r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14463
Expires: Sun, 19 Mar 2023 12:57:44 GMT
Date: Sun, 19 Mar 2023 08:56:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 443a700f85619f4fd8a548421c5c23e2
a58764a07feafb2bb4b340c020b5104c55b35195
0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6899
Expires: Sun, 19 Mar 2023 10:51:40 GMT
Date: Sun, 19 Mar 2023 08:56:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Mar 2023 08:27:03 GMT
content-type: application/json
age: 1778
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12cdbcb1b0785dc0423386448ac68c9c
08cff6b76fd708f0cef3c5bdb8fc72570c4536bd
bb7622a85d32cbff40abd2995055e03dbac05dd841b9a84d9023a5510d89e534
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB7622A85D32CBFF40ABD2995055E03DBAC05DD841B9A84D9023A5510D89E534"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20382
Expires: Sun, 19 Mar 2023 14:36:23 GMT
Date: Sun, 19 Mar 2023 08:56:41 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vQP5pSXbDyqu3IZXWo+4EMN3Sej9lqvbPUzobcyhAEvPJJ0u0tTesPld1DJiC2gKhwhoYm+Cng3GyD+bGhipuQ==
x-amz-request-id: KV0S13S9TSWS0HZT
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Mar 2023 07:58:11 GMT
age: 3510
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.com/search/label/azrail%20etimoloji?m=1
216.58.207.193301 Moved Permanently 215 B URL HTTP/1.1 dusunmekvepaylasmak.blogspot.com/search/label/azrail%20etimoloji?m=1
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d6b07659a2c14961ccbd23006f71fe55
1881cc574a3eb52b25fde1fc0557fe9a68b6d4a6
f060f60c909042498ee2116446a9a1077e91c99522cfeb9ea17b90bda9617760
Analyzer Verdict Alert fortinet Malware
GET /search/label/azrail%20etimoloji?m=1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dusunmekvepaylasmak.blogspot.com/search/label/azrail%20etimoloji?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 19 Mar 2023 08:56:41 GMT
Expires: Sun, 19 Mar 2023 08:56:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 215
Server: GSE
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 08:56:41 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 046dc3d6962180a82a66ebcf0432ca6b
f6f59d1077a4d3f664df68b40a71f6ae11724588
7f16abd2e6959e640cbe7a75f0f21ec41a86cae0d5ef1f8a7e252c7c8a97614e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 19 Mar 2023 08:14:32 GMT
age: 2529
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a4b141e90b0fb22cf6d10a6a4fd360d
37b081be1a69edb97a7c562b71474f4d7405d94e
5db17bb0a40658845e03d8237a69458a0576d955006ee224930b0310179af9af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DB17BB0A40658845E03D8237A69458A0576D955006EE224930B0310179AF9AF"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12127
Expires: Sun, 19 Mar 2023 12:18:48 GMT
Date: Sun, 19 Mar 2023 08:56:41 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.170.27101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.170.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U5Kt/CbITwOsRt9EZSIzAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +/xiJM8Iu/rZQ1HWR/yDaFQ0Otw=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 046dc3d6962180a82a66ebcf0432ca6b
f6f59d1077a4d3f664df68b40a71f6ae11724588
7f16abd2e6959e640cbe7a75f0f21ec41a86cae0d5ef1f8a7e252c7c8a97614e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47f61758ca4c0d3d1736d70991239831
05ae44dad93870a68e977e59c0759c26e1ad62b5
e4f954ce6f03ff1a4baf2874540bdc949fcd3a56efe17a287d556ecdaa316509
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash db7a51fe853d91ea7990bb3c41ba3cb4
f416e7ea87e2ac443e81afac853a3d05071d88e4
a928e7cde6f4fc75660068bfb5e8ac2270f43f8ae58ccb8f4f63a3ca6a376141
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash db7a51fe853d91ea7990bb3c41ba3cb4
f416e7ea87e2ac443e81afac853a3d05071d88e4
a928e7cde6f4fc75660068bfb5e8ac2270f43f8ae58ccb8f4f63a3ca6a376141
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 13:08:04 GMT
expires: Thu, 14 Mar 2024 13:08:04 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Mar 2023 21:52:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 330518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 37cad346bf9c7582600ca9e3cd8f9252
9021fcfa670921097bb9e71b10e07e8ae42443ae
fd83195c6e32d99ad1c76db3d4431ee060bd077ac738f090851138c5a8986340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-20442478-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-20442478-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash 78f5e5d2d1ae302da5da51534c8dc1e4
7591853bb130dff02ebd15f34e11c2d65f45a73a
39ba265e30113a134d49829241eaa2159761ca496f38c47e7cff17e1ae34a5cd
GET /gtag/js?id=UA-20442478-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 19 Mar 2023 08:56:42 GMT
expires: Sun, 19 Mar 2023 08:56:42 GMT
cache-control: private, max-age=900
last-modified: Sun, 19 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44628
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-19531429-2
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-19531429-2
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash 61095ef5fcdbdaaeb4f9c332ee921011
fdfc349b1050e9d7c4d5f01fe5f4d36e75cd2efc
86fd810994f787a09bdd5762d6f49e76ffeaa62ac7bd7e7bf4c6e6d416f61824
GET /gtag/js?id=UA-19531429-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 19 Mar 2023 08:56:42 GMT
expires: Sun, 19 Mar 2023 08:56:42 GMT
cache-control: private, max-age=900
last-modified: Sun, 19 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
216.58.207.234200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 08:13:02 GMT
expires: Fri, 15 Mar 2024 08:13:02 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 261820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 24586cf94a6f2a9e5e06605e1f179637
099fb9f5e0a0ad2f033505f0fae0761d36b7bed8
3272fa62542b0992819170c3bd51f0259c3d6dd27d8d67a378138f3f1d78defd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ec5fcd46230caf0da45a16686274f1cb
0f6ab0f39b022b8b641c566d68ce811854f4aa9d
2763d313411a14a376c085e44d14fab586ac4e935bbc1932e8c67d4453234aa3
GET /-IGiL3PugZAY/WOkUkw_t33I/AAAAAAAAf9o/klSQhEhtekcdUeFGu4p1Iqry9pj4wOiMwCLcB/w72-h72-p-k-no-nu/rafadan_tayfa_trt_cizgi_film.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rafadan_tayfa_trt_cizgi_film.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4484
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:42 GMT
expires: Sun, 19 Mar 2023 19:28:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7fdb"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2791bef32b5f929f9b8ad37800b5cd57
d801651cd01d119fd8b761404c942e0f15fd449a
5be9b295f54d11dfffb0475781c1dbcdae5685969866def1580c624947a2511b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c8dfa805163cbe39595d31e72da716e
34a2c4ac208f5f9d77302b67f556203d539388d7
874fcb1c9736686213758fa8009b9569d1d068ccd760461476c37d7e01fcebaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
142.250.74.161200 OK 6.2 kB URL HTTP/2 2.bp.blogspot.com/-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash aa25670b8226d8b5752fd5a198fd73a4
be1908b060ec7bf840e8d2b0aa4c930fe11910d6
f1b63d3ceb7dd55aae1a46fc852703730d58d88efcd5be463741c6718e7557c4
GET /-xEd01iu7wYs/WNQyp2_ZylI/AAAAAAAAfYw/4aDtHLGAUJsFyha667k1Mq5s4DQuw7jSgCLcB/w72-h72-p-k-no-nu/sut_tozu_ile_ilgili_resimler.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sut_tozu_ile_ilgili_resimler.png"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6242
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:42 GMT
expires: Sun, 19 Mar 2023 19:28:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7d8d"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47f61758ca4c0d3d1736d70991239831
05ae44dad93870a68e977e59c0759c26e1ad62b5
e4f954ce6f03ff1a4baf2874540bdc949fcd3a56efe17a287d556ecdaa316509
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/2 2.bp.blogspot.com/-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 198baf3f7d853bc634b438561c189896
63640490c23c9d452cb566e3c8d9cb29cb9bef37
5edbbfadba784c3a27259984b189817862e146c0c550b6854bd6175be846aa41
GET /-QjvLAsGpdac/UdBRP4leTEI/AAAAAAAAHKo/EaAMlUNvUvY/w72-h72-p-k-no-nu/225px-+mevlana_ile_ilgili_resimler.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="225px-+mevlana_ile_ilgili_resimler.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4527
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:42 GMT
expires: Sun, 19 Mar 2023 19:28:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/w72-h72-p-k-no-nu/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/2 1.bp.blogspot.com/-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/w72-h72-p-k-no-nu/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5cf7717aba7dd52efb82cbf3a006c59a
655a4b701e32a0220b9c3327b9ca4e20550036e6
a71c5276f8b5977d56f7e7249c2f89828eab6442853f6d5e30c5a5e1263dde53
GET /-jXYId3ytCf0/UeBnGRkkuwI/AAAAAAAAHXg/ZpPWZVlFScs/w72-h72-p-k-no-nu/NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="NASREDDIN_HOCA_ILE_ILGILI_KARIKATUR-YA_TUTARSA.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3763
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:42 GMT
expires: Sun, 19 Mar 2023 19:28:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 2e9e150d66328b6b6a88e285fc282762
22b038643bd45f842349cc7a4a7075cc0f074725
30d9bc41eb379b7b441031e0df6d0742df42ca92be34697f729b8eca83dc9d54
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21022
date: Sun, 19 Mar 2023 08:56:42 GMT
expires: Sun, 19 Mar 2023 08:56:42 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5ebb85d0c8d0a403"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
142.250.74.161200 OK 5.4 kB URL HTTP/2 3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9b4a4815a20ad6bb3a6dd27fb3600afa
22e844b7367d4fb4bc6ed871e32dd56c4ffd5acf
2dcebf6fe49227b8060f919ae690f566bf41570629399ad29e4cf9cc1827bdaa
GET /-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/w72-h72-p-k-no-nu/dort_buyuk_melek.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="dort_buyuk_melek.JPG"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5409
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:42 GMT
expires: Sun, 19 Mar 2023 19:28:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v9158"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash db7a51fe853d91ea7990bb3c41ba3cb4
f416e7ea87e2ac443e81afac853a3d05071d88e4
a928e7cde6f4fc75660068bfb5e8ac2270f43f8ae58ccb8f4f63a3ca6a376141
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 37cad346bf9c7582600ca9e3cd8f9252
9021fcfa670921097bb9e71b10e07e8ae42443ae
fd83195c6e32d99ad1c76db3d4431ee060bd077ac738f090851138c5a8986340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 48 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (3599)
Hash 2dbfb4ec70af99a6c3ae29050c4ff705
d1117af93f12df4d2927e09e110ea74dfadd484d
45f8c203017565024709e585565672509b4023143e1d7ed0d6b56f0bd316eba8
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 19 Mar 2023 08:56:43 GMT
expires: Sun, 19 Mar 2023 08:56:43 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14147408608065573479
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48453
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 37cad346bf9c7582600ca9e3cd8f9252
9021fcfa670921097bb9e71b10e07e8ae42443ae
fd83195c6e32d99ad1c76db3d4431ee060bd077ac738f090851138c5a8986340
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-of1RMMWjFsw/WG670KpgwYI/AAAAAAAAcyE/PhJ_OKVCbfsLaqSSGuLJ31ZDQjj1E84WACLcB/w72-h72-p-k-no-nu/Kucuk_seyler-Samipasazade_Sezai.jpg
142.250.74.161200 OK 4.1 kB URL HTTP/2 4.bp.blogspot.com/-of1RMMWjFsw/WG670KpgwYI/AAAAAAAAcyE/PhJ_OKVCbfsLaqSSGuLJ31ZDQjj1E84WACLcB/w72-h72-p-k-no-nu/Kucuk_seyler-Samipasazade_Sezai.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5e38cc0a43e76ade0d719112a1bc1c29
9dc399ed45b06c0e7305e30dfb61f330b1c9d017
908b57ea2a33b4c27036af2ac0e58126414090d0cec99ddbff9ab4bcac91d7f6
GET /-of1RMMWjFsw/WG670KpgwYI/AAAAAAAAcyE/PhJ_OKVCbfsLaqSSGuLJ31ZDQjj1E84WACLcB/w72-h72-p-k-no-nu/Kucuk_seyler-Samipasazade_Sezai.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Kucuk_seyler-Samipasazade_Sezai.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4056
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:43 GMT
expires: Sun, 19 Mar 2023 19:28:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7322"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg
142.250.74.97200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 330b9498ebf6bf12a2936236806e5353
e5e24e253fb29071dfbc0c37c84496916d3332fe
df55bb1bcafba9089dc6151fad702e33275fb88ce87d59df46e7a501a0ad4a37
GET /-a1sGPWTrfHY/TYFcuCk5FxI/AAAAAAAAAcU/TV8lXh8FTBE/w72-h72-p-k-no-nu/20050923.jpg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="20050923.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4140
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:43 GMT
expires: Sun, 19 Mar 2023 18:21:01 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1c5"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/2 4.bp.blogspot.com/-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 27fb438b2231a8fb9354d3a94e88d675
3a8767652d71f34a91c17e6bcfa51dd4efbe0a39
60d540d1619ec165029a7d4755b7a269ce4eededfe6a30f9c5b825773af5c064
GET /-HUmtqrqd1vY/UdBT1ue1sFI/AAAAAAAAHLQ/-XCWnkloqIk/w72-h72-p-k-no-nu/kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kopek_memesi_Hidradenitis_s_pp_rativa.jpg";filename*=UTF-8''kopek_memesi_Hidradenitis_s%C3%BCpp%C3%BCrativa.jpg
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2571
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:43 GMT
expires: Sun, 19 Mar 2023 19:28:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v71fc"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/2 1.bp.blogspot.com/-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8ab41d14c1aa09a171e6f7fb8890d5c6
a8b93b1d387d1fbd63c629e849c332cc2b5406be
ef0d3d17010f324ae57a2ae20015c0d728f58c905b70a5518effa04ff160c982
GET /-BOY9-Uh8zIE/Un9g9Ie9CkI/AAAAAAAAH-I/ULqDya2ZItA/w72-h72-p-k-no-nu/10_aralik_insan_haklari_gunu.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1fe3"
expires: Mon, 20 Mar 2023 08:56:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10_aralik_insan_haklari_gunu.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 19 Mar 2023 08:56:43 GMT
server: fife
content-length: 3454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/2 1.bp.blogspot.com/-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1866a1eda8caaedee6e9021f426d9d21
050f44f27fb2164dd65c28a937a89d9f7aa87fd4
6fbe535d995be032754b848a23901cd0eea3d102e279f3cb3a0c881fa52eb4e7
GET /-eo72_jGArcw/YJWvZlothsI/AAAAAAAAIPk/39V8zIRnukk3M1SvJqwCPAL5ciymGzewwCLcBGAsYHQ/w72-h72-p-k-no-nu/unnamed.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v20fb"
expires: Mon, 20 Mar 2023 08:56:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 19 Mar 2023 08:56:43 GMT
server: fife
content-length: 2591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fe99fbfafe932798d008a24a9e6083c5
f4525c21f1da0a2c15ae3c36598d0e243bea4f32
7042c657b1b57b5a441341628450ea07042994316089b30653df49a8ded66fe2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 657e225fbd809f16e51b4997847e5710
28b88c58a006257deb72f43ea236d0a513081847
f37f7d971e2f36b0d260965c8ab09863cffc87cfc3d561c40c3d72c9c207eae5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.106200 OK 10 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.106:0
Hash 93bcaff68bab37a1d4115509ce9f6812
6219776f601e9a0a6527d75adba5a48252973b63
d429a81b66c2aea6c7827a16dc80dd62d17d76334a614e98e7a2e96877398572
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 19 Mar 2023 08:56:42 GMT
date: Sun, 19 Mar 2023 08:56:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fe99fbfafe932798d008a24a9e6083c5
f4525c21f1da0a2c15ae3c36598d0e243bea4f32
