AAAAAAAAAGQ/L1stnGRlo_g/w72-h72-p-k-no-nu/image001.jpg
142.250.74.161200 OK 2.4 kB URL HTTP/2 2.bp.blogspot.com/_FfC0Fw3HxcE/TRmv4yvn5pI/AAAAAAAAAGQ/L1stnGRlo_g/w72-h72-p-k-no-nu/image001.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6b0ea6f9b291a48563dfd27ad47a125f
a5fc91df270bb7180d24f4788df9b64558da3f72
a671dd45481ebd9438d066a997f9596cb48848245f9ff6fbd8d1259d6a16f77b
GET /_FfC0Fw3HxcE/TRmv4yvn5pI/AAAAAAAAAGQ/L1stnGRlo_g/w72-h72-p-k-no-nu/image001.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v64"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image001.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 2427
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 13f4d5ed1bb94cbd6d65c687b9c81868
f3e7a9795c675e58ad3ac26fb2ccef10c0663046
7d6de7212228304b4178ad6bf6428e23ea35ff96ee88c5f155ab7b6031a13b51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
142.250.74.161200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7d8d"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 6242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 73c056210d6b989e83a91df8f789189c
bdd7a0c7f1f14ab2eadc37d007454f01df5dc96a
5157277b9dde27a638a2b6f623dfee4eaf3285b55418363126193189cf3f8770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
216.58.207.202200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Feb 2023 15:38:31 GMT
expires: Mon, 26 Feb 2024 15:38:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 101375
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7fdb"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 4484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 718d8461b92c60e26e811bce711669cb
b4d8ecfff5a89277ab38bb3bd506a5c5a6cf2f56
da094dcb9803f7c366035f5d229e71dd4267cb7ea622c103662ed4443d77b8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
216.58.207.238200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Mon, 27 Feb 2023 19:48:06 GMT
expires: Mon, 27 Feb 2023 19:48:06 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b2ffc9a96adf221d32379861c71882a5
c658e2f09fd511b44cff41f22288b7940f52789b
344a5c0709897a8d63161912d29eab016ae6049691a48f6cd4909622ee00a64d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/w72-h72-p-k-no-nu/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/2 1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/w72-h72-p-k-no-nu/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5cf7717aba7dd52efb82cbf3a006c59a
655a4b701e32a0220b9c3327b9ca4e20550036e6
a71c5276f8b5977d56f7e7249c2f89828eab6442853f6d5e30c5a5e1263dde53
GET /-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/w72-h72-p-k-no-nu/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 3763
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-DUrbvuerhTQ/WG8TzRXJtoI/AAAAAAAAcyY/SR2NpILKdtsq5IIFBt8SWoKTy_uXZPTPgCLcB/w72-h72-p-k-no-nu/windows_10-dns-ayar_nasil_degisir.png
142.250.74.161200 OK 7.7 kB URL HTTP/2 1.bp.blogspot.com/-DUrbvuerhTQ/WG8TzRXJtoI/AAAAAAAAcyY/SR2NpILKdtsq5IIFBt8SWoKTy_uXZPTPgCLcB/w72-h72-p-k-no-nu/windows_10-dns-ayar_nasil_degisir.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 56e68598515d5c7f6486f7f6bb609cd5
0c67a948a42c0c09e252740ffc2c8ee0c6f5beab
d3df298599c6bc8a77c304a2a3fa12185980780f7db9ef35132ee9649195230a
GET /-DUrbvuerhTQ/WG8TzRXJtoI/AAAAAAAAcyY/SR2NpILKdtsq5IIFBt8SWoKTy_uXZPTPgCLcB/w72-h72-p-k-no-nu/windows_10-dns-ayar_nasil_degisir.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="windows_10-dns-ayar_nasil_degisir.png"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 7749
x-xss-protection: 0
date: Mon, 27 Feb 2023 19:48:06 GMT
expires: Sat, 25 Feb 2023 19:37:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7329"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.com/search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r
142.250.74.1200 OK 121 kB URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (526)
Size 121 kB (120880 bytes)
Hash dd733897caad734e376e6fd25f26bf9f
30c1035eef8cab285da3d8236bff08d9d94b1225
fbeea056c68352f4faa570e1b3449fd6e8c9a75936eb49c8d925d109f31b9a03
Analyzer Verdict Alert fortinet Malware
GET /search/label/fare%20nas%C4%B1l%20yakalan%C4%B1r HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 27 Feb 2023 19:48:06 GMT
date: Mon, 27 Feb 2023 19:48:06 GMT
cache-control: private, max-age=0
last-modified: Sun, 12 Feb 2023 16:02:19 GMT
etag: W/"c55f17209c5493a7ee9ddc504df3e67291ad1ca6d3df5e2fe2b5f0c632d85717"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 120880
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
142.250.74.161200 OK 11 kB URL HTTP/2 1.bp.blogspot.com/-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 279edb5b823b4f55f7c83479a93225e3
01356acda7ff0acedb0051e71745fee61d67f62c
3935368604f5e255ee391a2f871167446fce3ed81b1df1fc7474b8e9cd358f17
GET /-kUiaHahkxD0/XfVN3K8_XvI/AAAAAAABN3Q/TA5Ta0QzxWsctxrq5tWNR47rcDEBxC3ewCLcBGAsYHQ/w72-h72-p-k-no-nu/sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_ya%25C5%259Fam_sa%25C4%259Fl%25C4%25B1kl%25C4%25B1_beslenme.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v13776"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="sa_l_kl__ya_am_sa_l_kl__beslenme.png";filename*=UTF-8''sa%C4%9Fl%C4%B1kl%C4%B1_ya%C5%9Fam_sa%C4%9Fl%C4%B1kl%C4%B1_beslenme.png
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 10679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
142.250.74.161200 OK 5.4 kB URL HTTP/2 3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9b4a4815a20ad6bb3a6dd27fb3600afa
22e844b7367d4fb4bc6ed871e32dd56c4ffd5acf
2dcebf6fe49227b8060f919ae690f566bf41570629399ad29e4cf9cc1827bdaa
GET /-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v9158"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dort_buyuk_melek.JPG"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 5409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2267c41ae33ba19dc2746e635fb3a4ce
1708d26622ef73a72ae428ce3c0982f8741e54d9
9947507f3d7299e256ad9b9fa2b06482e23de4108bcdb314b3c7f140d26e6ab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 2.bp.blogspot.com/-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3feda69b54a7382821cea05719fd60f7
38c4c734a116c904aef9b12dee521f2d231dd1da
bc791c45c72bbb86a69ba1d4463e82b7cde6cb1f849606740e9ab1f8743c09ec
GET /-9qcp8ikE9qo/UeK13fWU81I/AAAAAAAAHZY/tkvLjLo_sps/s72-c/turkcell_vinn_3g_modem_ayarlari.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="turkcell_vinn_3g_modem_ayarlari.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 2162
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6b1e856a0ebbdc1a22b0a9253398f992
e712ead8041d97b860f587501f7ba13d3e29cf53
937f7555179a0dcbab6da37e4e31598853e25e7dfd52edb1ea9a3f24611c779e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
104.18.10.207200 OK 56 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (28596)
Hash 57aeb9d17e910309e07029242ff64f40
e0a538e74d77c22b8ff06c36635f46c1bb1baf7c
3139b088c21c53faa6d7b80af06c68361ebf42206a741b1a2c514d574f99446f
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Feb 2023 19:48:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-03 22:46:19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b43941af4bb8e32ed6d04a6a37617f28
cdn-cache: HIT
cf-cache-status: HIT
age: 3426033
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a036fa3cf83b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
3.bp.blogspot.com/-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg
142.250.74.161200 OK 6.3 kB URL HTTP/2 3.bp.blogspot.com/-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 425231c8fe8e77bdff8aec15f1d48354
1284a6adf99fc6e901ad2d7cd48ad8fc155b3190
6ff8f3e8fc1254ddff62c5e3ca84aae62d0edad1afbb087c51c941887e33c9b0
GET /-pDbaztqQK9c/TvsCMQBjIXI/AAAAAAAACEI/yDMnjfNyEhM/s72-c/cicek_leylak-cicek_resimleri.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v842"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="cicek_leylak-cicek_resimleri.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 6296
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg
142.250.74.161200 OK 3.4 kB URL HTTP/2 1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1122177369c440f76d151b7a4edfa980
44eaed05623ad05aff05e00c3d9b2a5ff4a8335d
373a198f79ff7304371ba901dacb92918e05808978932388a2e727fcc6e70617
GET /-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/s72-c/10_aralik_insan_haklari_gunu.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1fe3"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10_aralik_insan_haklari_gunu.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 3365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fde3aa1cd0e46c45ac48502f6b20c716
39e52782b5f3a1fb76d13edd15579be979e42206
97978e61fc8887a76100c363c9c850fa9cac48dcb1330170ac7e8115fdf4092d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fde3aa1cd0e46c45ac48502f6b20c716
39e52782b5f3a1fb76d13edd15579be979e42206
97978e61fc8887a76100c363c9c850fa9cac48dcb1330170ac7e8115fdf4092d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
142.250.74.161200 OK 3.9 kB URL HTTP/2 1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f91fb184622c776de69f08e56b12601c
5800b6197cc43faa89c793e1aafe440e1da702d0
9056fe9741c4a058dc1111aac665ca879e406cdf4b44ac0f4fd64ebb7912202d
GET /-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/s72-c/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v71fc"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 3855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.74200 OK 10 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.74:0
Hash 93bcaff68bab37a1d4115509ce9f6812
6219776f601e9a0a6527d75adba5a48252973b63
d429a81b66c2aea6c7827a16dc80dd62d17d76334a614e98e7a2e96877398572
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 27 Feb 2023 19:48:06 GMT
date: Mon, 27 Feb 2023 19:48:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
216.58.207.238200 OK 33 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP 216.58.207.238:0
File type ASCII text, with very long lines (1448)
Hash c670bba0fa340185c44b3fac93e00cae
021879412d3f8abaccdcff865b854b921eb8ec55
ac11ab0c58130b4efaf12471b158b7c98163de532aeaf2a5417f4eee51d8f333
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 32813
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Feb 2023 10:09:59 GMT
expires: Mon, 26 Feb 2024 10:09:59 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 121087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg
142.250.74.97200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 330b9498ebf6bf12a2936236806e5353
e5e24e253fb29071dfbc0c37c84496916d3332fe
df55bb1bcafba9089dc6151fad702e33275fb88ce87d59df46e7a501a0ad4a37
GET /-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="20050923.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4140
x-xss-protection: 0
date: Mon, 27 Feb 2023 18:47:32 GMT
expires: Sat, 25 Feb 2023 19:37:34 GMT
cache-control: public, max-age=86400, no-transform
age: 3634
etag: "v1c5"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 37075758f2dac3c047d883c969abeaf0
ec7e33ca003d29f0511a315ef78adb7e11099c8c
c45467844b92be111e09390247c39f7763244d2ec9ff40d27694978d60767a8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
142.250.74.161200 OK 4.1 kB URL HTTP/2 1.bp.blogspot.com/_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6d50be519c80191ee9043c30938eb53c
5c764bc1ae85cca9936117ea0ec1ca7de8989a28
58c82626ef5bbae4f1cbc39e7df75682d1d9c678cf2a2d0e4b280779d5b5089c
GET /_FfC0Fw3HxcE/TRuVpWVZpJI/AAAAAAAAAJY/sPqn6idlbLw/s72-c/kosgeb.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v96"
expires: Tue, 28 Feb 2023 19:48:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kosgeb.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 19:48:06 GMT
server: fife
content-length: 4100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 37075758f2dac3c047d883c969abeaf0
ec7e33ca003d29f0511a315ef78adb7e11099c8c
c45467844b92be111e09390247c39f7763244d2ec9ff40d27694978d60767a8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1be805f5f157120fc14f26487dc269b5
d1514812c38c9be968883fe2634a34918e98048e
8c94e6e92f7e34c279e6fbd36d926cd147c653484206ecf68dacd1a0660569fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116332 bytes)
Hash c8d737e60bdacba7881311502080326f
dd80ca62ff99c01e84b9821ed22256c65870f3e5
0a2920847187f38e6f526a7e7eb20ec40fb7f37f56338de0c5e0e757f73ca8cc
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116332
date: Mon, 27 Feb 2023 19:48:06 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 718d8461b92c60e26e811bce711669cb
b4d8ecfff5a89277ab38bb3bd506a5c5a6cf2f56
da094dcb9803f7c366035f5d229e71dd4267cb7ea622c103662ed4443d77b8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 558ba056bf23a0799ff7c31ddfc63907
77faec7acf2e7ae0addfced95703428e7bb003d8
71a184f74e92890736814d4266e9e1845f06e0031b7495f5302ac93e279847d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205)
Hash bad17ab9662318e8927e5009c83c2ad1
53ded630f95abe04b7b77d43076bf71b9ea71c02
68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260
GET /pagead/html/r20230223/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4549
x-xss-protection: 0
date: Sun, 26 Feb 2023 20:38:27 GMT
expires: Sun, 12 Mar 2023 20:38:27 GMT
cache-control: public, max-age=1209600
age: 83379
etag: 2378337311435320485
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 02:42:37 GMT
expires: Wed, 21 Feb 2024 02:42:37 GMT
cache-control: public, max-age=31536000
age: 579929
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 481574360a2877540ee47a3ae4ffeb85
0e81c8f5547c98e9c6e7d6b7e453eeff3040867d
9e813b4013f85651fe2fd1ea448e0ddca11d2c4b516518b5256362d069714916
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Fri, 03 Mar 2023 19:15:29 GMT
ETag: "0e81c8f5547c98e9c6e7d6b7e453eeff3040867d"
Last-Modified: Mon, 27 Feb 2023 19:15:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 27 Feb 2023 19:48:06 GMT
Age: 1956
X-Served-By: cache-qpg1241-QPG, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1677527287.950989,VS0,VE2
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 481574360a2877540ee47a3ae4ffeb85
0e81c8f5547c98e9c6e7d6b7e453eeff3040867d
9e813b4013f85651fe2fd1ea448e0ddca11d2c4b516518b5256362d069714916
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Fri, 03 Mar 2023 19:15:29 GMT
ETag: "0e81c8f5547c98e9c6e7d6b7e453eeff3040867d"
Last-Modified: Mon, 27 Feb 2023 19:15:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 27 Feb 2023 19:48:06 GMT
Age: 1956
X-Served-By: cache-qpg1241-QPG, cache-bma1676-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1677527287.752202,VS0,VE191
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.35200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 14:34:21 GMT