7042c657b1b57b5a441341628450ea07042994316089b30653df49a8ded66fe2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Mar 2023 02:42:38 GMT
expires: Wed, 13 Mar 2024 02:42:38 GMT
cache-control: public, max-age=31536000
age: 454445
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
142.250.74.35200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 11:28:37 GMT
expires: Thu, 14 Mar 2024 11:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
age: 336486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c8dfa805163cbe39595d31e72da716e
34a2c4ac208f5f9d77302b67f556203d539388d7
874fcb1c9736686213758fa8009b9569d1d068ccd760461476c37d7e01fcebaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 657e225fbd809f16e51b4997847e5710
28b88c58a006257deb72f43ea236d0a513081847
f37f7d971e2f36b0d260965c8ab09863cffc87cfc3d561c40c3d72c9c207eae5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.35200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 14:34:21 GMT
expires: Fri, 15 Mar 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 238942
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2791bef32b5f929f9b8ad37800b5cd57
d801651cd01d119fd8b761404c942e0f15fd449a
5be9b295f54d11dfffb0475781c1dbcdae5685969866def1580c624947a2511b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 12:07:35 GMT
expires: Fri, 15 Mar 2024 12:07:35 GMT
cache-control: public, max-age=31536000
age: 247748
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Mar 2023 04:05:31 GMT
expires: Tue, 12 Mar 2024 04:05:31 GMT
cache-control: public, max-age=31536000
age: 535872
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/s72-c/dort_buyuk_melek.JPG
142.250.74.161200 OK 5.4 kB URL HTTP/2 3.bp.blogspot.com/-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/s72-c/dort_buyuk_melek.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e5ff4092d9f53f787a2281c39ec1ee12
3c0fbae4388f69c1467c150c038d833294d812d2
e903c2d0f5775aae4b182b49d44add26b57f0907400c3ccdaae979c2a925f968
GET /-FmB8ZZHFKdE/Wb_oD3m_tRI/AAAAAAAAkVc/UjbME4XLWkI2mF68AjTVEtsgur8kLL_eQCLcBGAs/s72-c/dort_buyuk_melek.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v9158"
expires: Mon, 20 Mar 2023 08:56:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="dort_buyuk_melek.JPG"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 19 Mar 2023 08:56:43 GMT
server: fife
content-length: 5397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 657e225fbd809f16e51b4997847e5710
28b88c58a006257deb72f43ea236d0a513081847
f37f7d971e2f36b0d260965c8ab09863cffc87cfc3d561c40c3d72c9c207eae5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
172.217.21.162200 OK 4.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205)
Hash bad17ab9662318e8927e5009c83c2ad1
53ded630f95abe04b7b77d43076bf71b9ea71c02
68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260
GET /pagead/html/r20230315/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4549
x-xss-protection: 0
date: Sun, 19 Mar 2023 01:32:39 GMT
expires: Sun, 02 Apr 2023 01:32:39 GMT
cache-control: public, max-age=1209600
age: 26644
etag: 2378337311435320485
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116423 bytes)
Hash d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Sun, 19 Mar 2023 08:56:43 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 21:48:03 GMT
expires: Fri, 15 Mar 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 212920
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 17:56:42 GMT
expires: Fri, 15 Mar 2024 17:56:42 GMT
cache-control: public, max-age=31536000
age: 226801
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash dd445f80969eafc945a1713b881c65b5
29dd86852bb25c6efe34f594ba32f39965506250
defb26caabbcf1f792124891e19134bf56d4193ff7257da359cc9f03aff456fd
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 23 Mar 2023 08:23:51 GMT
ETag: "29dd86852bb25c6efe34f594ba32f39965506250"
Last-Modified: Sun, 19 Mar 2023 08:23:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 19 Mar 2023 08:56:43 GMT
Age: 1971
X-Served-By: cache-qpg1241-QPG, cache-bma1626-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1679216203.301337,VS0,VE92
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash dd445f80969eafc945a1713b881c65b5
29dd86852bb25c6efe34f594ba32f39965506250
defb26caabbcf1f792124891e19134bf56d4193ff7257da359cc9f03aff456fd
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 23 Mar 2023 08:23:51 GMT
ETag: "29dd86852bb25c6efe34f594ba32f39965506250"
Last-Modified: Sun, 19 Mar 2023 08:23:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 19 Mar 2023 08:56:43 GMT
Age: 1971
X-Served-By: cache-qpg1241-QPG, cache-bma1655-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1679216203.189497,VS0,VE203
static.rollercoin.com/static/img/ref/gen2/w160h600.gif
172.67.72.239200 OK 280 kB URL HTTP/2 static.rollercoin.com/static/img/ref/gen2/w160h600.gif
IP 172.67.72.239:0
File type GIF image data, version 89a, 160 x 600\012- data
Size 280 kB (279535 bytes)
Hash f7ebe601cd03f5ff0728bc5deee504d1
fbb6122a673bdd0cdc0dea9701007b7a2ca44148
1cfb0e0282f23b87e38a716bd20b5d8ae545e20a8e866886b99363d38ef6e2f5
GET /static/img/ref/gen2/w160h600.gif HTTP/1.1
Host: static.rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:43 GMT
content-type: image/gif
content-length: 279535
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=323815, status=vary_header_present
etag: "48a59acf42541b23d2b554a963decea6"
last-modified: Thu, 19 Jan 2023 11:51:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx0000000000000e8205215-0063c973dc-5193d7f2-nyc3c
x-rgw-object-type: Normal
cache-control: max-age=1382400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKwtW0FD%2B744G0%2B1GMC9LyIXKXbOpjrPfodLyJEQNl4m2L4ALCQvVk8pq0g6%2F0l53AqtdwmPtaIPt8XTKy7hnB5W4fVOZmQuNUSnn6iUqRvNweVIqP7xvAO3ESar1N1otE6trVElGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aa480f67d750b06-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 87e8754f77e64d2a97d62650b23ba210
33a03a35cc36fa7a4038e4d8f61b32db00931db1
0b591e5fd039ad981bda31968a210cd4ed216f6768a6c78a0396096918dfbc6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 87e8754f77e64d2a97d62650b23ba210
33a03a35cc36fa7a4038e4d8f61b32db00931db1
0b591e5fd039ad981bda31968a210cd4ed216f6768a6c78a0396096918dfbc6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 19 Mar 2023 08:56:43 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
83.66.162.128200 OK 6.8 kB URL HTTP/1.1 widget.boomads.com/images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type GIF image data, version 89a, 125 x 80\012- data
Hash a0b54b194c22d6cf6dde8262b4e6caa8
7db7699e7e4cb090ed556f78d8692b59eca416d8
a28da5026d7c857976a413a63f4d5df448c8461f4531194e71668ebdbe7bbcc9
GET /images/bumerangWidget/bumerang-yazarkafe-yazarlari-12580-square.gif HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 2
Date: Sun, 19 Mar 2023 08:56:42 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "6e4be609991d11:0"
Content-Type: image/gif
Last-Modified: Fri, 08 Apr 2016 13:20:09 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 6812
widget.boomads.com/scripts/widget.js
83.66.162.128200 OK 1.1 kB URL HTTP/1.1 widget.boomads.com/scripts/widget.js
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (445), with CRLF line terminators
Hash ed2b316a78c01ecfd467a238bdb5a894
9820a06beef95ab789d3211359dfbe34d11c339e
0626a69c458560c8f8fadb5c81f56d9009e89951aa89f4fff3d4ef445d1b94e7
GET /scripts/widget.js HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Age: 2
Date: Sun, 19 Mar 2023 08:56:42 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
ETag: "08e5d619991d11:0"
Content-Type: application/x-javascript
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2016 13:20:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 1149
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3421
Expires: Sun, 19 Mar 2023 09:53:44 GMT
Date: Sun, 19 Mar 2023 08:56:43 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18fd8f2fbf2c8cda9989d976e3086c89
5365b0a4f5e7965edab78c48587dc22f5ecef744
8eae5a7c4d4661eab0dd077ca1c50608dc67ea328b235dacb00771e0c45eeccc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6645ef8b7e2b10326cc1cb7c76f82769
cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced
1076fa495f0b7cc23922f64cc6a6f596de9a6f08ea7549eef785d804db0be7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe323f22e-6800-4578-a34f-a8fa940499e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8189
x-amzn-requestid: 3815c61d-6d05-4794-bd9a-d417d1270527
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqgGsdIAMFi6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e42-6af86b2a21b89d38559ca754;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: n-Dbnb07Rsh0y_T4UW0VQSyRcV96MehdMiFlhdUtcrCiqZVL5ZVJxg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:14:54 GMT
age: 38509
etag: "cc7b05fa466c6ecd6c8a0e0d6ccc96ecbd59aced"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07289211ce045b31693c7bb59c06f338
210abec1182bb94b9d0e48827ecb8023611c4489
808b7bfa4b75cfb91e003d6375802da7d2719de29d4f64776dea57992b7632c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffb155f3-4b60-4d8c-879f-3b7bd1c5c129.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5311
x-amzn-requestid: 3e000f36-3e2a-4008-950b-2e9f83306e51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_w3eFmtIAMF7EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e95-1b9e4cc8033920ea365de22f;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: mB-sWMCTChGtVbvW4TkpKqqpSACyRLw9x32bDY3kvV3f0IrEsti9cg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:48:16 GMT
etag: "210abec1182bb94b9d0e48827ecb8023611c4489"
content-type: image/jpeg
age: 40107
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 19 Mar 2023 08:56:43 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cb0650-2c5d-4809-8bb9-0a6c7a2b7562.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cb0650-2c5d-4809-8bb9-0a6c7a2b7562.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 925c6d8d9b0bd170303c785824f842f6
74127f320b41464959c3d1881aa7056a2bb7c3db
7c87a48bbff78f9f302c77508a3899709dc146ff6a095c548398e710aa6119c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cb0650-2c5d-4809-8bb9-0a6c7a2b7562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10913
x-amzn-requestid: 71cd1b59-f51f-47af-aab3-523716b6b34f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bp_4XGugIAMFtkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d79ce-2494be625549a22d410f4aa7;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 07:05:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: r9hbB7S9Fi4bfJuPdSnSbInXAGuk2frr-b5qftWJQgFJFDUlCibvew==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 09:04:16 GMT
age: 85947
etag: "74127f320b41464959c3d1881aa7056a2bb7c3db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F834645cc-a32c-47ac-a12f-235778429d48.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F834645cc-a32c-47ac-a12f-235778429d48.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 082117af513213d5b43e25c97b2b2ed6
f7f8151a3827455579613bf12a3e45c049fb2e33
bb31257b2410493e8ab481ce3f2a3215c7ca5af9702319afbafc17b988d5bde1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F834645cc-a32c-47ac-a12f-235778429d48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7432
x-amzn-requestid: eadf4a39-81bf-4e09-b9e4-45e3c9592996
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_w2HEzSoAMFTxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e8d-099b5c3d32d7d7300266dd95;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: geY0kRQBa0RwG_aW9n_18KoQrJNNNR3zRMKkmsA2OOXQHGkEE4N0Qw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 22:13:23 GMT
age: 38600
etag: "f7f8151a3827455579613bf12a3e45c049fb2e33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: K19FG80YIBs-7NnPFJQEodETe4DpifB_BA2FpyYtB0W-sXXjNlLKxw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 07:04:47 GMT
age: 6716
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 790ee76f4db86cd0cc555f6d7beada2c
fea1a6b2a38be6a09e086def71f521cc88509a0f
f7641b9e414006ee96daa82fd9d6aa1463d47c0388a9f3b289c563af76a3d2ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948af7b9-8b3e-4159-bdaa-f68fedcc3497.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7930
x-amzn-requestid: 276e0768-3943-40ba-9d6c-4f13ab08da51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B_wqXFwvoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64162e42-6f9e6903248d187d5d4a8544;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 21:33:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ZMNiK-tkkiBb_emHsrzLhJleK98OCtNZNGO-9DMMAbHyqfPB-2kAMg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 21:48:16 GMT
age: 40107
etag: "fea1a6b2a38be6a09e086def71f521cc88509a0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73af20327f0f4938b7c375ac8a34466a
e108c5c8cd69ca4d7c3441bc2806e2a44eea6056
d23a6378cdd4c7f9ba0924e4d11fdb96267bdfacd7faa4c060d0a6cd2eefcff5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
83.66.162.128200 OK 318 B URL HTTP/1.1 widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 60965bc98dda023d6dbb0de7b7c676bb
59819b0d77a4206626389d78b1862223b150ccdd
2fd9761476a794c7d53342d8845843e3c9cbe393fbc26682e11059fe79a5ef95
GET /widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ASP.NET_SessionId=1owizj54232dfqtvpxxo1zti; path=/; HttpOnly; SameSite=Lax
BMDSD365TP50BFACTSV=26593=1; expires=Mon, 20-Mar-2023 09:56:42 GMT; path=/
X-Powered-By: ASP.NET
XSrv: BOOM01
Date: Sun, 19 Mar 2023 08:56:42 GMT
Content-Length: 318
z.moatads.com/addthismoatframe568911941483/moatframe.js
2.18.173.140200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=11969
date: Sun, 19 Mar 2023 08:56:44 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f213b2ce8d0852642b310ec319c66db
04836358ac1106f0957ac6cc9e5cb2c3ac7faee5
a1efcb9813a827193ea1ee2567bc1eccb909775590ccdf9c7513bd11563cc4a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Cookie: test_cookie=CheckForPermission
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:46:09 GMT
expires: Sun, 19 Mar 2023 09:01:09 GMT
cache-control: public, max-age=900
age: 635
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 9.8 kB URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type gzip compressed data, max compression\012- data
Hash 9da73065a1fe5842cd850d10b1fb1d54
3d269c1aee31dcb37bbceed3a09de6b32c8e1433
ff744d9344abf8c9e4c1dd45e79ede3361745beee60b43d4a238820191523042
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5726965044016880204%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttps://dusunmekvepaylasmak.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.Oupypiulh58.O/d%253D1/rs%253DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dusunmekvepaylasmak.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 19 Mar 2023 08:56:43 GMT
location: https://www.blogger.com/followers.g?blogID=5726965044016880204&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=https://dusunmekvepaylasmak.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.Oupypiulh58.O/d%3D1/rs%3DAHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/m%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-QUvGCFTCW3rFwm2g3BCQ6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:470xmB70BbRJO-fnPsvfDiV7nbPmRw:RHNg24_qujF2b9_i; Expires=Tue, 18-Mar-2025 08:56:43 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f213b2ce8d0852642b310ec319c66db
04836358ac1106f0957ac6cc9e5cb2c3ac7faee5
a1efcb9813a827193ea1ee2567bc1eccb909775590ccdf9c7513bd11563cc4a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
83.66.162.128200 OK 4.5 kB URL HTTP/1.1 widget.boomads.com//content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01
IP 83.66.162.128:0
ASN #12978 Andromeda Tv Digital Platform Isletmeciligi A.s.