expires: Fri, 23 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 364425
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
142.250.74.35200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 21:56:43 GMT
expires: Thu, 22 Feb 2024 21:56:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
age: 424283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Hash 0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 12:57:52 GMT
expires: Thu, 22 Feb 2024 12:57:52 GMT
cache-control: public, max-age=31536000
age: 456615
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.rollercoin.com/static/img/ref/gen2/w160h600.gif
104.26.14.99200 OK 280 kB URL HTTP/2 static.rollercoin.com/static/img/ref/gen2/w160h600.gif
IP 104.26.14.99:0
File type GIF image data, version 89a, 160 x 600\012- data
Size 280 kB (279535 bytes)
Hash f7ebe601cd03f5ff0728bc5deee504d1
fbb6122a673bdd0cdc0dea9701007b7a2ca44148
1cfb0e0282f23b87e38a716bd20b5d8ae545e20a8e866886b99363d38ef6e2f5
GET /static/img/ref/gen2/w160h600.gif HTTP/1.1
Host: static.rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Feb 2023 19:48:07 GMT
content-type: image/gif
content-length: 279535
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=323815, status=vary_header_present
etag: "48a59acf42541b23d2b554a963decea6"
last-modified: Thu, 19 Jan 2023 11:51:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx0000000000000e8205215-0063c973dc-5193d7f2-nyc3c
x-rgw-object-type: Normal
cache-control: max-age=1382400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCGsT8qq65XMwzhMtjxds276Ib69F719vAhaooaMjWiKqFVWcZg1BI0YVFKX9RggeKH68iImKnW3c%2FcIMDDP9oAnjnrnjIIXiaL6NIsaQzq08f9Csr5Aqv5d8znGJwWJL%2BwHToogPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a036fa6d9b0b500-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 12:07:30 GMT
expires: Fri, 23 Feb 2024 12:07:30 GMT
cache-control: public, max-age=31536000
age: 373237
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fde3aa1cd0e46c45ac48502f6b20c716
39e52782b5f3a1fb76d13edd15579be979e42206
97978e61fc8887a76100c363c9c850fa9cac48dcb1330170ac7e8115fdf4092d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 5
Date: Mon, 27 Feb 2023 19:48:03 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 5
Date: Mon, 27 Feb 2023 19:48:03 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
www.youtube.com/s/player/9419f2ea/www-player.css
142.250.74.14200 OK 52 kB URL HTTP/2 www.youtube.com/s/player/9419f2ea/www-player.css
IP 142.250.74.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b885c7f53e3588fd2e91997ab700ab1f
b3ce441b0a5560a70e74dc0377c4a08acda17dc2
73f7f3db6c7622dabd91efd46daae12237882a1b31e0cff78d621511ab9e9c39
GET /s/player/9419f2ea/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=QFUERukMlyo; VISITOR_INFO1_LIVE=pUcWR2OgbHU; DEVICE_INFO=ChxOekl3TkRreU5EZ3pNalE0TmpFMU5UZzVOQT09EPaR9J8GGPaR9J8G
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 52120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Feb 2023 18:32:09 GMT
expires: Tue, 27 Feb 2024 18:32:09 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 4558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 21:48:03 GMT
expires: Fri, 23 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 338404
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 17:56:42 GMT
expires: Fri, 23 Feb 2024 17:56:42 GMT
cache-control: public, max-age=31536000
age: 352285
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
142.250.74.14200 OK 111 kB URL HTTP/2 www.youtube.com/s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (679)
Size 111 kB (110661 bytes)
Hash e1ad280cc8fbea9a4a55ac06c38da75a
11ba9565695d1bde63487cdfc8a2dcfafc273690
f807944f58de1229b9f80ab421e5bfd95f2e7ac205cfe7aeb1b1c3d7e49f352f
GET /s/player/9419f2ea/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=QFUERukMlyo; VISITOR_INFO1_LIVE=pUcWR2OgbHU; DEVICE_INFO=ChxOekl3TkRreU5EZ3pNalE0TmpFMU5UZzVOQT09EPaR9J8GGPaR9J8G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 110661
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Feb 2023 08:47:11 GMT
expires: Tue, 27 Feb 2024 08:47:11 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 39656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 558ba056bf23a0799ff7c31ddfc63907
77faec7acf2e7ae0addfced95703428e7bb003d8
71a184f74e92890736814d4266e9e1845f06e0031b7495f5302ac93e279847d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/9419f2ea/player_ias.vflset/en_US/base.js
142.250.74.14200 OK 616 kB URL HTTP/2 www.youtube.com/s/player/9419f2ea/player_ias.vflset/en_US/base.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (517)
Size 616 kB (615488 bytes)
Hash 41b986081eed081f248a34cba94f17d0
f4772ff54b682af167d0d4cbb95e25c4e2e95361
07fbff013fbd87d8753ee97715cc7fe8a895927f6bb83b3457bdef40413c17b2
GET /s/player/9419f2ea/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=QFUERukMlyo; VISITOR_INFO1_LIVE=pUcWR2OgbHU; DEVICE_INFO=ChxOekl3TkRreU5EZ3pNalE0TmpFMU5UZzVOQT09EPaR9J8GGPaR9J8G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 615488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Feb 2023 11:36:26 GMT
expires: Tue, 27 Feb 2024 11:36:26 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 29501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.14200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/9419f2ea/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.14:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/9419f2ea/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mOjEYeiPxNc
Cookie: YSC=QFUERukMlyo; VISITOR_INFO1_LIVE=pUcWR2OgbHU; DEVICE_INFO=ChxOekl3TkRreU5EZ3pNalE0TmpFMU5UZzVOQT09EPaR9J8GGPaR9J8G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Feb 2023 10:48:56 GMT
expires: Tue, 27 Feb 2024 10:48:56 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Feb 2023 01:53:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 32351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/mOjEYeiPxNc
142.250.74.14200 OK 47 kB URL HTTP/2 www.youtube.com/embed/mOjEYeiPxNc
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58626)
Hash 945d182e24f735153ccf8d52bb42d16c
68cc5a436d9b56cbd855bb94762f3e57544c0c0d
ae8fd3a4458939f73b75b1786ce2c2ba4156af42cd553d802cdb5354cfc409f7
GET /embed/mOjEYeiPxNc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Feb 2023 19:48:06 GMT
strict-transport-security: max-age=31536000
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'nonce-KG44eep2R4iMV-TnDYi7_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=QFUERukMlyo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=pUcWR2OgbHU; Domain=.youtube.com; Expires=Sat, 26-Aug-2023 19:48:06 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TkRreU5EZ3pNalE0TmpFMU5UZzVOQT09EPaR9J8GGPaR9J8G; Domain=.youtube.com; Expires=Sat, 26-Aug-2023 19:48:06 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+198; expires=Wed, 26-Feb-2025 19:48:06 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=e0oykhjzzipvnpdki2or2cn5; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Tue, 28-Feb-2023 20:48:03 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Mon, 27 Feb 2023 19:48:03 GMT
Content-Length: 318
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dea261fad69caccb3c9405cccbb5c6f8
d88970d75d6852fd9f74c8256c0a4db548261353
b3e9f16cc869cb7c56171ae74f3290154c230fee2b72bd9aef82d1c9602d02e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f05f2c7fdc02ed684ef75ba4d66ad0f
34c4592d68ad95d828840ef77b41e5292d684d63
1c1f4ded92091983e6472d5c609868ac53930995433a5ffab80873d61bdc748b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 94b4c363db9681ee626f55eb3f17ac82
20ebb1e8d6e7d7fc97eab4e2da67f6d863ed5067
4bbf23ecf6c9fef7f66ce653873261ace2fc38b287919891ee03c78e9ab0e507
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029
216.58.207.226200 OK 252 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash bfec11428bb5b099e636f2960dad9a1c
1f45eae2616b213d2fd5fb365fec908f880b4233
8a2e21fd8c01259000ea04b17015b67dd57bb0b95dd207c83862f4019ebc52fd
GET /gampad/cookie.js?domain=dusunmekvepaylasmak.blogspot.com&callback=_gfp_s_&client=ca-pub-7309845525285029 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 27 Feb 2023 19:48:07 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 27 Feb 2023 19:48:07 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 463 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash 1c6227c8921c242f3182a167a50510d0
92a14423ce3b47acd82422037f06fd58a6c2d4fb
7e764a2048862615491003be7b4c2507b877efdad3768db248057d4bb23b983a
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Feb 2023 19:48:07 GMT
location: https://www.blogger.com/followers.g?blogID=5726965044016880204&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-lMz2S3M5RYGhtnqsKh90Rw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 463
server: GSE
set-cookie: __Host-GAPS=1:h0H67rHf2tYp2Wds_RaWdhsOc5t_5w:M8tCHWcVAV0CUszP;Path=/;Expires=Wed, 26-Feb-2025 19:48:07 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f05f2c7fdc02ed684ef75ba4d66ad0f
34c4592d68ad95d828840ef77b41e5292d684d63
1c1f4ded92091983e6472d5c609868ac53930995433a5ffab80873d61bdc748b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a17007fed696aebbe6ae7d3ddc2cd207
5cb7ca42b7e255d8d77f0c66c1ba4ccd5fb8ff22
91547936ee53a723b7898deb882bf8eb908f4cf36ac1cf7acc2800f206e3b3ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4170048a1c619fdfb21bf6d8f8b881ee
0412911e1cbb2fde06170ac958f4b044964b5038
67959b2bd6c8b11c8f82bccebcbb9e49e0b2eb7d269c4012f40efda92270110b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.102200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.102:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Feb 2023 19:34:40 GMT
expires: Mon, 27 Feb 2023 19:49:40 GMT
cache-control: public, max-age=900
age: 808
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4170048a1c619fdfb21bf6d8f8b881ee
0412911e1cbb2fde06170ac958f4b044964b5038
67959b2bd6c8b11c8f82bccebcbb9e49e0b2eb7d269c4012f40efda92270110b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
83.66.162.128200 OK 4.5 kB URL HTTP/1.1 widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (19781), with no line terminators
Hash 9addf68a5cc9633f32c20bfe9df6eaaa
b2bcfadf03938190ba76702f6d33c99f5491cf7b
7454bc429d787dd6a335f7d1fb73a058f3ad426761bf19d089fceadd9b048165
GET //content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01 HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 3789930
Date: Sat, 14 Jan 2023 23:02:31 GMT
Expires: Sun, 14 Jan 2024 22:04:59 GMT
Cache-Control: public
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Last-Modified: Sat, 14 Jan 2023 22:04:59 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 4517
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 27 Feb 2023 19:48:08 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11936, version 1.0\012- data
Hash 15d8ede0a816bc7a9838207747c6620c
f6e2e75f1277c66e282553ae6a22661e51f472b8
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Feb 2023 14:05:20 GMT
expires: Mon, 26 Feb 2024 14:05:20 GMT
cache-control: public, max-age=31536000
age: 106968
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash b181095734db35a79046b8923395b093
d52887a39f69853e98c1955ee21a783eea095d0c
05abb4b0cf15a1aab4689c14798a7ff6d4cd0b21b43fcaa23017edcb29361a54
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 27 Feb 2023 19:48:08 GMT
server: ESF
cache-control: private
content-length: 30927
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 003e1b79931617851c3da3cbc23c0ca0
f8dee0baa43667e813b30073fbec9eaf89ef60f7
468ce322d2b56394352155d42f648dc33a5d7335a9f1ea074b7e1253f3df3d57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f0eb6131ddbcf7b456b75aedb33dec51
9b0e4febf1c9e23c83618b89f58fbff02857f3e2
c43deaba4d0fbf1a2b4814e7fe60ba123e83fcb2638ac31d87791c8fc6f6d792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.6 kB URL HTTP/2 yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 7f0d8c8d9cbb88ed7c0dc10ee1a2b0ae
830e3dfe396cc6bc3a448d0ed13e4f1d25fdef58
0f8e403418f768e45267ca0edb3223d1a3c5e1dec070040b6399c0a89773cbf4
GET /vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4552
x-xss-protection: 0
date: Mon, 27 Feb 2023 16:25:04 GMT
expires: Fri, 17 Feb 2023 13:18:18 GMT
cache-control: public, max-age=86400, no-transform
age: 12184
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36212)
Hash 95ea09baa0f0a6abfed9f2369fe28979
49b89e5107f8866d6613fa6641fec90cb2ee3ca9
7c3d3c237eab6377d87404e68fad4ca16a8fd3238a0a810dfcac7f2e066d9d9f
GET /js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Feb 2023 19:47:36 GMT
expires: Tue, 27 Feb 2024 19:47:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 32
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
216.58.207.246200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Feb 2023 19:48:08 GMT
expires: Mon, 27 Feb 2023 21:48:08 GMT
cache-control: public, max-age=7200
etag: "1668598177"
content-type: image/webp
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 260ef5cac9c5be21e7d583498d620845
f080babb4d78b54353b0918eba4a978a1bf61599
a65f36a7bffe9ccd23998d0aff5328a869dc80865c3dc91dc159522cf738d67c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 260ef5cac9c5be21e7d583498d620845
f080babb4d78b54353b0918eba4a978a1bf61599
a65f36a7bffe9ccd23998d0aff5328a869dc80865c3dc91dc159522cf738d67c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 003e1b79931617851c3da3cbc23c0ca0
f8dee0baa43667e813b30073fbec9eaf89ef60f7
468ce322d2b56394352155d42f648dc33a5d7335a9f1ea074b7e1253f3df3d57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
172.217.21.162200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 172.217.21.162:0
File type ASCII text, with very long lines (3399)
Hash 5d8f7cf85bcfc1ec138adc1c6247c4dc
0ace57539bd47e32f6a75492435af62adf06370f
cad37670a5fb4fa27e979ae10f4aeb23ee224be053f74fe66e357f8ea58f2ae9
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49360
date: Mon, 27 Feb 2023 19:48:08 GMT
expires: Mon, 27 Feb 2023 19:48:08 GMT
cache-control: private, max-age=3000
etag: "1677104061356577"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 1247fba012b62471fa81c0dba5b0e5b4
7868296598e9ec05615a534e750a12acf1f2256e
b73905735e1f525f9f22689687090ef63b0d0f4e8ecacc84c3377cd85e80ba91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5915
Cache-Control: max-age=133019
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:08 GMT
Etag: "63fc5678-138"
Expires: Wed, 01 Mar 2023 08:45:07 GMT
Last-Modified: Mon, 27 Feb 2023 07:06:32 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 08060eb3a621dbc806587e4395a63aad
874d6ff6d2ef8fb32e4f2b996c2207c42b4408a5