File type ASCII text, with very long lines (19781), with no line terminators
Hash 9addf68a5cc9633f32c20bfe9df6eaaa
b2bcfadf03938190ba76702f6d33c99f5491cf7b
7454bc429d787dd6a335f7d1fb73a058f3ad426761bf19d089fceadd9b048165
GET //content/common?v=WoxxTNod9_hJwcHx2Ncm4DkZ1z_Prr2Qzr2t3AtnP-01 HTTP/1.1
Host: widget.boomads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.boomads.com/widget/widget143?widgetid=143&clientid=f72a707a12204c948580e3116049950d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 5478843
Date: Sat, 14 Jan 2023 23:02:31 GMT
Expires: Sun, 14 Jan 2024 22:04:59 GMT
Cache-Control: public
Connection: Keep-Alive
Via: NS-CACHE-10.0: 134
Content-Type: text/css; charset=utf-8
Content-Encoding: gzip
Last-Modified: Sat, 14 Jan 2023 22:04:59 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
XSrv: BOOM01
Content-Length: 4517
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a5473438840cb24bc73b71d677fdfa37
9f0600ca75918387e6ac0bc425239e2b560253fa
9f57a48d5be54eebe0e1b93251cc300c5ff1b7211f08c160ddd8668bf7384052
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a5473438840cb24bc73b71d677fdfa37
9f0600ca75918387e6ac0bc425239e2b560253fa
9f57a48d5be54eebe0e1b93251cc300c5ff1b7211f08c160ddd8668bf7384052
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a5473438840cb24bc73b71d677fdfa37
9f0600ca75918387e6ac0bc425239e2b560253fa
9f57a48d5be54eebe0e1b93251cc300c5ff1b7211f08c160ddd8668bf7384052
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a5473438840cb24bc73b71d677fdfa37
9f0600ca75918387e6ac0bc425239e2b560253fa
9f57a48d5be54eebe0e1b93251cc300c5ff1b7211f08c160ddd8668bf7384052
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
216.58.211.1200 OK 1.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1054)
Hash 169edf919beed1ee17c8a752ef12132e
b7fbae15ed7789984ee59618845b914aae37bf3e
2bcf9aebfd80a2558d54f39de59542c3df52610616fb2e4380d9f3d976cc13fc
GET /pagead/js/r20230315/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1236
x-xss-protection: 0
date: Sat, 18 Mar 2023 18:04:19 GMT
expires: Sat, 01 Apr 2023 18:04:19 GMT
cache-control: public, max-age=1209600
age: 53545
etag: 15004572836499977866
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 8.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (2465)
Hash 13bda74bb2b80f6dc8235cda38df9e0e
007cd7e1d892598f1775abe7d22fd0280b7b6cc0
4e72ad89ebf83a3c5cb0092e22de0fac7fd4ef07a173fa9ca33514ebfc23649c
GET /pagead/js/r20230315/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8617
x-xss-protection: 0
date: Sat, 18 Mar 2023 18:04:19 GMT
expires: Sat, 01 Apr 2023 18:04:19 GMT
cache-control: public, max-age=1209600
age: 53545
etag: 263085479041318444
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js
216.58.211.1200 OK 738 B URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (689)
Hash 967ef6a57e8b77199566733e307ed863
2a53e944b3e713cc785dcd64c8a1c114082c7caf
a16bd3409e52b93408e8ca34af1f6c0bf03ad36d44979db141c777ba0f1199e1
GET /pagead/js/r20230315/r20110914/client/load_preloaded_resource_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 738
x-xss-protection: 0
date: Sat, 18 Mar 2023 18:06:28 GMT
expires: Sat, 01 Apr 2023 18:06:28 GMT
cache-control: public, max-age=1209600
age: 53416
etag: 1394486882873449110
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 9.1 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1998)
Hash b445fc1e6af13aecb4aa3051c0d80a36
d993d336552d924acae83d3c667e49265b9419fe
76550b67de5605d548ba7b8d3424912d0f0ed7413adc12e9b142fb8368099e52
GET /pagead/js/r20230315/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9101
x-xss-protection: 0
date: Sat, 18 Mar 2023 18:04:30 GMT
expires: Sat, 01 Apr 2023 18:04:30 GMT
cache-control: public, max-age=1209600
age: 53534
etag: 583283675565503348
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 19 Mar 2023 08:56:44 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash b78683218d3c773548101141f18bf060
6083ecd1b0edbe82cae0f0a5cf5932a8f182760e
4da1f39f8aad043e5b28c25d76a01e662b264d92b43285c5a3ac468ce33d796e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2897
Cache-Control: max-age=171248
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Etag: "6416bceb-139"
Expires: Tue, 21 Mar 2023 08:30:52 GMT
Last-Modified: Sun, 19 Mar 2023 07:42:35 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 313
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e0cc6a93ade27892388cc415be4de812
a6fc56334b042cb364c1f33275a1fd22dc0c5399
762d4dcba36b469fc93f1d65e32244c4e8a2f74eef1dd9108adb4c9e243ccd18
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 19 Mar 2023 08:56:44 GMT
server: ESF
cache-control: private
content-length: 31435
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bd346648e310559e97eeb40811b99378
2480ca3fd62b9d46e50627c27e674a3ce942e049
a7a48104f931f3c1f679ea27d929c01b2fb75009965ad4d28625633df5d3b866
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 19c14f58184c7e690016123d3ef7a534
2c72fde2182255e717fb88abf38f3d4cdfdefafd
cdac56c85e414c7934436cc5347cdf356ad82b3fbfd2e6bac40a4156382442ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/jMXjN2HAYFDikoBAXgfevdpWkHhGH85W_0Jzh_Unf9E.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/jMXjN2HAYFDikoBAXgfevdpWkHhGH85W_0Jzh_Unf9E.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36099)
Hash 45d33e9b830ec1e80474803106d1d142
3d5d0167c298ada9edb0a34b3c369d25df8b2a38
4df98273620e15a604e9e709c6fff93f38208688e2637f5d41f8b5a6cd3a2dbb
GET /js/th/jMXjN2HAYFDikoBAXgfevdpWkHhGH85W_0Jzh_Unf9E.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 05:04:07 GMT
expires: Thu, 14 Mar 2024 05:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Mar 2023 10:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 359557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 4.6 kB URL HTTP/2 yt3.ggpht.com/vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 7f0d8c8d9cbb88ed7c0dc10ee1a2b0ae
830e3dfe396cc6bc3a448d0ed13e4f1d25fdef58
0f8e403418f768e45267ca0edb3223d1a3c5e1dec070040b6399c0a89773cbf4
GET /vSurgNpZHlWX8uHinTXoYeqnuPJAxY3aYRcwpVzu9IL79wOm5vEW_mnWID6C9DozW2CC0f0aaQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4552
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:44 GMT
expires: Wed, 15 Mar 2023 21:43:28 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
216.58.211.22200 OK 43 kB URL HTTP/2 i.ytimg.com/vi_webp/mOjEYeiPxNc/sddefault.webp
IP 216.58.211.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 54d632dcf2c7931571e806f7815bd341
f5d1afc80ec9d6ebf36d48c916a3d5d15a740536
fc5aeb473a35527660b29b9cddf6ebefe4c57ae1c982a04dedfc1619f1135bef
GET /vi_webp/mOjEYeiPxNc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 43014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 08:56:44 GMT
expires: Sun, 19 Mar 2023 10:56:44 GMT
cache-control: public, max-age=7200
etag: "1668598177"
content-type: image/webp
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dusunmekvepaylasmak.blogspot.com/search/label/azrail%20etimoloji?m=1
216.58.207.193200 OK 316 B URL HTTP/2 dusunmekvepaylasmak.blogspot.com/search/label/azrail%20etimoloji?m=1
IP 216.58.207.193:0
Hash 9fae1841320a0eaa434a022513f60859
245fac7a1ba86adda5bf5571babef7d5280672a4
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
Analyzer Verdict Alert fortinet Malware
GET /search/label/azrail%20etimoloji?m=1 HTTP/1.1
Host: dusunmekvepaylasmak.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 19 Mar 2023 08:56:42 GMT
date: Sun, 19 Mar 2023 08:56:42 GMT
cache-control: private, max-age=0
last-modified: Sun, 12 Feb 2023 16:02:19 GMT
etag: W/"c55f17209c5493a7ee9ddc504df3e67291ad1ca6d3df5e2fe2b5f0c632d85717"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 120631
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rollercoin.com/static/img/public_img/gen2/w160h600.gif
172.67.72.239301 Moved Permanently 1.7 kB URL HTTP/2 rollercoin.com/static/img/public_img/gen2/w160h600.gif
IP 172.67.72.239:0
Hash d1aa20e38f6103b39a2939510a00e3f5
540b4455b6fc7a2435a64384dc54385a5523aadc
b4efbd56acbdc44124e13bbcd01286bf27905a233fc5e91b369898287f56d8f3
GET /static/img/public_img/gen2/w160h600.gif HTTP/1.1
Host: rollercoin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 19 Mar 2023 08:56:43 GMT
content-type: text/html
location: https://static.rollercoin.com/static/img/ref/gen2/w160h600.gif
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trfwMja%2FzLzBOT4ttTvr2F76M%2FUSf%2BVCMJ8vOCDzH8CXP9Jnlt9OX2Z6pNW0tYXlY0XvG4oSdZ4fRtZHzIKmpnJRvSwOW3Mg%2FdDzDJiI2XGX47nMHU2VBAVYf5hqscSC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aa480f47b530b06-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bd346648e310559e97eeb40811b99378
2480ca3fd62b9d46e50627c27e674a3ce942e049
a7a48104f931f3c1f679ea27d929c01b2fb75009965ad4d28625633df5d3b866
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 23ed11ddd03bf253866650fc6428c9c4
4c03b0e581c86ae2837b86726f896a07518b05bb
0debc1de87ec4f08dabb70a5953ff29aa13b643da71c6007e440bb96f2d085ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4509
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Last-Modified: Sun, 19 Mar 2023 07:41:36 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 8c43f151f7a70fedcc290da9f7a458c2
26828ee09bff4e6901dce166f5afd17d90610c5d
96bf32108e5b574237200fa54098e5b1df6b71db4d496272f38e9af461744608
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2773
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Last-Modified: Sun, 19 Mar 2023 08:10:33 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash 870304ded54611700bc2760e5ef4b77b
2493bffcf2e08fb383712c2e47cad966895e0399
d02fdeaf5e03e125d3781cb6caf464e03ab6b1293ebc4d5b34dd577552845e14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2932
Cache-Control: max-age=91387
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Etag: "641584d4-138"
Expires: Mon, 20 Mar 2023 10:19:52 GMT
Last-Modified: Sat, 18 Mar 2023 09:31:00 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 8c43f151f7a70fedcc290da9f7a458c2
26828ee09bff4e6901dce166f5afd17d90610c5d
96bf32108e5b574237200fa54098e5b1df6b71db4d496272f38e9af461744608
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 892
Cache-Control: max-age=142662
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Etag: "64165518-139"
Expires: Tue, 21 Mar 2023 00:34:27 GMT
Last-Modified: Sun, 19 Mar 2023 00:19:36 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 313
rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEEvOFmTAYTVrMCsxNyrxAAASAAAKDkFRVURBUVlCQVFFQkFR&wp=ZBbOSwAJybECO8y5AAXAcmAju7k82gJY-bv98g
178.250.1.10200 OK 0 B URL HTTP/2 rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEEvOFmTAYTVrMCsxNyrxAAASAAAKDkFRVURBUVlCQVFFQkFR&wp=ZBbOSwAJybECO8y5AAXAcmAju7k82gJY-bv98g
IP 178.250.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWdgFtgGdg2ICAgAAAPD5bjfNWhCBEEvOFmTAYTVrMCsxNyrxAAASAAAKDkFRVURBUVlCQVFFQkFR&wp=ZBbOSwAJybECO8y5AAXAcmAju7k82gJY-bv98g HTTP/1.1
Host: rtb.nl3.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 162926
date: Sun, 19 Mar 2023 08:56:44 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kLTUDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BBKzhZkTG6pQ6dqpsdyZAAAEgMBCg5BUVVCQlFZQkJRRUJCUQ&wp=ZBbOSwAJ7wAKmrPXAASxUiRPPIOHUEaABTkuuQ
178.250.0.129200 OK 0 B URL HTTP/2 rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kLTUDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BBKzhZkTG6pQ6dqpsdyZAAAEgMBCg5BUVVCQlFZQkJRRUJCUQ&wp=ZBbOSwAJ7wAKmrPXAASxUiRPPIOHUEaABTkuuQ
IP 178.250.0.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kLTUDrWzWQAAnYNiAgIAAAC_oV1-pfcQ9BBKzhZkTG6pQ6dqpsdyZAAAEgMBCg5BUVVCQlFZQkJRRUJCUQ&wp=ZBbOSwAJ7wAKmrPXAASxUiRPPIOHUEaABTkuuQ HTTP/1.1
Host: rtb.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server-processing-duration-in-ticks: 385545
date: Sun, 19 Mar 2023 08:56:45 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 19 Mar 2023 08:56:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=vhFlbqLkM6Cgf7bWFOwMrOgfI97VVCLWCKAHHudkptx4IZkhJHVwV-85laor3y90uYWypEOxFLatMTvbbvDY_1m01VFstcYRx-myz9sg-7Q-VK0T2LxuVJYnHAuAtudhjmpx0N-tDJWs32W6ARHfmTcyDJL6KYk-3WKpYhtBWxCr1uh1-ure5MAGbZVCmoYzKY0Bsue9t8onP44I8cflny8RR2d6RU6GZUsG51IUapRY3ArhHCxX3-vni6OCAYASwjYSrl0tl4hV0U9pMJd-NcXCKUezQ80yYsjFjEA-JoPVcXOk6wdv77Ocra_AWNJRpZxA0vm2wZLyXUIktw_BZoYJzOGTnmfKBTxsfvNm6R0ZSDgmjyGs7LzV8tDLRGIsAuyipIwOkX2XBZ9hhDSoMAtLsTgWnh6f9LZqtq_c3nhR4RfJc7VxJuixmt5S8fl4k2d8fQjZZ8_EK_ssNaspKAE0pmn2yyp7R8312ioNVW5Ijo6w&z=ZBbOSwAJ7wAKmrPXAASxUiRPPIOHUEaABTkuuQ
178.250.0.160200 OK 87 B URL HTTP/2 cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=vhFlbqLkM6Cgf7bWFOwMrOgfI97VVCLWCKAHHudkptx4IZkhJHVwV-85laor3y90uYWypEOxFLatMTvbbvDY_1m01VFstcYRx-myz9sg-7Q-VK0T2LxuVJYnHAuAtudhjmpx0N-tDJWs32W6ARHfmTcyDJL6KYk-3WKpYhtBWxCr1uh1-ure5MAGbZVCmoYzKY0Bsue9t8onP44I8cflny8RR2d6RU6GZUsG51IUapRY3ArhHCxX3-vni6OCAYASwjYSrl0tl4hV0U9pMJd-NcXCKUezQ80yYsjFjEA-JoPVcXOk6wdv77Ocra_AWNJRpZxA0vm2wZLyXUIktw_BZoYJzOGTnmfKBTxsfvNm6R0ZSDgmjyGs7LzV8tDLRGIsAuyipIwOkX2XBZ9hhDSoMAtLsTgWnh6f9LZqtq_c3nhR4RfJc7VxJuixmt5S8fl4k2d8fQjZZ8_EK_ssNaspKAE0pmn2yyp7R8312ioNVW5Ijo6w&z=ZBbOSwAJ7wAKmrPXAASxUiRPPIOHUEaABTkuuQ
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d38a0d1aebf6acd91c0309fe5be69b51
8d2e954fe60f35edfbf216bdb38dd78dffd57c04
12c934ce79bce2c11fe783a7333d3dfe6cf8be3aef5c3d59f92ef9a393c83433
GET /delivery/lgn.php?cppv=3&cpp=vhFlbqLkM6Cgf7bWFOwMrOgfI97VVCLWCKAHHudkptx4IZkhJHVwV-85laor3y90uYWypEOxFLatMTvbbvDY_1m01VFstcYRx-myz9sg-7Q-VK0T2LxuVJYnHAuAtudhjmpx0N-tDJWs32W6ARHfmTcyDJL6KYk-3WKpYhtBWxCr1uh1-ure5MAGbZVCmoYzKY0Bsue9t8onP44I8cflny8RR2d6RU6GZUsG51IUapRY3ArhHCxX3-vni6OCAYASwjYSrl0tl4hV0U9pMJd-NcXCKUezQ80yYsjFjEA-JoPVcXOk6wdv77Ocra_AWNJRpZxA0vm2wZLyXUIktw_BZoYJzOGTnmfKBTxsfvNm6R0ZSDgmjyGs7LzV8tDLRGIsAuyipIwOkX2XBZ9hhDSoMAtLsTgWnh6f9LZqtq_c3nhR4RfJc7VxJuixmt5S8fl4k2d8fQjZZ8_EK_ssNaspKAE0pmn2yyp7R8312ioNVW5Ijo6w&z=ZBbOSwAJ7wAKmrPXAASxUiRPPIOHUEaABTkuuQ HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:44 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2941976