fa971d0c555bcc8162c08915329808c03867b9ecc61278e81ca6288d3696e83f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6140
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Last-Modified: Mon, 27 Feb 2023 18:05:49 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEPcI_WNfj_3NNkbhlSkCAAASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y_0I-AAAcWwDogkiAAWVUaDlyDrSsE0lZvfhWg
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEPcI_WNfj_3NNkbhlSkCAAASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y_0I-AAAcWwDogkiAAWVUaDlyDrSsE0lZvfhWg
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kMCRE7OzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEPcI_WNfj_3NNkbhlSkCAAASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y_0I-AAAcWwDogkiAAWVUaDlyDrSsE0lZvfhWg HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 250469
date: Mon, 27 Feb 2023 19:48:08 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 47088c54aa492201fa2a569c7e11b8a0
38b6531b299c5600f8e7f9529c79d90ec00a3e00
8fa506c3855171d2f7a0edcdad7873fb2e303d0e5b202f515356d1043b53eaf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1553
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Last-Modified: Mon, 27 Feb 2023 19:22:16 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 47088c54aa492201fa2a569c7e11b8a0
38b6531b299c5600f8e7f9529c79d90ec00a3e00
8fa506c3855171d2f7a0edcdad7873fb2e303d0e5b202f515356d1043b53eaf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1553
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Last-Modified: Mon, 27 Feb 2023 19:22:16 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 47088c54aa492201fa2a569c7e11b8a0
38b6531b299c5600f8e7f9529c79d90ec00a3e00
8fa506c3855171d2f7a0edcdad7873fb2e303d0e5b202f515356d1043b53eaf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Last-Modified: Mon, 27 Feb 2023 19:23:10 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 47088c54aa492201fa2a569c7e11b8a0
38b6531b299c5600f8e7f9529c79d90ec00a3e00
8fa506c3855171d2f7a0edcdad7873fb2e303d0e5b202f515356d1043b53eaf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4723
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Last-Modified: Mon, 27 Feb 2023 18:29:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 47088c54aa492201fa2a569c7e11b8a0
38b6531b299c5600f8e7f9529c79d90ec00a3e00
8fa506c3855171d2f7a0edcdad7873fb2e303d0e5b202f515356d1043b53eaf8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1557
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Last-Modified: Mon, 27 Feb 2023 19:22:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
static.criteo.net/flash/icon/close_button.svg
178.250.0.130200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Feb 2023 19:48:09 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Thu, 22 Feb 2024 19:48:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=Y_0I-AAAcWwDogkiAAWVUaDlyDrSsE0lZvfhWg&u=%7CgYJSZe3lM9QpJjwBE5%2FtGjJw%2F%2FGBkPy%2B9WMBMSRy3mQ%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAPbm-rooFeUp2YAKBN8K9GFKK1O-raiITygLmkhjT2GzkisdhX55PU92KeHtWhKEqr4AxV5eN9L5sttlACXNdkhYmenkOp1AwoaC_GBwkuerItVdbkDMP-j948b_AVFH19FtqN00KkOF6LJgdO6GaHDjodzVqlqKXsHkTGCOa4CmsskONeumLvHikSe2TnP-0OhrYiXJAd_mVAuS1RxiagZ_3T0Iv3lhsnCNEqt3MhimXto4VDrDqOodFX6b4GceIi3P-S8MDaNeOGWSIpd7WBtVfgpe0g_LJm-wRVKEPFkeEqdGFxQwjfzS6ZYvV9pbzWC5KJYh0mb5wE5h-PfODRidIpolDkidxMFzH-3mSvBbD9Bw-XTdAXIfa2CvE7xvR8EGkQ9PZ70rigAnQ87CimXfUNUu909s1KeIE38ExpWD_XIbTyGRSYVhg0FRjItHtowy_5_AfcNnJUWvQheyi1NcQg5yYf5nR_q_7mGdA4SNtnwEV2h8ZBT-7x4GMYOpDaoeJkmZwbXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKyw-Aj9Y-ziAaKSiM0P0aqWmAXJntKxXPWR3r6xAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQLOG7AQ3cKxPqgDAaoEmQJP0CKlqPnE3EG0eR1yTANp4bbE5NaL2TtmWgWhqvLzQ6kiyPc_wTtuZdkBeHkjp_n-kVV0UK4QJPRiu5_QdwYdPgMZQQDkwmn4pHU606S4RBXwRtfAdkm8uu0Nf9lY7CDle28wXEy0cnbj-Ix86ct2_BbyW9AiR5j1IZMWWGXpCYSCjZfVmeOtaaK3-MXH5foPC5tdlj6HbPfuJN8n7IDy0cFnd6JxAbGymnOi58AIiZZZ9D0M0P2JHwxuprmTUtvrxp6egOuX6cm8FX5d56uMvA7Pum1sb-Y2D0aDspw1BxZIheRSC7Tvj4gjG7eIU6aIlxEjWoUjiNwa_BPdEX-I46RVpVFD0_eeg8eyQwFVB-FpU6m9Icu0SoAG0eLUz9Cc5NrTAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ftgdBG0sUrWhInjwEfozYLsoUOw%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 60 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=Y_0I-AAAcWwDogkiAAWVUaDlyDrSsE0lZvfhWg&u=%7CgYJSZe3lM9QpJjwBE5%2FtGjJw%2F%2FGBkPy%2B9WMBMSRy3mQ%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAPbm-rooFeUp2YAKBN8K9GFKK1O-raiITygLmkhjT2GzkisdhX55PU92KeHtWhKEqr4AxV5eN9L5sttlACXNdkhYmenkOp1AwoaC_GBwkuerItVdbkDMP-j948b_AVFH19FtqN00KkOF6LJgdO6GaHDjodzVqlqKXsHkTGCOa4CmsskONeumLvHikSe2TnP-0OhrYiXJAd_mVAuS1RxiagZ_3T0Iv3lhsnCNEqt3MhimXto4VDrDqOodFX6b4GceIi3P-S8MDaNeOGWSIpd7WBtVfgpe0g_LJm-wRVKEPFkeEqdGFxQwjfzS6ZYvV9pbzWC5KJYh0mb5wE5h-PfODRidIpolDkidxMFzH-3mSvBbD9Bw-XTdAXIfa2CvE7xvR8EGkQ9PZ70rigAnQ87CimXfUNUu909s1KeIE38ExpWD_XIbTyGRSYVhg0FRjItHtowy_5_AfcNnJUWvQheyi1NcQg5yYf5nR_q_7mGdA4SNtnwEV2h8ZBT-7x4GMYOpDaoeJkmZwbXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKyw-Aj9Y-ziAaKSiM0P0aqWmAXJntKxXPWR3r6xAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQLOG7AQ3cKxPqgDAaoEmQJP0CKlqPnE3EG0eR1yTANp4bbE5NaL2TtmWgWhqvLzQ6kiyPc_wTtuZdkBeHkjp_n-kVV0UK4QJPRiu5_QdwYdPgMZQQDkwmn4pHU606S4RBXwRtfAdkm8uu0Nf9lY7CDle28wXEy0cnbj-Ix86ct2_BbyW9AiR5j1IZMWWGXpCYSCjZfVmeOtaaK3-MXH5foPC5tdlj6HbPfuJN8n7IDy0cFnd6JxAbGymnOi58AIiZZZ9D0M0P2JHwxuprmTUtvrxp6egOuX6cm8FX5d56uMvA7Pum1sb-Y2D0aDspw1BxZIheRSC7Tvj4gjG7eIU6aIlxEjWoUjiNwa_BPdEX-I46RVpVFD0_eeg8eyQwFVB-FpU6m9Icu0SoAG0eLUz9Cc5NrTAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ftgdBG0sUrWhInjwEfozYLsoUOw%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
Hash 3e1fee8603ca161f080711cc05bfd2ef
46eb356fab738a41f9deee460b2bce767405933d
0cd21105582aff8cf3f76663921bdffdc1edfc428af0563908637b1b4856c1d3
GET /delivery/r/afr.php?z=Y_0I-AAAcWwDogkiAAWVUaDlyDrSsE0lZvfhWg&u=%7CgYJSZe3lM9QpJjwBE5%2FtGjJw%2F%2FGBkPy%2B9WMBMSRy3mQ%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiAPbm-rooFeUp2YAKBN8K9GFKK1O-raiITygLmkhjT2GzkisdhX55PU92KeHtWhKEqr4AxV5eN9L5sttlACXNdkhYmenkOp1AwoaC_GBwkuerItVdbkDMP-j948b_AVFH19FtqN00KkOF6LJgdO6GaHDjodzVqlqKXsHkTGCOa4CmsskONeumLvHikSe2TnP-0OhrYiXJAd_mVAuS1RxiagZ_3T0Iv3lhsnCNEqt3MhimXto4VDrDqOodFX6b4GceIi3P-S8MDaNeOGWSIpd7WBtVfgpe0g_LJm-wRVKEPFkeEqdGFxQwjfzS6ZYvV9pbzWC5KJYh0mb5wE5h-PfODRidIpolDkidxMFzH-3mSvBbD9Bw-XTdAXIfa2CvE7xvR8EGkQ9PZ70rigAnQ87CimXfUNUu909s1KeIE38ExpWD_XIbTyGRSYVhg0FRjItHtowy_5_AfcNnJUWvQheyi1NcQg5yYf5nR_q_7mGdA4SNtnwEV2h8ZBT-7x4GMYOpDaoeJkmZwbXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsKyw-Aj9Y-ziAaKSiM0P0aqWmAXJntKxXPWR3r6xAcCNtwEQASAAYMOEgICYGIIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQLOG7AQ3cKxPqgDAaoEmQJP0CKlqPnE3EG0eR1yTANp4bbE5NaL2TtmWgWhqvLzQ6kiyPc_wTtuZdkBeHkjp_n-kVV0UK4QJPRiu5_QdwYdPgMZQQDkwmn4pHU606S4RBXwRtfAdkm8uu0Nf9lY7CDle28wXEy0cnbj-Ix86ct2_BbyW9AiR5j1IZMWWGXpCYSCjZfVmeOtaaK3-MXH5foPC5tdlj6HbPfuJN8n7IDy0cFnd6JxAbGymnOi58AIiZZZ9D0M0P2JHwxuprmTUtvrxp6egOuX6cm8FX5d56uMvA7Pum1sb-Y2D0aDspw1BxZIheRSC7Tvj4gjG7eIU6aIlxEjWoUjiNwa_BPdEX-I46RVpVFD0_eeg8eyQwFVB-FpU6m9Icu0SoAG0eLUz9Cc5NrTAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ftgdBG0sUrWhInjwEfozYLsoUOw%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Feb 2023 19:48:08 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=U4y_peSJ4HUOCPpnSysx7ZjD1TY85PyBKc9TLNKIfV0JDayFl0wI1yGPDmjcWNGWw2dmFbawNMeUuBABztOHQhUxDljNW-FyOEzmtBk3VjE6VuAPTHZ2BrKzsP2DF5SayfzUAizy6narWd9yr7IPzT-1tZlKklXsom98MrshA5xqqxvKUBLVMXrD-b577avHoscrh1MK0iREPPnjuD8zhA2WK83Ra18pfly-b1e_-gQ_icuBXNfT7iohgtLfcNEbsoUQsQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 148228635
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 877a7c3cfcd362fb5e628897d40b65f0
db7c0d19fbf4ea786577dce4f8612c10433730bf
dd92d1b6e068b8815f009de2c06412402e6c39c512f44add429dde7033085a14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4329
Cache-Control: max-age=143688
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Etag: "63fc8658-139"
Expires: Wed, 01 Mar 2023 11:42:57 GMT
Last-Modified: Mon, 27 Feb 2023 10:30:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 877a7c3cfcd362fb5e628897d40b65f0
db7c0d19fbf4ea786577dce4f8612c10433730bf
dd92d1b6e068b8815f009de2c06412402e6c39c512f44add429dde7033085a14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4581
Cache-Control: max-age=143940
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Etag: "63fc8658-139"
Expires: Wed, 01 Mar 2023 11:47:09 GMT
Last-Modified: Mon, 27 Feb 2023 10:30:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 877a7c3cfcd362fb5e628897d40b65f0
db7c0d19fbf4ea786577dce4f8612c10433730bf
dd92d1b6e068b8815f009de2c06412402e6c39c512f44add429dde7033085a14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4848
Cache-Control: max-age=144207
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Etag: "63fc8658-139"
Expires: Wed, 01 Mar 2023 11:51:36 GMT
Last-Modified: Mon, 27 Feb 2023 10:30:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 877a7c3cfcd362fb5e628897d40b65f0
db7c0d19fbf4ea786577dce4f8612c10433730bf
dd92d1b6e068b8815f009de2c06412402e6c39c512f44add429dde7033085a14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4392
Cache-Control: max-age=143751
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Etag: "63fc8658-139"
Expires: Wed, 01 Mar 2023 11:44:00 GMT
Last-Modified: Mon, 27 Feb 2023 10:30:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 877a7c3cfcd362fb5e628897d40b65f0
db7c0d19fbf4ea786577dce4f8612c10433730bf
dd92d1b6e068b8815f009de2c06412402e6c39c512f44add429dde7033085a14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4581
Cache-Control: max-age=143940
Content-Type: application/ocsp-response
Date: Mon, 27 Feb 2023 19:48:09 GMT
Etag: "63fc8658-139"
Expires: Wed, 01 Mar 2023 11:47:09 GMT
Last-Modified: Mon, 27 Feb 2023 10:30:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475569015_a_en_hd_1.jpg%3Ft%3D1675844834%3Fcb%3D2023022714&v=3&w=800&s=38696mup1tujQ_HuPtsVy7Hv&b=400
178.250.1.14200 OK 5.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475569015_a_en_hd_1.jpg%3Ft%3D1675844834%3Fcb%3D2023022714&v=3&w=800&s=38696mup1tujQ_HuPtsVy7Hv&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x235, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8460cfdf3473b549843ed6a72bc74191
9e23e3e7cde87b657546a9df7458c70f76c16da8
1980d6104c273fdaec03cbb78e490e0cfbc23481d37fff1f8af9bc39a2ad904b
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475569015_a_en_hd_1.jpg%3Ft%3D1675844834%3Fcb%3D2023022714&v=3&w=800&s=38696mup1tujQ_HuPtsVy7Hv&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31518224
expires: Tue, 27 Feb 2024 14:51:54 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5424
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720845602161_m_en_hd_1.jpg%3Ft%3D1668793669%3Fcb%3D2023022714&v=3&w=800&s=FEMc3eYu3gND1zGitAEYv5VW&b=400
178.250.1.14200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720845602161_m_en_hd_1.jpg%3Ft%3D1668793669%3Fcb%3D2023022714&v=3&w=800&s=FEMc3eYu3gND1zGitAEYv5VW&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 479e83c922d42f9819f387083a03ca1b
36ca8d5c9df29e183a7cb9fb889347aa62f82a23
edd5cde5c3c1bb1ca728d07d7de68d2b8b725161855f1d0fd920bec2939b7c29
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720845602161_m_en_hd_1.jpg%3Ft%3D1668793669%3Fcb%3D2023022714&v=3&w=800&s=FEMc3eYu3gND1zGitAEYv5VW&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31519048
expires: Tue, 27 Feb 2024 15:05:38 GMT
date: Mon, 27 Feb 2023 19:48:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13850
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 27 Feb 2023 19:48:09 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883860138_a_en_hd_1.jpg%3Ft%3D1675047039%3Fcb%3D2023022714&v=3&w=800&s=N60cUd4sFqMEdeE1sbTd4sLC&b=400
178.250.1.14200 OK 21 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883860138_a_en_hd_1.jpg%3Ft%3D1675047039%3Fcb%3D2023022714&v=3&w=800&s=N60cUd4sFqMEdeE1sbTd4sLC&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 591e0728258f64e691e4437113ba0cee
d52034ba2c9022b8f672645132fb9522faffd1ed
89f4985c4ca5beb3cf024db1f57106d37f89de031d7c9f011c0bf086e6b560bf
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883860138_a_en_hd_1.jpg%3Ft%3D1675047039%3Fcb%3D2023022714&v=3&w=800&s=N60cUd4sFqMEdeE1sbTd4sLC&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31518207
expires: Tue, 27 Feb 2024 14:51:37 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20606
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475724926_a_en_hd_1.jpg%3Ft%3D1650160526%3Fcb%3D2023022714&v=3&w=800&s=Q__xF_IuTdJF8C02XjrGur3w&b=400
178.250.1.14200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475724926_a_en_hd_1.jpg%3Ft%3D1650160526%3Fcb%3D2023022714&v=3&w=800&s=Q__xF_IuTdJF8C02XjrGur3w&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e094c80891feb58080cc400912bc9086
e1d3385c3a2d46f32b0230d3c4a3ec3801d8d4c5
25052763ab11bf96ae7f4357d71d2f36107cdf9fa15b1baaa790dda29c733624
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475724926_a_en_hd_1.jpg%3Ft%3D1650160526%3Fcb%3D2023022714&v=3&w=800&s=Q__xF_IuTdJF8C02XjrGur3w&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31516294
expires: Tue, 27 Feb 2024 14:19:44 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7968
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883682662_a_en_hd_1.jpg%3Ft%3D1670967551%3Fcb%3D2023022714&v=3&w=800&s=DQSQ0u_oV2NhgHAV1d1heY9T&b=400
178.250.1.14200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883682662_a_en_hd_1.jpg%3Ft%3D1670967551%3Fcb%3D2023022714&v=3&w=800&s=DQSQ0u_oV2NhgHAV1d1heY9T&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x364, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ab76fe7722c073912926cb8dd556aa7
db9efdebd9fca1aa7f5245dac41fd50771acf595
47ce548da8e4751d6bec982c80ab1efdc0bfe8e90523937a068c341d260cc539
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883682662_a_en_hd_1.jpg%3Ft%3D1670967551%3Fcb%3D2023022714&v=3&w=800&s=DQSQ0u_oV2NhgHAV1d1heY9T&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31517158
expires: Tue, 27 Feb 2024 14:34:08 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10868
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475531500_a_en_hd_1.jpg%3Ft%3D1650878393%3Fcb%3D2023022714&v=3&w=800&s=cumrwG3MYNzT2GeITZLuJop4&b=400
178.250.1.14200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475531500_a_en_hd_1.jpg%3Ft%3D1650878393%3Fcb%3D2023022714&v=3&w=800&s=cumrwG3MYNzT2GeITZLuJop4&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 393x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 203e60919d022fd12dc2c9aaf14c397a
ea864ea9abc81d87923f1aed324b51e64ba7615b
d0bc34a9ff33439a4ec1e74d0c6d7c12a8e01c73c632d3cba1ab513529a4c2f8