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash e04648b3948c055ad51675efc33b4ea0
eced2ddcf82828989addc8856662dfa730638d2c
2529c5e1ab789af8e109c193682b16f7683a2f09f203bcb38e4a2d26ea080f57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: max-age=121666
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Etag: "6415f400-138"
Expires: Mon, 20 Mar 2023 18:44:31 GMT
Last-Modified: Sat, 18 Mar 2023 17:25:20 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 312
pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26192&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F6%2F9%2F3%2F4693cefc0977448b8ed43f46dc3aca5f138d4b60_plotki.png%3Fcb%3D202311&ups=1&v=3&w=800&s=q0QUngLJLcRQOlxGrrEt3Zuc
178.250.0.139200 OK 165 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26192&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F6%2F9%2F3%2F4693cefc0977448b8ed43f46dc3aca5f138d4b60_plotki.png%3Fcb%3D202311&ups=1&v=3&w=800&s=q0QUngLJLcRQOlxGrrEt3Zuc
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 165 kB (164846 bytes)
Hash 2f78da503fbbc8ed8dfd21ead49759f9
54828c195506de7dd31b0c299edf461bfd543672
52f535e34ff359c05dd0539196b738f7fc5f7c1837debba1138f95f82abdd8d8
GET /img/img?c=3&cq=256&h=800&m=0&partner=26192&q=80&r=2&u=https%3A%2F%2Fpierce-images.imgix.net%2Fimages%2F4%2F6%2F9%2F3%2F4693cefc0977448b8ed43f46dc3aca5f138d4b60_plotki.png%3Fcb%3D202311&ups=1&v=3&w=800&s=q0QUngLJLcRQOlxGrrEt3Zuc HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31012107
expires: Tue, 12 Mar 2024 07:25:12 GMT
date: Sun, 19 Mar 2023 08:56:45 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 164846
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash e04648b3948c055ad51675efc33b4ea0
eced2ddcf82828989addc8856662dfa730638d2c
2529c5e1ab789af8e109c193682b16f7683a2f09f203bcb38e4a2d26ea080f57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Last-Modified: Sun, 19 Mar 2023 07:37:34 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 312
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcathrine-hammel%2F1300x1700%2Fchl153222_clightbrown_v2338.jpg&v=3&w=400&s=C_CHTR1imeOzX9PSNHteHEJz&b=400
178.250.0.139200 OK 11 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcathrine-hammel%2F1300x1700%2Fchl153222_clightbrown_v2338.jpg&v=3&w=400&s=C_CHTR1imeOzX9PSNHteHEJz&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 322x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8de63d231f35e8fa08d7cdef85612b08
76059c0c8cc8434d090ffc5558ba688a4006c7d2
ee86f824c421fdb55600d035496c4162e73e49f76ad3b1fcfdd25eacec53303b
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcathrine-hammel%2F1300x1700%2Fchl153222_clightbrown_v2338.jpg&v=3&w=400&s=C_CHTR1imeOzX9PSNHteHEJz&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31240165
expires: Thu, 14 Mar 2024 22:46:11 GMT
date: Sun, 19 Mar 2023 08:56:44 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10656
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash e04648b3948c055ad51675efc33b4ea0
eced2ddcf82828989addc8856662dfa730638d2c
2529c5e1ab789af8e109c193682b16f7683a2f09f203bcb38e4a2d26ea080f57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2381
Cache-Control: max-age=119296
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Etag: "6415f400-138"
Expires: Mon, 20 Mar 2023 18:05:01 GMT
Last-Modified: Sat, 18 Mar 2023 17:25:20 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 312
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_ctan.jpg&v=3&w=400&s=NTtvgePhF0MNicCYa-0Orwfu&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_ctan.jpg&v=3&w=400&s=NTtvgePhF0MNicCYa-0Orwfu&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x342, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99693f44b94946304f8bc098974bcdd2
a76990117ddf657cb61f09a8e8011211efc5e897
4f31215492ee8b7855652b8d7f548ffedbbf1b4f6f0ce8077d02264fcdb926b8
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf1741394803_ctan.jpg&v=3&w=400&s=NTtvgePhF0MNicCYa-0Orwfu&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29153987
expires: Mon, 19 Feb 2024 19:16:33 GMT
date: Sun, 19 Mar 2023 08:56:44 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 13820
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash e04648b3948c055ad51675efc33b4ea0
eced2ddcf82828989addc8856662dfa730638d2c
2529c5e1ab789af8e109c193682b16f7683a2f09f203bcb38e4a2d26ea080f57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: max-age=121666
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Etag: "6415f400-138"
Expires: Mon, 20 Mar 2023 18:44:31 GMT
Last-Modified: Sat, 18 Mar 2023 17:25:20 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash e04648b3948c055ad51675efc33b4ea0
eced2ddcf82828989addc8856662dfa730638d2c
2529c5e1ab789af8e109c193682b16f7683a2f09f203bcb38e4a2d26ea080f57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2381
Cache-Control: max-age=119296
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:45 GMT
Etag: "6415f400-138"
Expires: Mon, 20 Mar 2023 18:05:01 GMT
Last-Modified: Sat, 18 Mar 2023 17:25:20 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 312
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fb91def91807e4ab9b1978f405683072d_1200x628_no.png&v=3&w=1200&s=4H6kNYBeO6YF_jtG_qhUVEal
178.250.0.139200 OK 60 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fb91def91807e4ab9b1978f405683072d_1200x628_no.png&v=3&w=1200&s=4H6kNYBeO6YF_jtG_qhUVEal
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bae5a441da8414ca3d39b7be668410e1
3e38aeb01b75c4797931bc6c78139eb976fc6eb2
5ac2800ac4df83f215d7be46dc96d42361f871463062e23cd41bee6848bbac8d
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fb91def91807e4ab9b1978f405683072d_1200x628_no.png&v=3&w=1200&s=4H6kNYBeO6YF_jtG_qhUVEal HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29787990
expires: Tue, 27 Feb 2024 03:23:15 GMT
date: Sun, 19 Mar 2023 08:56:45 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 60414
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsteve-madden%2F1300x1700%2Fsmnsm11000442_cmauve.jpg&v=3&w=400&s=lMxtU8EU3pBPXL7zSkWSyMJE&b=400
178.250.0.139200 OK 16 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsteve-madden%2F1300x1700%2Fsmnsm11000442_cmauve.jpg&v=3&w=400&s=lMxtU8EU3pBPXL7zSkWSyMJE&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x340, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8fe92e7bedb9b13bc25b2438950d7cd9
c1ef288d1d6cd5f083416c54db5290eb0e1137e5
2ddb6fc62012dc076969ce33ac303a9301cec28435e53d7f79222672f76a84c4
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsteve-madden%2F1300x1700%2Fsmnsm11000442_cmauve.jpg&v=3&w=400&s=lMxtU8EU3pBPXL7zSkWSyMJE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30758195
expires: Sat, 09 Mar 2024 08:53:20 GMT
date: Sun, 19 Mar 2023 08:56:45 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15470
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=360&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=196&s=harNfLCAQ-sefZY0u4f1ACzd
178.250.0.139200 OK 2.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=360&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=196&s=harNfLCAQ-sefZY0u4f1ACzd
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x74, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c91ca274409bbfc2e676b3bfcc5c643f
86a6590b80c1f8c92244b16481b17004e58b943f
e57fa01f6f7eb4a034e277ba6dd47bcbbc8a92813a86c7309a8595a3973a9554
GET /img/img?h=360&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=196&s=harNfLCAQ-sefZY0u4f1ACzd HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29797840
expires: Tue, 27 Feb 2024 06:07:25 GMT
date: Sun, 19 Mar 2023 08:56:45 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2018
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/close_button.svg
178.250.1.3200 OK 308 B URL HTTP/2 static.criteo.net/flash/icon/close_button.svg
IP 178.250.1.3:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 1bfe2e290ec4440da74a2e2c249eae2b
0b888a3f9e27d1554f2e21d51e7a1c223d00dbd4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
GET /flash/icon/close_button.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 08:56:45 GMT
content-type: image/svg+xml
content-length: 308
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
etag: "5e46a5e4-134"
expires: Wed, 13 Mar 2024 08:56:45 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/back_button2.svg
178.250.1.3200 OK 293 B URL HTTP/2 static.criteo.net/flash/icon/back_button2.svg
IP 178.250.1.3:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash d9f776bdc698e1bc9c6a1977218019cd
5763cfb5ac79adf0fa7f03a82bad04eea2dca243
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
GET /flash/icon/back_button2.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 08:56:45 GMT
content-type: image/svg+xml
content-length: 293
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
etag: "626a59dc-125"
expires: Wed, 13 Mar 2024 08:56:45 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
accept-ranges: bytes
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 19 Mar 2023 08:56:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK 193 B URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.98:0
Hash 83b482393f028e6de91b032e7fae746b
50bad14cd7b4602d7b9f1ef6d769288588594fc8
031cbc91f964c96aa1975380c3bd66f5fe254439f3281bf0e06bc385c3912aa2
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
timing-allow-origin: *
content-length: 49519
date: Sun, 19 Mar 2023 08:56:44 GMT
expires: Sun, 19 Mar 2023 08:56:44 GMT
cache-control: private, max-age=3000
etag: "1678880156327103"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=t23tXfcwdD2lB9p_Fa6_bdtpgWpPZkqv6LjU_3vC_SiP3D-28i6Xy1jXlDF8GXKWEOkNqNx4tyzpaJ2CAIv8hQY7jrlMdDM9SfnXJ-vBHORh9fzhRE0efFgt27FXdPC3OSiJdmujEriFYiyo5pgDEJorZN2O9vwh-DSLNAhqtdwL4YMvm4yx69HCzzMSHrqPTFgYKqFB3XUv-bsZCuoQiYgrI2vSGEFRi356S3fIC4CjX-T8UnOpd0C6vNwWxCsxsS7Z_w&sds=2&rev=85089&sendBeacon=true
178.250.1.25200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=t23tXfcwdD2lB9p_Fa6_bdtpgWpPZkqv6LjU_3vC_SiP3D-28i6Xy1jXlDF8GXKWEOkNqNx4tyzpaJ2CAIv8hQY7jrlMdDM9SfnXJ-vBHORh9fzhRE0efFgt27FXdPC3OSiJdmujEriFYiyo5pgDEJorZN2O9vwh-DSLNAhqtdwL4YMvm4yx69HCzzMSHrqPTFgYKqFB3XUv-bsZCuoQiYgrI2vSGEFRi356S3fIC4CjX-T8UnOpd0C6vNwWxCsxsS7Z_w&sds=2&rev=85089&sendBeacon=true
IP 178.250.1.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=t23tXfcwdD2lB9p_Fa6_bdtpgWpPZkqv6LjU_3vC_SiP3D-28i6Xy1jXlDF8GXKWEOkNqNx4tyzpaJ2CAIv8hQY7jrlMdDM9SfnXJ-vBHORh9fzhRE0efFgt27FXdPC3OSiJdmujEriFYiyo5pgDEJorZN2O9vwh-DSLNAhqtdwL4YMvm4yx69HCzzMSHrqPTFgYKqFB3XUv-bsZCuoQiYgrI2vSGEFRi356S3fIC4CjX-T8UnOpd0C6vNwWxCsxsS7Z_w&sds=2&rev=85089&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:45 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAALQtmre-JuykEE3OFmRyrweKK2f3JJtkAAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZBbOTQAGeGEKmrHIAACYCnS90aac7FIme2z3Ug
178.250.1.10200 OK 0 B URL HTTP/2 rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAALQtmre-JuykEE3OFmRyrweKK2f3JJtkAAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZBbOTQAGeGEKmrHIAACYCnS90aac7FIme2z3Ug
IP 178.250.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWawC2ASdg2ICAgAAALQtmre-JuykEE3OFmRyrweKK2f3JJtkAAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZBbOTQAGeGEKmrHIAACYCnS90aac7FIme2z3Ug HTTP/1.1
Host: rtb.nl3.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 166982
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQS84WZC3AeEhbkJbewbsAABIAAAoOQVFVQkFRWUJBUUVQQVE&wp=ZBbOSwAJxzEKmsWTAAFnAayqlQOxtwOH8Lg3yg
178.250.1.10200 OK 0 B URL HTTP/2 rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM71FLOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQS84WZC3AeEhbkJbewbsAABIAAAoOQVFVQkFRWUJBUUVQQVE&wp=ZBbOSwAJxzEKmsWTAAFnAayqlQOxtwOH8Lg3yg
IP 178.250.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /google/auction/notify?profile=14&payload=kM71FLOzWe0HfJ2DYgICAAAA0-wy0uAhG5EQS84WZC3AeEhbkJbewbsAABIAAAoOQVFVQkFRWUJBUUVQQVE&wp=ZBbOSwAJxzEKmsWTAAFnAayqlQOxtwOH8Lg3yg HTTP/1.1
Host: rtb.nl3.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server-processing-duration-in-ticks: 202438
date: Sun, 19 Mar 2023 08:56:45 GMT
server: Kestrel
content-length: 0
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 14632d58f00907c27bb986ee95790c8f
b16eeaee45cf727e5e17588887c4030645e05c49
682c43f278df56045a30928216563e4686d1dbc7523f5312b5c2bbf26394f698
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1723
Cache-Control: max-age=154235
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:46 GMT
Etag: "64167f0e-1d7"
Expires: Tue, 21 Mar 2023 03:47:21 GMT
Last-Modified: Sun, 19 Mar 2023 03:18:38 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 4a832cfdddee2dedb19c0c266316ed78
49a13b3afbd2b2484c1092301ad7469c03b1beb7
1c607562e62d85dd147e33ecc948c7a32984159e9a66d315edd873f4cf2929e4
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 9b2190c497670baf8212449335d3be09
etag: "cd4eabc12eae907de78701a8c466bb6a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 19 Mar 2023 09:00:04 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: SoMs/d3uLe2xnAwmYxbteA==
x-fb-debug: UaAKMErrA8H7pymvIgew6zGwP0bfEqb5asO82akq3QMEo9HYWa3I5CuGm717hR0vj1861NslnLytudhw6sRwcw==
content-length: 1686
x-fb-trip-id: 1904183273
date: Sun, 19 Mar 2023 08:56:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 14632d58f00907c27bb986ee95790c8f
b16eeaee45cf727e5e17588887c4030645e05c49
682c43f278df56045a30928216563e4686d1dbc7523f5312b5c2bbf26394f698
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1721
Cache-Control: max-age=154233
Content-Type: application/ocsp-response