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475531500_a_en_hd_1.jpg%3Ft%3D1650878393%3Fcb%3D2023022714&v=3&w=800&s=cumrwG3MYNzT2GeITZLuJop4&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31517234
expires: Tue, 27 Feb 2024 14:35:23 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7952
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286975787_m_en_hd_1.jpg%3Ft%3D1662024228%3Fcb%3D2023022714&v=3&w=800&s=LNSSvX_Nc8eL51ThFusOboVK&b=400
178.250.1.14200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286975787_m_en_hd_1.jpg%3Ft%3D1662024228%3Fcb%3D2023022714&v=3&w=800&s=LNSSvX_Nc8eL51ThFusOboVK&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a3dd158f46552e5c3df8e0b629dc3fe2
cc2b4f3f4380f774f6d98c6ed61761693300fd1d
4a8a5db29469dc2ee2fd828dd5070f6f9ea0182061005be14120f14dd7820411
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8720286975787_m_en_hd_1.jpg%3Ft%3D1662024228%3Fcb%3D2023022714&v=3&w=800&s=LNSSvX_Nc8eL51ThFusOboVK&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31520037
expires: Tue, 27 Feb 2024 15:22:06 GMT
date: Mon, 27 Feb 2023 19:48:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20338
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475585121_a_en_hd_1.jpg%3Ft%3D1648864223%3Fcb%3D2023022714&v=3&w=800&s=wH0wJOVY8FGNt7XJF2mEjcDL&b=400
178.250.1.14200 OK 23 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475585121_a_en_hd_1.jpg%3Ft%3D1648864223%3Fcb%3D2023022714&v=3&w=800&s=wH0wJOVY8FGNt7XJF2mEjcDL&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x397, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5fdd1c49acb49b7e2f47b829f70137ca
c7e9336adc9132cce855f8b32c40a6eb611d424f
9122980ee14a0ee04507024868e959a8ea6b52466a48dccf97c79c23fe17f4a0
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475585121_a_en_hd_1.jpg%3Ft%3D1648864223%3Fcb%3D2023022714&v=3&w=800&s=wH0wJOVY8FGNt7XJF2mEjcDL&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31516517
expires: Tue, 27 Feb 2024 14:23:26 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 22934
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883860145_a_en_hd_1.jpg%3Ft%3D1675047243%3Fcb%3D2023022714&v=3&w=800&s=XyvxfMbs73NWMgfVEAOAG8V0&b=400
178.250.1.14200 OK 20 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883860145_a_en_hd_1.jpg%3Ft%3D1675047243%3Fcb%3D2023022714&v=3&w=800&s=XyvxfMbs73NWMgfVEAOAG8V0&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c6f7c7d4d0eb3bd8bc60a217c2aefb3c
1c2c006c0a7c0752e0533c8ce08d3a4c0554bba2
9665cb4e78dd23a9a7eb302f0a5e7ad22a19a8676401b6a306b210eb664012ce
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883860145_a_en_hd_1.jpg%3Ft%3D1675047243%3Fcb%3D2023022714&v=3&w=800&s=XyvxfMbs73NWMgfVEAOAG8V0&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31516601
expires: Tue, 27 Feb 2024 14:24:50 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 20172
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475827177_a_en_hd_1.jpg%3Ft%3D1654499118%3Fcb%3D2023022714&v=3&w=800&s=3pagpBYo07xWVJa1-qwgxAxP&b=400
178.250.1.14200 OK 6.6 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475827177_a_en_hd_1.jpg%3Ft%3D1654499118%3Fcb%3D2023022714&v=3&w=800&s=3pagpBYo07xWVJa1-qwgxAxP&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 342x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a2f341bd0a80a01e5e2234a211c1a46
396d502bec5092c86e59ef5b42ac5e04c737d64a
1615a6d613d77d9a9b4f87e750928df340027586c4935c57e9f5d30471ab5048
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475827177_a_en_hd_1.jpg%3Ft%3D1654499118%3Fcb%3D2023022714&v=3&w=800&s=3pagpBYo07xWVJa1-qwgxAxP&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31516624
expires: Tue, 27 Feb 2024 14:25:14 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6566
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=360&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=LLhbZiLMQfn0AVCqrHqAmT26
178.250.1.14200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=360&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=LLhbZiLMQfn0AVCqrHqAmT26
IP 178.250.1.14:0
File type PNG image data, 196 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ca57be72a70ecd49abc7d0eabe55ad3
11084dcfd67eb5b6682daeb50d9272d67ea17329
459c33ea9afd9143c3a03fabdd06c1a06bdda996a67f1a2626ff5bbdd65b7261
GET /img/img?h=360&m=0&partner=28905&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F28905%2F211115%2Fb06c69b831ed410991b3a26cec796d5d_vidaxl.png&v=3&w=196&s=LLhbZiLMQfn0AVCqrHqAmT26 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=28016621
expires: Thu, 18 Jan 2024 02:11:51 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15316
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/png
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883979755_a_en_hd_1.jpg%3Ft%3D1657762950%3Fcb%3D2023022714&v=3&w=800&s=PZ8d8YxnrtLm3AuEpx4dzG7z&b=400
178.250.1.14200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883979755_a_en_hd_1.jpg%3Ft%3D1657762950%3Fcb%3D2023022714&v=3&w=800&s=PZ8d8YxnrtLm3AuEpx4dzG7z&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 106b717b09d105f159450759e68601e6
03c4e4a88d06b491906b9b1197a818d8523df1e2
f631975232c8b15b2ce1c46ca8dfdc72cdeed726d13101246bc232480668a996
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8719883979755_a_en_hd_1.jpg%3Ft%3D1657762950%3Fcb%3D2023022714&v=3&w=800&s=PZ8d8YxnrtLm3AuEpx4dzG7z&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31516458
expires: Tue, 27 Feb 2024 14:22:28 GMT
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12078
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475583462_a_en_hd_1.jpg%3Ft%3D1651110997%3Fcb%3D2023022714&v=3&w=800&s=eTCi9CP-Z37cQJUj5sfbyLLz&b=400
178.250.1.14200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475583462_a_en_hd_1.jpg%3Ft%3D1651110997%3Fcb%3D2023022714&v=3&w=800&s=eTCi9CP-Z37cQJUj5sfbyLLz&b=400
IP 178.250.1.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 392x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8956510a8c80b217180e91ef6c289e5a
ad629317a1e5ea3a324255226025df2ef18d6ef3
2b38b9443c0ec634ec30d93e84aa2274ce090c31f0b112d62f5a3a8d75375a46
GET /img/img?c=3&cq=256&h=800&m=0&partner=28905&q=80&r=0&u=https%3A%2F%2Fvdxl.im%2F8718475583462_a_en_hd_1.jpg%3Ft%3D1651110997%3Fcb%3D2023022714&v=3&w=800&s=eTCi9CP-Z37cQJUj5sfbyLLz&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31516468
expires: Tue, 27 Feb 2024 14:22:38 GMT
date: Mon, 27 Feb 2023 19:48:08 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12090
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=U4y_peSJ4HUOCPpnSysx7ZjD1TY85PyBKc9TLNKIfV0JDayFl0wI1yGPDmjcWNGWw2dmFbawNMeUuBABztOHQhUxDljNW-FyOEzmtBk3VjE6VuAPTHZ2BrKzsP2DF5SayfzUAizy6narWd9yr7IPzT-1tZlKklXsom98MrshA5xqqxvKUBLVMXrD-b577avHoscrh1MK0iREPPnjuD8zhA2WK83Ra18pfly-b1e_-gQ_icuBXNfT7iohgtLfcNEbsoUQsQ&sds=2&rev=84953&sendBeacon=true
178.250.0.162200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=U4y_peSJ4HUOCPpnSysx7ZjD1TY85PyBKc9TLNKIfV0JDayFl0wI1yGPDmjcWNGWw2dmFbawNMeUuBABztOHQhUxDljNW-FyOEzmtBk3VjE6VuAPTHZ2BrKzsP2DF5SayfzUAizy6narWd9yr7IPzT-1tZlKklXsom98MrshA5xqqxvKUBLVMXrD-b577avHoscrh1MK0iREPPnjuD8zhA2WK83Ra18pfly-b1e_-gQ_icuBXNfT7iohgtLfcNEbsoUQsQ&sds=2&rev=84953&sendBeacon=true