Date: Sun, 19 Mar 2023 08:56:46 GMT
Etag: "64167f0e-1d7"
Expires: Tue, 21 Mar 2023 03:47:19 GMT
Last-Modified: Sun, 19 Mar 2023 03:18:38 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
static.criteo.net/flash/icon/criteo_logo_2021.svg
178.250.1.3200 OK 346 kB URL HTTP/2 static.criteo.net/flash/icon/criteo_logo_2021.svg
IP 178.250.1.3:0
Size 346 kB (346536 bytes)
Hash 96383d0e09d50ac8a75e1a2900f63947
cd9d9ef3ad0df84a8dd3729fa4c2c9c3a32ed6c9
d3a8af12262a1d80a2ea791a147031130d78946872c338d5a5a7923eac931f40
GET /flash/icon/criteo_logo_2021.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 08:56:45 GMT
content-type: image/svg+xml
last-modified: Thu, 27 May 2021 13:21:59 GMT
etag: W/"60af9cf7-891"
expires: Wed, 13 Mar 2024 08:56:45 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 19 Mar 2023 08:56:46 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=ZBbOSwAJxzEKmsWTAAFnAayqlQOxtwOH8Lg3yg&u=%7CS3U8C4VLaDzF0JeD%2BeprSoKY8rZzweBJBOw8fezp14k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUHqZkcvGBKQ4NQqL0N9NsTXPo7rKNwUjhce1gzdNerNqmr51fwEMHvkx43SfrAHRyVTqElgrOjINJTtfbO6boFG9wE1Q3XXwHXZnza6Qi1j8IgzjvOPsyLq8Awc_afj47OUiKhdGD3lsVrPrUyLMekl-AB3_OQjPSlgJjpC6H_7srLcRAH81m2Tq9SlS-5Jf_BuTSRVxwAo9gnnd3yK7EYIoPyE19cM34s4fatz6RfdDevIKoXK8SycusoDPDD0rQCtwAHzHk5kgIskT1PAqSFfINAm3fbbteNzEsqaDlJz_M9IZNiBU5yTa8i9207ZxcBhMckQgd2YRFWFN_qgGAfnuxTw-I-ZI0EuINu_3xugAesI4aQElEaaDO3KAOt4wNdQFfje-92ZbfBC9aWyvaF8Pn9e-YmdXUQFEPSgpkWm0OHdHsoKYbsQLzZFWghkIjHPXQVWbiUoC9IXwfRBYYxYTIRzhYjC0ZPB2gugTnBoKKZLalRkha0r87snCXQ5cSA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUk7FS84WZLGOJ5OL6wSBzoXgCsme0rFc9Z2Y93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQLVYLTSw-axPqgDAaoEjQJP0OfC8GrH1DpsyRoymELABqmFr4wK5AOMfROosi1hBQw-awoHyeNnBloZnMdWVsKJkNoJgeWI244mf9UmibHygvlkhbd523QQNWVTUS7sdTjMBQRtqinn7E6cBpWrLlE8NhC7HF9q0MCCcaivQcN4QHLUm46khwFhfTPez2OIhMPCQSlcW7idLoBxkhdO-J0Q9BhMIfurWUVVExiuMrbfdDrfQcPXblJIcCTelj77vFIp7DaU2WNGiLadmqlTGfruj5QOtEDU3dqiQWTr2TyAFFBKC-Q1HIvLerPkuqxSi8YfqtBTpETxkjFZHJKEka29oyn5Db561scz8PEW3UN1wxDXMXgh3wy6eE9Dt4AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2i7JgcMa5iEnj-HndRA6lIEPikvg%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 51 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=ZBbOSwAJxzEKmsWTAAFnAayqlQOxtwOH8Lg3yg&u=%7CS3U8C4VLaDzF0JeD%2BeprSoKY8rZzweBJBOw8fezp14k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUHqZkcvGBKQ4NQqL0N9NsTXPo7rKNwUjhce1gzdNerNqmr51fwEMHvkx43SfrAHRyVTqElgrOjINJTtfbO6boFG9wE1Q3XXwHXZnza6Qi1j8IgzjvOPsyLq8Awc_afj47OUiKhdGD3lsVrPrUyLMekl-AB3_OQjPSlgJjpC6H_7srLcRAH81m2Tq9SlS-5Jf_BuTSRVxwAo9gnnd3yK7EYIoPyE19cM34s4fatz6RfdDevIKoXK8SycusoDPDD0rQCtwAHzHk5kgIskT1PAqSFfINAm3fbbteNzEsqaDlJz_M9IZNiBU5yTa8i9207ZxcBhMckQgd2YRFWFN_qgGAfnuxTw-I-ZI0EuINu_3xugAesI4aQElEaaDO3KAOt4wNdQFfje-92ZbfBC9aWyvaF8Pn9e-YmdXUQFEPSgpkWm0OHdHsoKYbsQLzZFWghkIjHPXQVWbiUoC9IXwfRBYYxYTIRzhYjC0ZPB2gugTnBoKKZLalRkha0r87snCXQ5cSA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUk7FS84WZLGOJ5OL6wSBzoXgCsme0rFc9Z2Y93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQLVYLTSw-axPqgDAaoEjQJP0OfC8GrH1DpsyRoymELABqmFr4wK5AOMfROosi1hBQw-awoHyeNnBloZnMdWVsKJkNoJgeWI244mf9UmibHygvlkhbd523QQNWVTUS7sdTjMBQRtqinn7E6cBpWrLlE8NhC7HF9q0MCCcaivQcN4QHLUm46khwFhfTPez2OIhMPCQSlcW7idLoBxkhdO-J0Q9BhMIfurWUVVExiuMrbfdDrfQcPXblJIcCTelj77vFIp7DaU2WNGiLadmqlTGfruj5QOtEDU3dqiQWTr2TyAFFBKC-Q1HIvLerPkuqxSi8YfqtBTpETxkjFZHJKEka29oyn5Db561scz8PEW3UN1wxDXMXgh3wy6eE9Dt4AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2i7JgcMa5iEnj-HndRA6lIEPikvg%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
Hash 9728c415c0ad40f9a3a8bf33695c37b7
ed576793711795c8bea3d90a664391c5cf1b66bc
77bb230ae6c4138aeb04990f055363c006f3d5d12832e9fd2260a48ff8cb9e91
GET /delivery/r/afr.php?z=ZBbOSwAJxzEKmsWTAAFnAayqlQOxtwOH8Lg3yg&u=%7CS3U8C4VLaDzF0JeD%2BeprSoKY8rZzweBJBOw8fezp14k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUHqZkcvGBKQ4NQqL0N9NsTXPo7rKNwUjhce1gzdNerNqmr51fwEMHvkx43SfrAHRyVTqElgrOjINJTtfbO6boFG9wE1Q3XXwHXZnza6Qi1j8IgzjvOPsyLq8Awc_afj47OUiKhdGD3lsVrPrUyLMekl-AB3_OQjPSlgJjpC6H_7srLcRAH81m2Tq9SlS-5Jf_BuTSRVxwAo9gnnd3yK7EYIoPyE19cM34s4fatz6RfdDevIKoXK8SycusoDPDD0rQCtwAHzHk5kgIskT1PAqSFfINAm3fbbteNzEsqaDlJz_M9IZNiBU5yTa8i9207ZxcBhMckQgd2YRFWFN_qgGAfnuxTw-I-ZI0EuINu_3xugAesI4aQElEaaDO3KAOt4wNdQFfje-92ZbfBC9aWyvaF8Pn9e-YmdXUQFEPSgpkWm0OHdHsoKYbsQLzZFWghkIjHPXQVWbiUoC9IXwfRBYYxYTIRzhYjC0ZPB2gugTnBoKKZLalRkha0r87snCXQ5cSA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUk7FS84WZLGOJ5OL6wSBzoXgCsme0rFc9Z2Y93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi03MzA5ODQ1NTI1Mjg1MDI5yAEJqQLVYLTSw-axPqgDAaoEjQJP0OfC8GrH1DpsyRoymELABqmFr4wK5AOMfROosi1hBQw-awoHyeNnBloZnMdWVsKJkNoJgeWI244mf9UmibHygvlkhbd523QQNWVTUS7sdTjMBQRtqinn7E6cBpWrLlE8NhC7HF9q0MCCcaivQcN4QHLUm46khwFhfTPez2OIhMPCQSlcW7idLoBxkhdO-J0Q9BhMIfurWUVVExiuMrbfdDrfQcPXblJIcCTelj77vFIp7DaU2WNGiLadmqlTGfruj5QOtEDU3dqiQWTr2TyAFFBKC-Q1HIvLerPkuqxSi8YfqtBTpETxkjFZHJKEka29oyn5Db561scz8PEW3UN1wxDXMXgh3wy6eE9Dt4AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2i7JgcMa5iEnj-HndRA6lIEPikvg%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:44 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0TYAdfcwdD2lB9p_ckjBKuehpRD_6liV0cELeqMTL06bdl9gCdfzbuFSQG46oDbjyqybj2HfW2WESkjK-4XA_DkqLm6wXIEg8CBZQIoExZ2RIWK88vz5d9wUw0QRypePgv5mOLB1PmibzFZO7JWhcCbZKmVCOZTWsSfpiTNdtjnic1QhxA3-VgUBI9wyjQ-IUeslo4Hm3ShHVkYH-QfbNtJwIkqzIWWZTrX5yInJEKDC7YvhZpN0ZqPAQYgLVAzV_53wCw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 125573649
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=ZBbOTQAGeGEKmrHIAACYCnS90aac7FIme2z3Ug&u=%7CgOaKC7y1W1S2ltQX%2FLwn%2BIv6bbIqho5q%2B43vOmqHIyM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17PNE0GER20ZMixBPdlDsAaIQ8wkp63P7XQieauiSTtsd5jafnigTAMHum-uffkuBeTGhd2192VfmGRCeiiAvrwbPJmFxBtpKcPc7q741ERbqIMe-M6To7WdgBTVdOYWfdPOHWVtJv_XWzPv2icb5rcHl34UsaUzhPT7gBpy1nusEF8rsRsrfqtiPh-3xsHFF2r1KX4RCynaGh_tfDOSWFcy8boKx1tTqDT3tuzNGmMRLgv6mHzytqBvhTWSWbJwxvFLEy5Kv-XLFqzzgEDUy7yHVGwxoxCY5PWy3dWXwtrim27V_q8TJlhsh1ilCnQdTyh_Gzf7LgzAyp_NzyAkoyiEAGqjrqCeNd6MgGcqeiR6Nll3RUY5GqQuCWyllfgSxGg0XMOiAge1LwJ95c8yH6E-U2gksTF_zG7hSzPjf2YeEiKjYhKg4YIodC9mGRRSleW0NW0RAnBbtJsLy8KWq9Rh0gcoIAD9A7-318aWATG0HMvEd5RA9alVG2OH3uiHUBp&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV7fBTc4WZOHwGcjj6gSKsIKgA8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakC1WC00sPmsT6oAwGqBJICT9DyqrRH7wVHUDTZG_8YfHd_nixUWu1UPKgOIBeNEpE_KSDLAys4pLLfKkFQnd8fLy1syFB18FsCizbto0glIIacxo0Lmjo_zwXb0iGSq6KYzkR_t0ykw-cnQRCReLGK0-zDTn8bOF0e4dGDazSRxuXnbOqoTifM6BebjYNZy_WgeuKR-ydb3KKMSCqBFmQMB8FdqPTsMAgpR43NKtZ0WbXNKuQcNs4RN_LOfoSmw5RMfeplGaDD_YXD6gC_fzC1yz8rFIwKGoixW95XL06H6lH8h6lZYBuyAqpTjZg4CW1C-b_ujRkV14m3PtLh05R-psfXUeHoHHZXk6dBGmP6CvcyfjcgbFHScwAhI82kP-aDc4AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03X5bib1kGOYuNA3LnMk65STqRcw%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 66 kB URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=ZBbOTQAGeGEKmrHIAACYCnS90aac7FIme2z3Ug&u=%7CgOaKC7y1W1S2ltQX%2FLwn%2BIv6bbIqho5q%2B43vOmqHIyM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17PNE0GER20ZMixBPdlDsAaIQ8wkp63P7XQieauiSTtsd5jafnigTAMHum-uffkuBeTGhd2192VfmGRCeiiAvrwbPJmFxBtpKcPc7q741ERbqIMe-M6To7WdgBTVdOYWfdPOHWVtJv_XWzPv2icb5rcHl34UsaUzhPT7gBpy1nusEF8rsRsrfqtiPh-3xsHFF2r1KX4RCynaGh_tfDOSWFcy8boKx1tTqDT3tuzNGmMRLgv6mHzytqBvhTWSWbJwxvFLEy5Kv-XLFqzzgEDUy7yHVGwxoxCY5PWy3dWXwtrim27V_q8TJlhsh1ilCnQdTyh_Gzf7LgzAyp_NzyAkoyiEAGqjrqCeNd6MgGcqeiR6Nll3RUY5GqQuCWyllfgSxGg0XMOiAge1LwJ95c8yH6E-U2gksTF_zG7hSzPjf2YeEiKjYhKg4YIodC9mGRRSleW0NW0RAnBbtJsLy8KWq9Rh0gcoIAD9A7-318aWATG0HMvEd5RA9alVG2OH3uiHUBp&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV7fBTc4WZOHwGcjj6gSKsIKgA8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakC1WC00sPmsT6oAwGqBJICT9DyqrRH7wVHUDTZG_8YfHd_nixUWu1UPKgOIBeNEpE_KSDLAys4pLLfKkFQnd8fLy1syFB18FsCizbto0glIIacxo0Lmjo_zwXb0iGSq6KYzkR_t0ykw-cnQRCReLGK0-zDTn8bOF0e4dGDazSRxuXnbOqoTifM6BebjYNZy_WgeuKR-ydb3KKMSCqBFmQMB8FdqPTsMAgpR43NKtZ0WbXNKuQcNs4RN_LOfoSmw5RMfeplGaDD_YXD6gC_fzC1yz8rFIwKGoixW95XL06H6lH8h6lZYBuyAqpTjZg4CW1C-b_ujRkV14m3PtLh05R-psfXUeHoHHZXk6dBGmP6CvcyfjcgbFHScwAhI82kP-aDc4AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03X5bib1kGOYuNA3LnMk65STqRcw%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39326)
Hash 52058c9aade7bc1b24a10916710e023d
203d481f266d893a28d6ebf05b4440c1ce839f4c
0976d40c46411d6037f283083e672a878451d72b471a959b821f913b25b7994d
GET /delivery/r/afr.php?z=ZBbOTQAGeGEKmrHIAACYCnS90aac7FIme2z3Ug&u=%7CgOaKC7y1W1S2ltQX%2FLwn%2BIv6bbIqho5q%2B43vOmqHIyM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XSt65XcMk17PNE0GER20ZMixBPdlDsAaIQ8wkp63P7XQieauiSTtsd5jafnigTAMHum-uffkuBeTGhd2192VfmGRCeiiAvrwbPJmFxBtpKcPc7q741ERbqIMe-M6To7WdgBTVdOYWfdPOHWVtJv_XWzPv2icb5rcHl34UsaUzhPT7gBpy1nusEF8rsRsrfqtiPh-3xsHFF2r1KX4RCynaGh_tfDOSWFcy8boKx1tTqDT3tuzNGmMRLgv6mHzytqBvhTWSWbJwxvFLEy5Kv-XLFqzzgEDUy7yHVGwxoxCY5PWy3dWXwtrim27V_q8TJlhsh1ilCnQdTyh_Gzf7LgzAyp_NzyAkoyiEAGqjrqCeNd6MgGcqeiR6Nll3RUY5GqQuCWyllfgSxGg0XMOiAge1LwJ95c8yH6E-U2gksTF_zG7hSzPjf2YeEiKjYhKg4YIodC9mGRRSleW0NW0RAnBbtJsLy8KWq9Rh0gcoIAD9A7-318aWATG0HMvEd5RA9alVG2OH3uiHUBp&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV7fBTc4WZOHwGcjj6gSKsIKgA8me0rFc1Z2R93DAjbcBEAEgAGDDhICAmBiCARdjYS1wdWItNzMwOTg0NTUyNTI4NTAyOcgBCakC1WC00sPmsT6oAwGqBJICT9DyqrRH7wVHUDTZG_8YfHd_nixUWu1UPKgOIBeNEpE_KSDLAys4pLLfKkFQnd8fLy1syFB18FsCizbto0glIIacxo0Lmjo_zwXb0iGSq6KYzkR_t0ykw-cnQRCReLGK0-zDTn8bOF0e4dGDazSRxuXnbOqoTifM6BebjYNZy_WgeuKR-ydb3KKMSCqBFmQMB8FdqPTsMAgpR43NKtZ0WbXNKuQcNs4RN_LOfoSmw5RMfeplGaDD_YXD6gC_fzC1yz8rFIwKGoixW95XL06H6lH8h6lZYBuyAqpTjZg4CW1C-b_ujRkV14m3PtLh05R-psfXUeHoHHZXk6dBGmP6CvcyfjcgbFHScwAhI82kP-aDc4AG3a3inMabjauLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03X5bib1kGOYuNA3LnMk65STqRcw%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:45 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=wVC8IfcwdD2lB9p_tgbLZWq_faK3wMxO33OAobsYHFtlim3oqQdTIrQo0eS6WU4hUP6DoZB3Rw5w9N9WJcZsDeYafMOkhUIqcQ4wGlWklnkF5s8DWHW7YJCve6J5vCNyAc7CXiLhGa4swqLLLS1_qj6Gly_4yXgmytJdxcRUMZpsLXm_FSuZvtPBk6BU3886daeKSzjzDEPOWIjjU3riHx3ail0mxwLlbog0pitIecyRGahMeVg_Wlb_w75S2jxTrhv81w"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 137612026
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pOFVP993wCs3txwqPiSRw8TATw4g2FZRp13heU1iQfWVyoczr2mnxXTLeTwSN-Lu8TlNY4ghJVFhS9yuCkqdQpQZhXDRMYDUOtqPYq9HGhJkfN1CYi2OFH0VWfoDydcQn727HlpyFOuKS_v8q0216xVNlluPFBvhYshmj60XPr_fxfVw2kH5loPyNyl1o1MWs7b_nFeIuN5XzYCXu_JfpNjfqgw03WxuSOJa5irsldMW0-lLyeerxYKVjTNTyGj_WS6yxP831q0Ja-azazGH483H47SFucNNqS5P9HppK45MJynalmheZuYZWK30YtAwBs3rI9YcJM_iHAsIxDBQe0b70hr23_TJ0mR-YjsxUF0bAf1HukHGjIWze505ZaKITIJsDIj8UkCji1JT4_GZilkr395w15IZP96dJHpq04gUEji-
178.250.0.160200 OK 3.0 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pOFVP993wCs3txwqPiSRw8TATw4g2FZRp13heU1iQfWVyoczr2mnxXTLeTwSN-Lu8TlNY4ghJVFhS9yuCkqdQpQZhXDRMYDUOtqPYq9HGhJkfN1CYi2OFH0VWfoDydcQn727HlpyFOuKS_v8q0216xVNlluPFBvhYshmj60XPr_fxfVw2kH5loPyNyl1o1MWs7b_nFeIuN5XzYCXu_JfpNjfqgw03WxuSOJa5irsldMW0-lLyeerxYKVjTNTyGj_WS6yxP831q0Ja-azazGH483H47SFucNNqS5P9HppK45MJynalmheZuYZWK30YtAwBs3rI9YcJM_iHAsIxDBQe0b70hr23_TJ0mR-YjsxUF0bAf1HukHGjIWze505ZaKITIJsDIj8UkCji1JT4_GZilkr395w15IZP96dJHpq04gUEji-
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d1eb250eece6591670bccbf4482e9f95
65b7f00fd5a75a4dfffaaf6a0dcda13f6391baf3
fb612441077e5d0001eb28ce98649640f36a9a52514dcc6c9f8aeac90a4bfea3
GET /delivery/lg.php?cppv=3&cpp=pOFVP993wCs3txwqPiSRw8TATw4g2FZRp13heU1iQfWVyoczr2mnxXTLeTwSN-Lu8TlNY4ghJVFhS9yuCkqdQpQZhXDRMYDUOtqPYq9HGhJkfN1CYi2OFH0VWfoDydcQn727HlpyFOuKS_v8q0216xVNlluPFBvhYshmj60XPr_fxfVw2kH5loPyNyl1o1MWs7b_nFeIuN5XzYCXu_JfpNjfqgw03WxuSOJa5irsldMW0-lLyeerxYKVjTNTyGj_WS6yxP831q0Ja-azazGH483H47SFucNNqS5P9HppK45MJynalmheZuYZWK30YtAwBs3rI9YcJM_iHAsIxDBQe0b70hr23_TJ0mR-YjsxUF0bAf1HukHGjIWze505ZaKITIJsDIj8UkCji1JT4_GZilkr395w15IZP96dJHpq04gUEji- HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:46 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2773740
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=0nrlAVgY0MZUBvNy2SzYbkMm
178.250.0.139200 OK 128 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=0nrlAVgY0MZUBvNy2SzYbkMm
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 128 kB (128318 bytes)
Hash 9ff2ed9e224d6b96a54afe736c4b0b07
ef6420bcdc5c7b89e892768d26b6156f20896019
3f643c2f2356cf933397bab72e5df5cdec174c7af924d8352390677e56cfbf68
GET /img/img?h=1200&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2F38fa9246a8044b9d84346a654df0b3f8_1200x1200_no.png&v=3&w=1200&s=0nrlAVgY0MZUBvNy2SzYbkMm HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29797577
expires: Tue, 27 Feb 2024 06:03:04 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 128318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl8030552_cpacificblue_v445.jpg&v=3&w=400&s=KgE1ZmcHH-Boc0dyRC7F3UA0&b=400
178.250.0.139200 OK 5.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl8030552_cpacificblue_v445.jpg&v=3&w=400&s=KgE1ZmcHH-Boc0dyRC7F3UA0&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 337x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 153ecc3b448f3663b6e90e9fecd0e7b2
6b1d83f3b733a1a97e32d80e222f0a351a23732c
193c06e96e5cbf38207b4eb12544f80694fd9eecc93856d9377cf3392d73791a
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl8030552_cpacificblue_v445.jpg&v=3&w=400&s=KgE1ZmcHH-Boc0dyRC7F3UA0&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31456977
expires: Sun, 17 Mar 2024 10:59:44 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5154
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcopenhagen-studios%2F1300x1700%2Fcoecph641_cblack.jpg&v=3&w=400&s=nnJp4kDzGRZFzsUTpoZibzZp&b=400