IP 178.250.0.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=U4y_peSJ4HUOCPpnSysx7ZjD1TY85PyBKc9TLNKIfV0JDayFl0wI1yGPDmjcWNGWw2dmFbawNMeUuBABztOHQhUxDljNW-FyOEzmtBk3VjE6VuAPTHZ2BrKzsP2DF5SayfzUAizy6narWd9yr7IPzT-1tZlKklXsom98MrshA5xqqxvKUBLVMXrD-b577avHoscrh1MK0iREPPnjuD8zhA2WK83Ra18pfly-b1e_-gQ_icuBXNfT7iohgtLfcNEbsoUQsQ&sds=2&rev=84953&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Feb 2023 19:48:09 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fPq0gTBk8LEGuWAiOQPSK_37FvISKkTq1ETOrwKOy9aCPUsSbVPrJ9DVzP0mXh5JSCne2t0T3xoVpN9seDpf2WFShTCFhdJtxQNVaIuafXhITzevkNqY0HcL7ieZm7Si0lwlX2y49VHGLM9D6Ef9_UCqcCBA7SRladOLGV1gW0bJaUdqm6awG6aWAtKgUAFhjvyhEKW9ZFN6Mb_WH7rfUccv3-HO_DxiDNT9hu_FkAKv-lgUjESsMNSBScIYHNALCqYFNl88orKMZhXD31EULYvx2B4Edv4SOn096vvMalXrkWNN0QB4ke8JAn4vi1QtvMoFybtTIgsHsKIe5TrkO5Ohbl8gdhfrCgXBk2mOd0_yRNt815JwfNpz7W5NQoqAS0J-dpDnAlSCrjNWnfjI-9xvOlef91WNSTRco-rwxucdQqFD
178.250.0.160200 OK 43 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fPq0gTBk8LEGuWAiOQPSK_37FvISKkTq1ETOrwKOy9aCPUsSbVPrJ9DVzP0mXh5JSCne2t0T3xoVpN9seDpf2WFShTCFhdJtxQNVaIuafXhITzevkNqY0HcL7ieZm7Si0lwlX2y49VHGLM9D6Ef9_UCqcCBA7SRladOLGV1gW0bJaUdqm6awG6aWAtKgUAFhjvyhEKW9ZFN6Mb_WH7rfUccv3-HO_DxiDNT9hu_FkAKv-lgUjESsMNSBScIYHNALCqYFNl88orKMZhXD31EULYvx2B4Edv4SOn096vvMalXrkWNN0QB4ke8JAn4vi1QtvMoFybtTIgsHsKIe5TrkO5Ohbl8gdhfrCgXBk2mOd0_yRNt815JwfNpz7W5NQoqAS0J-dpDnAlSCrjNWnfjI-9xvOlef91WNSTRco-rwxucdQqFD
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /delivery/lg.php?cppv=3&cpp=fPq0gTBk8LEGuWAiOQPSK_37FvISKkTq1ETOrwKOy9aCPUsSbVPrJ9DVzP0mXh5JSCne2t0T3xoVpN9seDpf2WFShTCFhdJtxQNVaIuafXhITzevkNqY0HcL7ieZm7Si0lwlX2y49VHGLM9D6Ef9_UCqcCBA7SRladOLGV1gW0bJaUdqm6awG6aWAtKgUAFhjvyhEKW9ZFN6Mb_WH7rfUccv3-HO_DxiDNT9hu_FkAKv-lgUjESsMNSBScIYHNALCqYFNl88orKMZhXD31EULYvx2B4Edv4SOn096vvMalXrkWNN0QB4ke8JAn4vi1QtvMoFybtTIgsHsKIe5TrkO5Ohbl8gdhfrCgXBk2mOd0_yRNt815JwfNpz7W5NQoqAS0J-dpDnAlSCrjNWnfjI-9xvOlef91WNSTRco-rwxucdQqFD HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 27 Feb 2023 19:48:08 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2606863
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 441a02f728672d26bb2217a93861898b
ca5e52641d2299de9dd412d27a6499db523cc216
2d3120ef0c8cc83cff5850e4711fd41cab2d8d545ad66a5a20afefceaac6724e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1115
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 27 Feb 2023 19:48:10 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1080402505.1677527414&jid=1051374827&gjid=1370689043&_gid=910652319.1677527414&_u=aGDAAUADQAAAACAAI~&z=2112188394
173.194.73.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1080402505.1677527414&jid=1051374827&gjid=1370689043&_gid=910652319.1677527414&_u=aGDAAUADQAAAACAAI~&z=2112188394
IP 173.194.73.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1080402505.1677527414&jid=1051374827&gjid=1370689043&_gid=910652319.1677527414&_u=aGDAAUADQAAAACAAI~&z=2112188394 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Cookie: IDE=AHWqTUn8ayUNEZr7EiNbCz22hx1lueDm4cGPHvaFbQsdUbeWN7oKtlHqgEg8jmhsanU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Feb 2023 19:48:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.0.130200 OK 122 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.0.130:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1395)
Size 122 kB (121766 bytes)
Hash 489d09f2ca58d0bf06d74b807bbfe2a1
6a872ec4367e7308d97e0eaaeae30efa82fcef18
a83abc8edd35964b41922d0393e4f995d83804694f473a87cdb316385affb55d
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Feb 2023 19:48:09 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Thu, 22 Feb 2024 19:48:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1080402505.1677527414&jid=1051374827&_u=aGDAAUADQAAAACAAI~&z=846489664
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1080402505.1677527414&jid=1051374827&_u=aGDAAUADQAAAACAAI~&z=846489664
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1080402505.1677527414&jid=1051374827&_u=aGDAAUADQAAAACAAI~&z=846489664 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 19:48:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.boomads.com/images/offer/kcgi-2022-20222910074714115.jpg
83.66.162.75200 OK 169 kB URL HTTP/1.1 media.boomads.com/images/offer/kcgi-2022-20222910074714115.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1035x540, components 3\012- data
Size 169 kB (168772 bytes)
Hash 8cd35c2df8f8bd0437123455fd84be85
06ca591d59b000bee2db467de3790e524bc4e984
f3979564e6e978be15db9e42e554b4048fc596ddd7d55c0c65f24db27d7bc359
GET /images/offer/kcgi-2022-20222910074714115.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Feb 2023 13:40:53 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"aadff7a86aebd81:0"
Content-Type: image/jpeg
Last-Modified: Sat, 29 Oct 2022 07:47:14 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 168772
rollercoin.com/static/img/public_img/gen2/w160h600.gif
104.26.14.99301 Moved Permanently 0 B URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 104.26.14.99:0
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Mon, 27 Feb 2023 19:48:06 GMT
content-type: text/html
location: https://static.rollercoin.com/static/img/ref/gen2/w160h600.gif
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmvBFHgcCIFUyvXesdeQkJMcByyop0oRc0k3Kk9Xz8UUCg7DGK7Of%2FFEr%2B5Py7NJoFMfFqd1The%2FuD0qB6OSpc9QQthJML2mMmNMYowVFLvSfiNnv7hCcspiCSSNba%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a036fa4ce9cb500-OSL
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
142.250.74.66200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.66:0
GET /pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Feb 2023 19:48:06 GMT
expires: Mon, 27 Feb 2023 19:48:06 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 11895981338864321874
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 123273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.0.130:0
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Feb 2023 19:48:09 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Thu, 22 Feb 2024 19:48:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/animejs/animejs.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/animejs/animejs.js
IP 178.250.0.130:0
GET /animejs/animejs.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Feb 2023 19:48:09 GMT
content-type: text/javascript
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
etag: W/"5c9a64eb-3181"
expires: Thu, 22 Feb 2024 19:48:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
media.boomads.com/images/offer/messi-bitget-20222110121742292.jpg
83.66.162.75200 OK 0 B URL HTTP/1.1 media.boomads.com/images/offer/messi-bitget-20222110121742292.jpg
IP 83.66.162.75:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
GET /images/offer/messi-bitget-20222110121742292.jpg HTTP/1.1
Host: media.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Feb 2023 10:35:59 GMT
Cache-Control: max-age=2592000
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: W/"12e5661e47e5d81:0"
Content-Type: image/jpeg
Last-Modified: Fri, 21 Oct 2022 12:17:42 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 610984
static.criteo.net/flash/icon/privacy_small.svg
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.0.130:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Feb 2023 19:48:09 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Thu, 22 Feb 2024 19:48:09 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2