178.250.0.139200 OK 5.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcopenhagen-studios%2F1300x1700%2Fcoecph641_cblack.jpg&v=3&w=400&s=nnJp4kDzGRZFzsUTpoZibzZp&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 333x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a0ed74f2490bbfeee5868653467fa120
9ba69dd668d285e7a2339e67fc9b5d42c8856c85
a91b9684f59d6b1acaac616bb12fb2cb066886e67ec6f1191a239115e18120cc
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fcopenhagen-studios%2F1300x1700%2Fcoecph641_cblack.jpg&v=3&w=400&s=nnJp4kDzGRZFzsUTpoZibzZp&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29981173
expires: Thu, 29 Feb 2024 09:03:00 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5410
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fday-et%2F1300x1700%2Fday3100475404_cgunmetal_v14100.jpg&v=3&w=400&s=EOTY4mA0CU23C2YZ7es_aoOJ&b=400
178.250.0.139200 OK 6.8 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fday-et%2F1300x1700%2Fday3100475404_cgunmetal_v14100.jpg&v=3&w=400&s=EOTY4mA0CU23C2YZ7es_aoOJ&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x387, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69f1b1ccd4fa9f1717ddfb71d3d0bd7e
0791a6b4017820d77f20a86f4e4d9f9cc640a57f
691d37ecb9e85c95010b88228eb8763674ec59075d5cbdad955f519e2867678e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fday-et%2F1300x1700%2Fday3100475404_cgunmetal_v14100.jpg&v=3&w=400&s=EOTY4mA0CU23C2YZ7es_aoOJ&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=28961085
expires: Sat, 17 Feb 2024 13:41:32 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6818
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsail-racing%2F1300x1700%2Fsrg2132102_cwarmbeige.jpg&v=3&w=400&s=hQ_ng56_c9rrGCUSI0Z7c8_n&b=400
178.250.0.139200 OK 6.1 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsail-racing%2F1300x1700%2Fsrg2132102_cwarmbeige.jpg&v=3&w=400&s=hQ_ng56_c9rrGCUSI0Z7c8_n&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 210x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 34e1789af6ff5bafc3ea9feb8a111ad2
f9b99b4ee16b987655b10d375dafe0ab23b6ae35
b66914735bdf69e120a389c743b8b6d85a06230bc104a43a19adfc7035c6bb02
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsail-racing%2F1300x1700%2Fsrg2132102_cwarmbeige.jpg&v=3&w=400&s=hQ_ng56_c9rrGCUSI0Z7c8_n&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30008442
expires: Thu, 29 Feb 2024 16:37:29 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6060
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadax%2F1300x1700%2Fada118831_ccognac.jpg&v=3&w=400&s=TCeN-Sav6_ZQH7UFvH7dUvqv&b=400
178.250.0.139200 OK 10 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadax%2F1300x1700%2Fada118831_ccognac.jpg&v=3&w=400&s=TCeN-Sav6_ZQH7UFvH7dUvqv&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e0495f01fb10b9ed9a2a8f70bf6ff482
45bf6ddce4456219a459721f3e520bc2b84fd938
ba48e08699b0fb3e3772296b3d83904425f7eca843bba271454bf44e73dbc7cd
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fadax%2F1300x1700%2Fada118831_ccognac.jpg&v=3&w=400&s=TCeN-Sav6_ZQH7UFvH7dUvqv&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30975615
expires: Mon, 11 Mar 2024 21:17:02 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 10396
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Farmor-lux%2F1300x1700%2Frmo78388_cnavire.jpg&v=3&w=400&s=prt4Onh1p_3GS1gbmqr3nRZ5&b=400
178.250.0.139200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Farmor-lux%2F1300x1700%2Frmo78388_cnavire.jpg&v=3&w=400&s=prt4Onh1p_3GS1gbmqr3nRZ5&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 353x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4d21a6808b0e52c2b630cfbae02fb0fb
e5fb2de4090659b94c25c89f4b12c8896dc7ef39
db13d4b9c60c506b789be3d86efdec71e81ff62b22afb53bf436de181855877e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Farmor-lux%2F1300x1700%2Frmo78388_cnavire.jpg&v=3&w=400&s=prt4Onh1p_3GS1gbmqr3nRZ5&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29186034
expires: Tue, 20 Feb 2024 04:10:42 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12482
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fb-young%2F1300x1700%2Fby20809422_cligthbluedenim_v200460.jpg&v=3&w=400&s=WZ3JOYdV5XfpqQrG2AvYP3zr&b=400
178.250.0.139200 OK 13 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fb-young%2F1300x1700%2Fby20809422_cligthbluedenim_v200460.jpg&v=3&w=400&s=WZ3JOYdV5XfpqQrG2AvYP3zr&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 237x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3e95091f2db14111b9a8979066be5c6f
d713abea823568173f1ef004276ae2b4a683006e
7916d44592675a2e7344b27b94331e0e66234f99fe4291829a2350f76f79e17c
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fb-young%2F1300x1700%2Fby20809422_cligthbluedenim_v200460.jpg&v=3&w=400&s=WZ3JOYdV5XfpqQrG2AvYP3zr&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29646167
expires: Sun, 25 Feb 2024 11:59:34 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 12790
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fchampion%2F1300x1700%2Fham404602_cwhitealwht.jpg&v=3&w=400&s=_m8ktHrQs5MSQFIA6gPNfiGk&b=400
178.250.0.139200 OK 12 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fchampion%2F1300x1700%2Fham404602_cwhitealwht.jpg&v=3&w=400&s=_m8ktHrQs5MSQFIA6gPNfiGk&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 319x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ecd4a8a53148b61d83cde5ba61e6730f
e89a9b332358e6e7d49d0b12ee1b2bb712237092
c740d28523691941082a6f8c37107cb2dd9816db4425110c9ad7875e1bf0b2bf
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fchampion%2F1300x1700%2Fham404602_cwhitealwht.jpg&v=3&w=400&s=_m8ktHrQs5MSQFIA6gPNfiGk&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30710470
expires: Fri, 08 Mar 2024 19:37:58 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 11578
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsail-racing%2F1300x1700%2Fsrg2132103_cdkgreymel_v956.jpg&v=3&w=400&s=uvdPg6zi-2vTGav-XY-tsS1s&b=400
178.250.0.139200 OK 6.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsail-racing%2F1300x1700%2Fsrg2132103_cdkgreymel_v956.jpg&v=3&w=400&s=uvdPg6zi-2vTGav-XY-tsS1s&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 290x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e74b09c4fd2c04c494fbbc714283c8d
dd9110ad8a0229edfb572c998352e95c3c4781b6
b034b690a4f6e1a6eecbbdfb4b70f3d702bdcc01938b97b5a0b5867fb009ec60
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsail-racing%2F1300x1700%2Fsrg2132103_cdkgreymel_v956.jpg&v=3&w=400&s=uvdPg6zi-2vTGav-XY-tsS1s&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29627562
expires: Sun, 25 Feb 2024 06:49:29 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 6704
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fday-home%2F1300x1700%2Fdayd12260009_cbrown.jpg&v=3&w=400&s=dDe_2aN8ttaSzd7LraxKpL_I&b=400
178.250.0.139200 OK 35 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fday-home%2F1300x1700%2Fdayd12260009_cbrown.jpg&v=3&w=400&s=dDe_2aN8ttaSzd7LraxKpL_I&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x394, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7851004560e0eba8bddd1bf68023eeab
e923305a1b47d8614d375fd580f27d5ba73fd0c8
23bddcd234983efc71bda54bb3356820cfa280f097e1ac0182429c87fe45aa54
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fday-home%2F1300x1700%2Fdayd12260009_cbrown.jpg&v=3&w=400&s=dDe_2aN8ttaSzd7LraxKpL_I&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30677528
expires: Fri, 08 Mar 2024 10:28:55 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 35210
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flebrand%2F1300x1700%2Flebps2328_cblack.jpg&v=3&w=400&s=mO8Sk7va8SXe1KXnAX_E8kbX&b=400
178.250.0.139200 OK 2.5 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flebrand%2F1300x1700%2Flebps2328_cblack.jpg&v=3&w=400&s=mO8Sk7va8SXe1KXnAX_E8kbX&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 328x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52517f643ea236f05aef8a42f2cd409e
d68bb4f0ef04d6960c748f624b7f04fb2c122007
48b8c598e6c755e0148970c957596c1571b2327badce48f79d75a4643ecbcebb
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Flebrand%2F1300x1700%2Flebps2328_cblack.jpg&v=3&w=400&s=mO8Sk7va8SXe1KXnAX_E8kbX&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31020174
expires: Tue, 12 Mar 2024 09:39:41 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2516
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsoaked-in-luxury%2F1300x1700%2Fsil30406251_camberbrown_v171147.jpg&v=3&w=400&s=4NTVr1Kl_NOxwlctLMNGI_Ye&b=400
178.250.0.139200 OK 14 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsoaked-in-luxury%2F1300x1700%2Fsil30406251_camberbrown_v171147.jpg&v=3&w=400&s=4NTVr1Kl_NOxwlctLMNGI_Ye&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 93b5889e192e195356439ffc728804a7
c301debae005653a2e8a2b1e6b86718c7a461b4d
8cf9c1d91dbb2f97240b49dc534ab4ea52745a7de093b603b074d951a5542445
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fsoaked-in-luxury%2F1300x1700%2Fsil30406251_camberbrown_v171147.jpg&v=3&w=400&s=4NTVr1Kl_NOxwlctLMNGI_Ye&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29723298
expires: Mon, 26 Feb 2024 09:25:06 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14422
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Furban-pioneers%2F1300x1700%2Fups20312_cnavy.jpg&v=3&w=400&s=tRFagIr19hXY_Ywfmln4rfbO&b=400
178.250.0.139200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Furban-pioneers%2F1300x1700%2Fups20312_cnavy.jpg&v=3&w=400&s=tRFagIr19hXY_Ywfmln4rfbO&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 316x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d2bda76c73103ad339a290ad9bc7d149
15a53505b0b0f97af14d95a53c95df58e445dbc0
bee07ace6a07c55dd98c8366a68d9ee7387d8174b456f03b168734aade6429e3
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Furban-pioneers%2F1300x1700%2Fups20312_cnavy.jpg&v=3&w=400&s=tRFagIr19hXY_Ywfmln4rfbO&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31143752
expires: Wed, 13 Mar 2024 19:59:19 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14896
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fshine%2F1300x1700%2Fshi2220000_cltgrey.jpg&v=3&w=400&s=uo6GeZAClmOX1U6VrAYaNloN&b=400
178.250.0.139200 OK 8.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fshine%2F1300x1700%2Fshi2220000_cltgrey.jpg&v=3&w=400&s=uo6GeZAClmOX1U6VrAYaNloN&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 326x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b1e18e7a8718be3439bf1ca04f38fc11
0a3fd5c2dd504f5146dfea7be5f5535ac8c66522
f5b0c67d6098323a2c772a1a98f8c1cb286dd2cf4aa44987fa99a77bbf4a27bf
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fshine%2F1300x1700%2Fshi2220000_cltgrey.jpg&v=3&w=400&s=uo6GeZAClmOX1U6VrAYaNloN&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31098440
expires: Wed, 13 Mar 2024 07:24:07 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 8002
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10268923_cmediumgreymelange_v178995wlgmbirch.jpg&v=3&w=400&s=ZW3_u7pX41hh76uOOgk6rNMP&b=400
178.250.0.139200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10268923_cmediumgreymelange_v178995wlgmbirch.jpg&v=3&w=400&s=ZW3_u7pX41hh76uOOgk6rNMP&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 306x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6a112dc08577d756ac907878f89dd00c
f39bbf952abf81131408e8926f9742f71049b9bf
3529c7e8dc05ed21e38d210627905f8cd23264cef92f165869235982080d0e01
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fvero-moda%2F1300x1700%2Fvm10268923_cmediumgreymelange_v178995wlgmbirch.jpg&v=3&w=400&s=ZW3_u7pX41hh76uOOgk6rNMP&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29321874
expires: Wed, 21 Feb 2024 17:54:41 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 14632
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdecoy%2F1300x1700%2Fdec0092129607000_cvit_v1200.jpg&v=3&w=400&s=2iLLEoghsA-Mqsw9cNGNFlff&b=400
178.250.0.139200 OK 2.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdecoy%2F1300x1700%2Fdec0092129607000_cvit_v1200.jpg&v=3&w=400&s=2iLLEoghsA-Mqsw9cNGNFlff&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash edbb0d0f965369a9875eb9364989581d
b3cac6decbb17a2619c2726fe88c9496367a3b3a
48c825b5d5992fb071a3c9a4abb6fa27fe102d24562c756aa379fa7ac81ba9de
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fdecoy%2F1300x1700%2Fdec0092129607000_cvit_v1200.jpg&v=3&w=400&s=2iLLEoghsA-Mqsw9cNGNFlff&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31184581
expires: Thu, 14 Mar 2024 07:19:48 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 1954
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=XlWoobHvV44WWWAi_61BXHNm7ol2xCtp754NmarcniD1sAFksTQHnzcjKOG5X1OmUwDnLXNnesTIV6OIe22DVnlC_LB9Ij6NJafv6KLOuayyh3n5kRtz_t3ZBl1ulets2PXwuepG_m9CbBSN43D897DmO4yCRfX-DsJQGseoXn4WHmRo6KRthCCyHsKnkO9tM-mvJzvbXQNQT8XTMXx-dGpbSejtzFhctoLYPpHotdcbd-r3QwmDWaQVDxOOPiU2PySq8B_o1NiZcoxImM9B20-6G2gBu3nyKZCcr2_uFDCnUU9XbrltmbB-nf80TOLpb3uTP9kB0PFom0sgjRbFNTr59riD3BJ5Mb05fSMinAsL9jdCscUIiexCGyqsZ8V0nhQro1V3vCJaWmi4ZujlassuLXLTJjrbcqx5WrI4JSB1y526EitI9iF-_P-suyIpOkTu8w
178.250.0.160200 OK 19 kB URL HTTP/2 cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=XlWoobHvV44WWWAi_61BXHNm7ol2xCtp754NmarcniD1sAFksTQHnzcjKOG5X1OmUwDnLXNnesTIV6OIe22DVnlC_LB9Ij6NJafv6KLOuayyh3n5kRtz_t3ZBl1ulets2PXwuepG_m9CbBSN43D897DmO4yCRfX-DsJQGseoXn4WHmRo6KRthCCyHsKnkO9tM-mvJzvbXQNQT8XTMXx-dGpbSejtzFhctoLYPpHotdcbd-r3QwmDWaQVDxOOPiU2PySq8B_o1NiZcoxImM9B20-6G2gBu3nyKZCcr2_uFDCnUU9XbrltmbB-nf80TOLpb3uTP9kB0PFom0sgjRbFNTr59riD3BJ5Mb05fSMinAsL9jdCscUIiexCGyqsZ8V0nhQro1V3vCJaWmi4ZujlassuLXLTJjrbcqx5WrI4JSB1y526EitI9iF-_P-suyIpOkTu8w
IP 178.250.0.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash e36b69ed92112a616d8391432f599654
2cf250f47a9b27d4474f36efdf6e4337ee0da2e4
9555c433b9c735d50aeb31cb81bc33c25f8927729cba4608ddec97ad5a2f05d0
GET /delivery/lg.php?cppv=3&cpp=XlWoobHvV44WWWAi_61BXHNm7ol2xCtp754NmarcniD1sAFksTQHnzcjKOG5X1OmUwDnLXNnesTIV6OIe22DVnlC_LB9Ij6NJafv6KLOuayyh3n5kRtz_t3ZBl1ulets2PXwuepG_m9CbBSN43D897DmO4yCRfX-DsJQGseoXn4WHmRo6KRthCCyHsKnkO9tM-mvJzvbXQNQT8XTMXx-dGpbSejtzFhctoLYPpHotdcbd-r3QwmDWaQVDxOOPiU2PySq8B_o1NiZcoxImM9B20-6G2gBu3nyKZCcr2_uFDCnUU9XbrltmbB-nf80TOLpb3uTP9kB0PFom0sgjRbFNTr59riD3BJ5Mb05fSMinAsL9jdCscUIiexCGyqsZ8V0nhQro1V3vCJaWmi4ZujlassuLXLTJjrbcqx5WrI4JSB1y526EitI9iF-_P-suyIpOkTu8w HTTP/1.1
Host: cat.fr.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:46 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 2731238
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy.svg
178.250.1.3200 OK 3.0 kB URL HTTP/2 static.criteo.net/flash/icon/privacy.svg
IP 178.250.1.3:0
Hash ff2e4522374d32e5b809456627664387
41d8fa2f0be07a25b6a6c837ceef7db90f9d87f7
c142cc67b57f3a7886d54ad70cef97af22aa151b3a82a6643366b56607ef4923
GET /flash/icon/privacy.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 08:56:45 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
etag: W/"5e4d1491-646"
expires: Wed, 13 Mar 2024 08:56:45 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fzebdia%2F1300x1700%2Fzeb12277_cwhite.jpg&v=3&w=400&s=PczMxvgeUk8XnMsehtJ1uG5m&b=400
178.250.0.139200 OK 4.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fzebdia%2F1300x1700%2Fzeb12277_cwhite.jpg&v=3&w=400&s=PczMxvgeUk8XnMsehtJ1uG5m&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x231, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2f65236c9c911d714bdc29ed6c411a1d
0fce2600b801f47f943fd82703609feda45e422c
abcd7bd8046dfff2408e38f8bf3e5c862ab1de13e52384ad17e1eca777cde82a
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fzebdia%2F1300x1700%2Fzeb12277_cwhite.jpg&v=3&w=400&s=PczMxvgeUk8XnMsehtJ1uG5m&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29674274
expires: Sun, 25 Feb 2024 19:48:01 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4150
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Foriginal-penguin%2F1300x1700%2Fopnopwb0011_cdarksapphire.jpg&v=3&w=400&s=csQA-qAWsgDuAXzvdZMk9jwO&b=400
178.250.0.139200 OK 4.7 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Foriginal-penguin%2F1300x1700%2Fopnopwb0011_cdarksapphire.jpg&v=3&w=400&s=csQA-qAWsgDuAXzvdZMk9jwO&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 295x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dcf975aa4c2e8a61f361392756aa6e14
a96f875571ed8aa18c02e634385af1c19c4b6d11
dedbcf94b8e219d86c9c3f7cccab278c70b1d44eb782b1ee41eeebe559e8be3f
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Foriginal-penguin%2F1300x1700%2Fopnopwb0011_cdarksapphire.jpg&v=3&w=400&s=csQA-qAWsgDuAXzvdZMk9jwO&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29756612
expires: Mon, 26 Feb 2024 18:40:19 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4726
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
178.250.0.139200 OK 7.3 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x372, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0eeda7e6493484cfb7f70b2967c08177
35b93c5f4f4652bd480397742e1d7edf02399d31
b1b70f74f765bdeacace86455a42be94b01ab5957f2fbaea09fbba672defef41
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119211_cbrown.jpg&v=3&w=400&s=aoH9gbLxX5y_hDJridYnM3hE&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29414803
expires: Thu, 22 Feb 2024 19:43:30 GMT
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7318
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26027162_cjellybean_v277877.jpg&v=3&w=400&s=VYiWWcK_DSZ2sJx2Fu2nQZ1g&b=400
178.250.0.139200 OK 15 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26027162_cjellybean_v277877.jpg&v=3&w=400&s=VYiWWcK_DSZ2sJx2Fu2nQZ1g&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 228x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e6ae9c6c089a07141e640cd8e96cab83
d44292ec49ba90ea56e6256a9e7e8c8d45689c45
d3e2b18ece4fc3f0999b0a2f7cf17a4ccbbe1de162e7ec3ed1b1193f37b7986a
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fyas%2F1300x1700%2Fyas26027162_cjellybean_v277877.jpg&v=3&w=400&s=VYiWWcK_DSZ2sJx2Fu2nQZ1g&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29281081
expires: Wed, 21 Feb 2024 06:34:49 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 15152
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119293_ctan.jpg&v=3&w=400&s=geAb3RXQpv9SYxVxjpiYHOEb&b=400
178.250.0.139200 OK 7.2 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119293_ctan.jpg&v=3&w=400&s=geAb3RXQpv9SYxVxjpiYHOEb&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x368, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 90f2193a066be605edd3d987e8698d4d
d9f98d211662608d6c4b819803afd624eafa5f53
0d259e230c69014552cf814e3459a1a73031830f4e4862f1e57e3bfafa9c9c5e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Froyal-republiq%2F1300x1700%2Frrq250186119293_ctan.jpg&v=3&w=400&s=geAb3RXQpv9SYxVxjpiYHOEb&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31524850
expires: Mon, 18 Mar 2024 05:50:57 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 7156
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4751089_cwarmkhaki_v213.jpg&v=3&w=400&s=WfbpuBpBCf6CZyVfFUTtRu4m&b=400
178.250.0.139200 OK 4.9 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4751089_cwarmkhaki_v213.jpg&v=3&w=400&s=WfbpuBpBCf6CZyVfFUTtRu4m&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45a34d99ea8aeccff8c2784647e75596
ae07578c57a09824122acf9a4bccd7d5b2ea783c
da9304d340869ee8285408760b7aeb01831b4f9ef8b32eff2416beaf12de034e
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fgant-clothing%2F1300x1700%2Fgcl4751089_cwarmkhaki_v213.jpg&v=3&w=400&s=WfbpuBpBCf6CZyVfFUTtRu4m&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=30015442
expires: Thu, 29 Feb 2024 18:34:10 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 4922
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf2111407535_cwhitesilver.jpg&v=3&w=400&s=RS8JzY87z1uZJ4NWmxrUH6pi&b=400
178.250.0.139200 OK 5.4 kB URL HTTP/2 pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf2111407535_cwhitesilver.jpg&v=3&w=400&s=RS8JzY87z1uZJ4NWmxrUH6pi&b=400
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x269, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e753889f8a96c91af4d847a474f21a33
be7b1740241e54f82e0ee983650d0189bd48d6b3
dedbc6f8199dccb090a19ae30a7fda58575da7633c9d0c74a8506e62ceaa2e7b
GET /img/img?c=3&cq=256&h=400&m=0&partner=91523&q=80&r=0&u=https%3A%2F%2Fean-images.booztcdn.com%2Fbjorn-borg-footwear%2F1300x1700%2Fbbf2111407535_cwhitesilver.jpg&v=3&w=400&s=RS8JzY87z1uZJ4NWmxrUH6pi&b=400 HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29153204
expires: Mon, 19 Feb 2024 19:03:31 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 5368
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pix.eu.criteo.net/img/img?h=244&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=196&s=WX4F_WqquLF3pETc7lq0-MBm
178.250.0.139200 OK 2.0 kB URL HTTP/2 pix.eu.criteo.net/img/img?h=244&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=196&s=WX4F_WqquLF3pETc7lq0-MBm
IP 178.250.0.139:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 196x74, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c91ca274409bbfc2e676b3bfcc5c643f
86a6590b80c1f8c92244b16481b17004e58b943f
e57fa01f6f7eb4a034e277ba6dd47bcbbc8a92813a86c7309a8595a3973a9554
GET /img/img?h=244&m=0&partner=91523&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F91523%2F221124%2Fcf4d96ca020d4e318ab97db5ad436112_logo_n_horizontal.jpg&v=3&w=196&s=WX4F_WqquLF3pETc7lq0-MBm HTTP/1.1
Host: pix.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29797838
expires: Tue, 27 Feb 2024 06:07:25 GMT
date: Sun, 19 Mar 2023 08:56:46 GMT
server: Finatra
cross-origin-resource-policy: cross-origin
content-length: 2018
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
content-type: image/webp
timing-allow-origin: *
vary: Origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
23.38.200.123200 OK 28 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash 6f438e76ae391709e033a3e3809e0b9f
a5cd39eb8d85bee5846355f680d04a270a6f9f4f
a32c496c2c536b8c5aef8b3b7b8a977f41bbab712b93f933f4c6780c696f1b2a
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28519
date: Sun, 19 Mar 2023 08:56:47 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sun, 19 Mar 2023 08:56:47 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/adchoices_en.svg
178.250.1.3200 OK 122 kB URL HTTP/2 static.criteo.net/flash/icon/adchoices_en.svg
IP 178.250.1.3:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1423)
Size 122 kB (121696 bytes)
Hash 3049d73a596436908b6d57f10ecf2e22
0fc8d689d6bad96c34c025508e5f3178bc12b31c
f1ec39d59f8caf4260918c847186855c3788a6c1cc69b676e5b5e66833e13764
GET /flash/icon/adchoices_en.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 08:56:45 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
etag: W/"5e42b9ee-759"
expires: Wed, 13 Mar 2024 08:56:45 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
23.38.200.123200 OK 394 B URL HTTP/2 s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (564), with no line terminators
Hash 09d6e31790596b5636e4332b45864d33
078bdaadd33f7e19f624e403959dca3eef1a73d4
42805621588148ebf5f6329a1ff74711c44dd93a4f592264f953ca7f88422b82
GET /static/159.1c3fceccbc80f2a3615f.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-234"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 394
date: Sun, 19 Mar 2023 08:56:47 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/195.461912c47007775093ae.js
23.38.200.123200 OK 298 B URL HTTP/2 s7.addthis.com/static/195.461912c47007775093ae.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (384), with no line terminators
Hash b3a09bfb320e3798865e9543432f891f
1b852bdc37086072c734acec0af4d1971e6ec320
62048a133b36399f6990ddbf705fc3a2cd9a8a9d010e1fb89ed8bdd25d56fca3
GET /static/195.461912c47007775093ae.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-180"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 298
date: Sun, 19 Mar 2023 08:56:47 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
23.38.200.123200 OK 127 B URL HTTP/2 s7.addthis.com/static/208.92c9dfa16a7b958c8a95.js
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c16f2b8f73dfadd8068f3f840cdf7bc5
48f837510b3e187dde91ce56bdd8453830ce64b2
aa41e2ad8da9c442cc1c812d157425bdb3e7e9ff2aec76ee3ac41bbfec720a0e
GET /static/208.92c9dfa16a7b958c8a95.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-70"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 127
date: Sun, 19 Mar 2023 08:56:47 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/images/cvlbx/beachSummer.jpg
23.38.200.123200 OK 88 kB URL HTTP/2 s7.addthis.com/static/images/cvlbx/beachSummer.jpg
IP 23.38.200.123:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x800, components 3\012- data
Hash 2c026aa51bcd25d6b33218d4aa5f6d83
dc4d354fbae246e6f8e4f3d959720d2f006adb33
2e8cb0f4f4f8506bfeb3a39189a6b975e80018e5aa8cd49ed48cb9c4219a8958
GET /static/images/cvlbx/beachSummer.jpg HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/jpeg
content-length: 88467
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-15993"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 19 Mar 2023 08:56:47 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=wVC8IfcwdD2lB9p_tgbLZWq_faK3wMxO33OAobsYHFtlim3oqQdTIrQo0eS6WU4hUP6DoZB3Rw5w9N9WJcZsDeYafMOkhUIqcQ4wGlWklnkF5s8DWHW7YJCve6J5vCNyAc7CXiLhGa4swqLLLS1_qj6Gly_4yXgmytJdxcRUMZpsLXm_FSuZvtPBk6BU3886daeKSzjzDEPOWIjjU3riHx3ail0mxwLlbog0pitIecyRGahMeVg_Wlb_w75S2jxTrhv81w&sds=2&rev=85089&sendBeacon=true
178.250.1.25200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=wVC8IfcwdD2lB9p_tgbLZWq_faK3wMxO33OAobsYHFtlim3oqQdTIrQo0eS6WU4hUP6DoZB3Rw5w9N9WJcZsDeYafMOkhUIqcQ4wGlWklnkF5s8DWHW7YJCve6J5vCNyAc7CXiLhGa4swqLLLS1_qj6Gly_4yXgmytJdxcRUMZpsLXm_FSuZvtPBk6BU3886daeKSzjzDEPOWIjjU3riHx3ail0mxwLlbog0pitIecyRGahMeVg_Wlb_w75S2jxTrhv81w&sds=2&rev=85089&sendBeacon=true
IP 178.250.1.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=wVC8IfcwdD2lB9p_tgbLZWq_faK3wMxO33OAobsYHFtlim3oqQdTIrQo0eS6WU4hUP6DoZB3Rw5w9N9WJcZsDeYafMOkhUIqcQ4wGlWklnkF5s8DWHW7YJCve6J5vCNyAc7CXiLhGa4swqLLLS1_qj6Gly_4yXgmytJdxcRUMZpsLXm_FSuZvtPBk6BU3886daeKSzjzDEPOWIjjU3riHx3ail0mxwLlbog0pitIecyRGahMeVg_Wlb_w75S2jxTrhv81w&sds=2&rev=85089&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1006168983.1679216208&jid=1617284770&gjid=1922478276&_gid=1095238139.1679216208&_u=YEBAAUACQAAAACAAI~&z=1547561710
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1006168983.1679216208&jid=1617284770&gjid=1922478276&_gid=1095238139.1679216208&_u=YEBAAUACQAAAACAAI~&z=1547561710
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20442478-1&cid=1006168983.1679216208&jid=1617284770&gjid=1922478276&_gid=1095238139.1679216208&_u=YEBAAUACQAAAACAAI~&z=1547561710 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Cookie: IDE=AHWqTUm0ON0GX75OvyZrBXF7W8xCvHbf0m0Yh14gyAFBNIlq8XjrkrtphBxM7zkjWwc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 Mar 2023 08:56:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 19 Mar 2023 08:56:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=6416ce50b572b547&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
23.38.200.123204 No Content 0 B URL HTTP/2 m.addthis.com/live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=6416ce50b572b547&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp
IP 23.38.200.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /live/red_lojson/300vi.png?cad=shpu%3D48yp&positions=48yp%3Dcenter&goals=48yp%3Dshare&first=1&rv=0&uvs=6416ce50b572b547&pub=ra-58e226eb29c11f6c&dp=dusunmekvepaylasmak.blogspot.com&rev=v8.28.8-wp HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
expires: Sun, 19 Mar 2023 08:56:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 19 Mar 2023 08:56:47 GMT
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=0TYAdfcwdD2lB9p_ckjBKuehpRD_6liV0cELeqMTL06bdl9gCdfzbuFSQG46oDbjyqybj2HfW2WESkjK-4XA_DkqLm6wXIEg8CBZQIoExZ2RIWK88vz5d9wUw0QRypePgv5mOLB1PmibzFZO7JWhcCbZKmVCOZTWsSfpiTNdtjnic1QhxA3-VgUBI9wyjQ-IUeslo4Hm3ShHVkYH-QfbNtJwIkqzIWWZTrX5yInJEKDC7YvhZpN0ZqPAQYgLVAzV_53wCw&sds=2&rev=85089&sendBeacon=true
178.250.1.25200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=0TYAdfcwdD2lB9p_ckjBKuehpRD_6liV0cELeqMTL06bdl9gCdfzbuFSQG46oDbjyqybj2HfW2WESkjK-4XA_DkqLm6wXIEg8CBZQIoExZ2RIWK88vz5d9wUw0QRypePgv5mOLB1PmibzFZO7JWhcCbZKmVCOZTWsSfpiTNdtjnic1QhxA3-VgUBI9wyjQ-IUeslo4Hm3ShHVkYH-QfbNtJwIkqzIWWZTrX5yInJEKDC7YvhZpN0ZqPAQYgLVAzV_53wCw&sds=2&rev=85089&sendBeacon=true
IP 178.250.1.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=0TYAdfcwdD2lB9p_ckjBKuehpRD_6liV0cELeqMTL06bdl9gCdfzbuFSQG46oDbjyqybj2HfW2WESkjK-4XA_DkqLm6wXIEg8CBZQIoExZ2RIWK88vz5d9wUw0QRypePgv5mOLB1PmibzFZO7JWhcCbZKmVCOZTWsSfpiTNdtjnic1QhxA3-VgUBI9wyjQ-IUeslo4Hm3ShHVkYH-QfbNtJwIkqzIWWZTrX5yInJEKDC7YvhZpN0ZqPAQYgLVAzV_53wCw&sds=2&rev=85089&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 36
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:47 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2db983de1ce6b49009c2239c3964aaa5
acb2b8debd41737e956f221f7a58a2b9737c1b8f
4a86eb1334492298f117e3801affd98b7d9d20969e280ddd143507a4a604d6a4
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 898
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 19 Mar 2023 08:56:48 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1006168983.1679216208&jid=1617284770&_u=YEBAAUACQAAAACAAI~&z=1348863011
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1006168983.1679216208&jid=1617284770&_u=YEBAAUACQAAAACAAI~&z=1348863011
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20442478-1&cid=1006168983.1679216208&jid=1617284770&_u=YEBAAUACQAAAACAAI~&z=1348863011 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 19 Mar 2023 08:56:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csm.eu.criteo.net/all?cppv=3&cpp=0TYAdfcwdD2lB9p_ckjBKuehpRD_6liV0cELeqMTL06bdl9gCdfzbuFSQG46oDbjyqybj2HfW2WESkjK-4XA_DkqLm6wXIEg8CBZQIoExZ2RIWK88vz5d9wUw0QRypePgv5mOLB1PmibzFZO7JWhcCbZKmVCOZTWsSfpiTNdtjnic1QhxA3-VgUBI9wyjQ-IUeslo4Hm3ShHVkYH-QfbNtJwIkqzIWWZTrX5yInJEKDC7YvhZpN0ZqPAQYgLVAzV_53wCw&sds=2&rev=85089&sendBeacon=true
178.250.1.25200 OK 0 B URL HTTP/2 csm.eu.criteo.net/all?cppv=3&cpp=0TYAdfcwdD2lB9p_ckjBKuehpRD_6liV0cELeqMTL06bdl9gCdfzbuFSQG46oDbjyqybj2HfW2WESkjK-4XA_DkqLm6wXIEg8CBZQIoExZ2RIWK88vz5d9wUw0QRypePgv5mOLB1PmibzFZO7JWhcCbZKmVCOZTWsSfpiTNdtjnic1QhxA3-VgUBI9wyjQ-IUeslo4Hm3ShHVkYH-QfbNtJwIkqzIWWZTrX5yInJEKDC7YvhZpN0ZqPAQYgLVAzV_53wCw&sds=2&rev=85089&sendBeacon=true
IP 178.250.1.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /all?cppv=3&cpp=0TYAdfcwdD2lB9p_ckjBKuehpRD_6liV0cELeqMTL06bdl9gCdfzbuFSQG46oDbjyqybj2HfW2WESkjK-4XA_DkqLm6wXIEg8CBZQIoExZ2RIWK88vz5d9wUw0QRypePgv5mOLB1PmibzFZO7JWhcCbZKmVCOZTWsSfpiTNdtjnic1QhxA3-VgUBI9wyjQ-IUeslo4Hm3ShHVkYH-QfbNtJwIkqzIWWZTrX5yInJEKDC7YvhZpN0ZqPAQYgLVAzV_53wCw&sds=2&rev=85089&sendBeacon=true HTTP/1.1
Host: csm.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 35
Origin: https://ads.eu.criteo.com
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:48 GMT
server: Finatra
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
s7.addthis.com/static/151.67aec2e0546e639563bb.js
23.38.200.123200 OK 815 B URL HTTP/2 s7.addthis.com/static/151.67aec2e0546e639563bb.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (1679), with no line terminators
Hash 8c45a93a76f9e93cb7fe7a8dce9e1dbf
6604f1a4e77d07d55298cecc9c93e0e22e73a616
aa24ec471544fe8d4f18d29ba153a281c809ace19fcd29cdbaac9ed4c2254d92
GET /static/151.67aec2e0546e639563bb.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-68f"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 815
date: Sun, 19 Mar 2023 08:56:49 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
q.addthis.com/feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0
23.38.200.123200 OK 67 B URL HTTP/2 q.addthis.com/feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash c6791512135509ec6dd306203d09476c
e6ea311e67849b7d8d5e5d6692e11cb988d6ad7a
e051890e4ff2c7b299923692470a2e02268124b6d9b5128ec9cc4868773437fa
GET /feeds/1.0/views2.json?pubid=ra-58e226eb29c11f6c&domain=dusunmekvepaylasmak.blogspot.com&limit=50&callback=_ate.cbs.fds_ra58e226eb29c11f6cviews2json0 HTTP/1.1
Host: q.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript;charset=UTF-8
surrogate-key: ra-58e226eb29c11f6c
cache-tag: ra-58e226eb29c11f6c
cache-control: max-age=0, s-maxage=3600
last-modified: Sun, 19 Mar 2023 08:43:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 67
date: Sun, 19 Mar 2023 08:56:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://dusunmekvepaylasmak.blogspot.com
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://dusunmekvepaylasmak.blogspot.com/search/label/azrail%20etimoloji
last-modified: Sun, 19 Mar 2023 08:00:00 GMT
access-control-allow-origin: https://dusunmekvepaylasmak.blogspot.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Sun, 19 Mar 2023 08:56:49 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji&callback=_ate.cbs.rcb_4hor0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji&callback=_ate.cbs.rcb_4hor0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 357f04d09583fa60e828c1efeabc9043
561dada85ba16fbd3d18d6a6350f0252932f8aa6
25b5ab3bba815dcd7128854a9d3f9c33ef5c05627c17939cd85c679c1da65640
GET /url/shares.json?url=https%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji&callback=_ate.cbs.rcb_4hor0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/azrail%20etimoloji
last-modified: Sun, 19 Mar 2023 08:56:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Sun, 19 Mar 2023 08:56:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji&callback=_ate.cbs.rcb_equ90
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji&callback=_ate.cbs.rcb_equ90
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash a2018b30a30e7dfd031a8ee4dbdfc719
4bb487652a3742ea5f68800f1275b77301957df2
551eeb57e17268e83600b07bda436fe18d1cd6f0b206dad3d73974b4b1a2a64e
GET /url/shares.json?url=http%3A%2F%2Fdusunmekvepaylasmak.blogspot.com%2Fsearch%2Flabel%2Fazrail%2520etimoloji&callback=_ate.cbs.rcb_equ90 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: dusunmekvepaylasmak.blogspot.com/search/label/azrail%20etimoloji
last-modified: Sun, 19 Mar 2023 08:56:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Sun, 19 Mar 2023 08:56:49 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.eu.criteo.com/delivery/r/afr.php?z=ZBbOSwAJybECO8y5AAXAcmAju7k82gJY-bv98g&u=%7CS3U8C4VLaDwAURXxSckcOQ%2BpZ%2BGOUYgfY1y8yOMIhK8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtS2v9_vByX9HLmFIU6B8WUUYIfhht3fJr5lwAqXvOPX3M0DT2oGrJiEYMW9PLp7uLp8xyRnCjBDJvWk686TZPtewRmbFrJQQmp2Q1jC59ZPL_dsDGKUIP_1kgnnRV3zD4Z-3Hb9t4P71i33a_uTcSo0doqy2NzkeRwMRoro9u0B1OwxyQdCjRUXjheTFftQTHAe4iyHsiwhzzpveCbFbqPm0_HkwKQLaeQlsp4L2ntm1xN-rJB6i0rpj5StPUnbCRVue7wZWVc3JepEaJWue3UIKQJ80h-g36Qvk4CG50uY-lIuRsZhCEl3BtEmvRwyKEkZT-B_T8jbYlzgSh8kkSbt-8SeUaSWQlMayond-kvW2L9v2TPVkdrivVKYV1SXP0AqDSCFI4a6BL7XrRqORocVyus2tE17H_VHjyij09qHyFJ-A9N4lU9xKMTuyt3FyEf9DkA6v5BCHgpazIDbtHqCzb3rgSnsl3GacSGHFkDyFpYW794zjSQ-8ndwTKoV3bw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCBXzS84WZLGTJ7mZ78EP8oCX0AfJntKxXKX8k_dwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAtVgtNLD5rE-qAMBqgSMAk_Qh-s9sRl7ck1wb4Lghlh5DxmG-NxQYS0Odk248ktB0L4Dt61s18a84JaYBEZ-xrRvow8sBnfES8M8XYRG71UY8800K0Pz6Sy5gSgZS7gSRLSE51hHj5jWucL2FGWVecSb37VvJnh5wc4wIhOQwiN6xwMQnj1LZMfZ__iQQhhgmEdqbqAZiU7OOChmz7c67nsI2xRIPk_dR9Au3zgL41D6wr1U5wEkY5PKArL7H7Cpxph0_8edDUVtm3DKIwZu_wLhhRdaSYzU8R3os2yLIfKv4Wr5di7H-oBsMQgUGDe26T4CrU0iUxE45ydTx-gKzpMeiqGImMkgSCZMDWNDwtUJEUhCUaaGYsXm7YOABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SXo_Eh6idRJQLmEkXkheW8jEI0A%26client%3Dca-pub-7309845525285029%26adurl%3D
178.250.0.138200 OK 0 B URL HTTP/2 ads.eu.criteo.com/delivery/r/afr.php?z=ZBbOSwAJybECO8y5AAXAcmAju7k82gJY-bv98g&u=%7CS3U8C4VLaDwAURXxSckcOQ%2BpZ%2BGOUYgfY1y8yOMIhK8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtS2v9_vByX9HLmFIU6B8WUUYIfhht3fJr5lwAqXvOPX3M0DT2oGrJiEYMW9PLp7uLp8xyRnCjBDJvWk686TZPtewRmbFrJQQmp2Q1jC59ZPL_dsDGKUIP_1kgnnRV3zD4Z-3Hb9t4P71i33a_uTcSo0doqy2NzkeRwMRoro9u0B1OwxyQdCjRUXjheTFftQTHAe4iyHsiwhzzpveCbFbqPm0_HkwKQLaeQlsp4L2ntm1xN-rJB6i0rpj5StPUnbCRVue7wZWVc3JepEaJWue3UIKQJ80h-g36Qvk4CG50uY-lIuRsZhCEl3BtEmvRwyKEkZT-B_T8jbYlzgSh8kkSbt-8SeUaSWQlMayond-kvW2L9v2TPVkdrivVKYV1SXP0AqDSCFI4a6BL7XrRqORocVyus2tE17H_VHjyij09qHyFJ-A9N4lU9xKMTuyt3FyEf9DkA6v5BCHgpazIDbtHqCzb3rgSnsl3GacSGHFkDyFpYW794zjSQ-8ndwTKoV3bw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCBXzS84WZLGTJ7mZ78EP8oCX0AfJntKxXKX8k_dwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAtVgtNLD5rE-qAMBqgSMAk_Qh-s9sRl7ck1wb4Lghlh5DxmG-NxQYS0Odk248ktB0L4Dt61s18a84JaYBEZ-xrRvow8sBnfES8M8XYRG71UY8800K0Pz6Sy5gSgZS7gSRLSE51hHj5jWucL2FGWVecSb37VvJnh5wc4wIhOQwiN6xwMQnj1LZMfZ__iQQhhgmEdqbqAZiU7OOChmz7c67nsI2xRIPk_dR9Au3zgL41D6wr1U5wEkY5PKArL7H7Cpxph0_8edDUVtm3DKIwZu_wLhhRdaSYzU8R3os2yLIfKv4Wr5di7H-oBsMQgUGDe26T4CrU0iUxE45ydTx-gKzpMeiqGImMkgSCZMDWNDwtUJEUhCUaaGYsXm7YOABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SXo_Eh6idRJQLmEkXkheW8jEI0A%26client%3Dca-pub-7309845525285029%26adurl%3D
IP 178.250.0.138:0
GET /delivery/r/afr.php?z=ZBbOSwAJybECO8y5AAXAcmAju7k82gJY-bv98g&u=%7CS3U8C4VLaDwAURXxSckcOQ%2BpZ%2BGOUYgfY1y8yOMIhK8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMiJzdXMehEtS2v9_vByX9HLmFIU6B8WUUYIfhht3fJr5lwAqXvOPX3M0DT2oGrJiEYMW9PLp7uLp8xyRnCjBDJvWk686TZPtewRmbFrJQQmp2Q1jC59ZPL_dsDGKUIP_1kgnnRV3zD4Z-3Hb9t4P71i33a_uTcSo0doqy2NzkeRwMRoro9u0B1OwxyQdCjRUXjheTFftQTHAe4iyHsiwhzzpveCbFbqPm0_HkwKQLaeQlsp4L2ntm1xN-rJB6i0rpj5StPUnbCRVue7wZWVc3JepEaJWue3UIKQJ80h-g36Qvk4CG50uY-lIuRsZhCEl3BtEmvRwyKEkZT-B_T8jbYlzgSh8kkSbt-8SeUaSWQlMayond-kvW2L9v2TPVkdrivVKYV1SXP0AqDSCFI4a6BL7XrRqORocVyus2tE17H_VHjyij09qHyFJ-A9N4lU9xKMTuyt3FyEf9DkA6v5BCHgpazIDbtHqCzb3rgSnsl3GacSGHFkDyFpYW794zjSQ-8ndwTKoV3bw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCBXzS84WZLGTJ7mZ78EP8oCX0AfJntKxXKX8k_dwwI23ARABIABgw4SAgJgYggEXY2EtcHViLTczMDk4NDU1MjUyODUwMjnIAQmpAtVgtNLD5rE-qAMBqgSMAk_Qh-s9sRl7ck1wb4Lghlh5DxmG-NxQYS0Odk248ktB0L4Dt61s18a84JaYBEZ-xrRvow8sBnfES8M8XYRG71UY8800K0Pz6Sy5gSgZS7gSRLSE51hHj5jWucL2FGWVecSb37VvJnh5wc4wIhOQwiN6xwMQnj1LZMfZ__iQQhhgmEdqbqAZiU7OOChmz7c67nsI2xRIPk_dR9Au3zgL41D6wr1U5wEkY5PKArL7H7Cpxph0_8edDUVtm3DKIwZu_wLhhRdaSYzU8R3os2yLIfKv4Wr5di7H-oBsMQgUGDe26T4CrU0iUxE45ydTx-gKzpMeiqGImMkgSCZMDWNDwtUJEUhCUaaGYsXm7YOABt2t4pzGm42riwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SXo_Eh6idRJQLmEkXkheW8jEI0A%26client%3Dca-pub-7309845525285029%26adurl%3D HTTP/1.1
Host: ads.eu.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:44 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=t23tXfcwdD2lB9p_Fa6_bdtpgWpPZkqv6LjU_3vC_SiP3D-28i6Xy1jXlDF8GXKWEOkNqNx4tyzpaJ2CAIv8hQY7jrlMdDM9SfnXJ-vBHORh9fzhRE0efFgt27FXdPC3OSiJdmujEriFYiyo5pgDEJorZN2O9vwh-DSLNAhqtdwL4YMvm4yx69HCzzMSHrqPTFgYKqFB3XUv-bsZCuoQiYgrI2vSGEFRi356S3fIC4CjX-T8UnOpd0C6vNwWxCsxsS7Z_w"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 107250657
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.6.1/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 19 Mar 2023 08:56:42 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-03 22:46:19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b43941af4bb8e32ed6d04a6a37617f28
cdn-cache: HIT
cf-cache-status: HIT
age: 5114949
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aa480f3bde8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/mOjEYeiPxNc
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/mOjEYeiPxNc
IP 142.250.74.46:0
GET /embed/mOjEYeiPxNc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 19 Mar 2023 08:56:43 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=PqmK7eEAdpw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=S4NI8dNkmzw; Domain=.youtube.com; Expires=Fri, 15-Sep-2023 08:56:43 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+740; expires=Tue, 18-Mar-2025 08:56:43 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 0 B URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
GET /_/scs/abc-static/_/js/k=gapi.lb.en.Oupypiulh58.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_CVmSAWqMsGCHgMRyaSvlE8hY6sw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 33007
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
access-control-allow-origin: *
date: Thu, 16 Mar 2023 12:19:59 GMT
expires: Fri, 15 Mar 2024 12:19:59 GMT
cache-control: public, max-age=31536000
age: 247004
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/flash/icon/privacy_small.svg
178.250.1.3200 OK 0 B URL HTTP/2 static.criteo.net/flash/icon/privacy_small.svg
IP 178.250.1.3:0
GET /flash/icon/privacy_small.svg HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.eu.criteo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 19 Mar 2023 08:56:45 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
etag: W/"5e42ba84-6aa"
expires: Wed, 13 Mar 2024 08:56:45 GMT
cache-control: max-age=31104000, public
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
142.250.74.66200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com
IP 142.250.74.66:0
GET /pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7309845525285029&plah=dusunmekvepaylasmak.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dusunmekvepaylasmak.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 19 Mar 2023 08:56:43 GMT
expires: Sun, 19 Mar 2023 08:56:43 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 756524110397486158
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2