r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2774
Expires: Fri, 16 Dec 2022 00:42:41 GMT
Date: Thu, 15 Dec 2022 23:56:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8304
Expires: Fri, 16 Dec 2022 02:14:51 GMT
Date: Thu, 15 Dec 2022 23:56:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 15 Dec 2022 23:45:06 GMT
content-type: application/json
age: 681
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5b38399fcc8246505e5e6b0f62803a5a
bb374f8d97b2bd798873d74c6bbab20ad6843e96
406ab3af8adf2b151c052a06c0379fd8d83d3362e90c17ac2e5481b6b9a7441f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "406AB3AF8ADF2B151C052A06C0379FD8D83D3362E90C17AC2E5481B6B9A7441F"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10158
Expires: Fri, 16 Dec 2022 02:45:45 GMT
Date: Thu, 15 Dec 2022 23:56:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MGUVxIB3OBWYPNDu80XEyvhWigFAspl7l33mqj/Duh3bMxKv8abbjIR0t/oQQUHxDvFLQ7D1BoE=
x-amz-request-id: N0HG48AHK95HRNXF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 15 Dec 2022 23:52:59 GMT
age: 208
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Dec 2022 23:56:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 15 Dec 2022 23:33:21 GMT
age: 1387
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b9f0adeb27a19629aeff6f34de67f3ad
3876d1b871d7da6d18de23c2edb301eb30728066
c5744a90c8f66629aa2331465a32afe0d430b36d16fd98bc821e370f1b24463c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:28 GMT
Last-Modified: Thu, 15 Dec 2022 23:52:41 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
200 OK 14 kB URL HTTP/1.1 www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5438), with CRLF, LF line terminators
Hash 00468656ad5fe8515425249fa7134d2d
1ad1bb1908754051e8349dda390260066c8b61bb
934c3b6d6b75894cb8c8adc8ef3942e912e0400846b80debde46994943651306
Analyzer Verdict Alert fortinet Malware
GET /gundem/selcuk-cheneye-adam-gondermis.html HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
set-cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D; path=/
x-pingback: http://www.rafist.com/xmlrpc.php
link: <http://www.rafist.com/wp-json/>; rel="https://api.w.org/", <http://www.rafist.com/wp-json/wp/v2/posts/8594>; rel="alternate"; type="application/json", <http://www.rafist.com/?p=8594>; rel=shortlink
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
code.jquery.com/jquery-1.10.2.min.js
200 OK 33 kB URL HTTP/1.1 code.jquery.com/jquery-1.10.2.min.js
IP
File type ASCII text, with very long lines (32072)
Hash 68cc08e82915da8b82fc6be74ab86365
4089530b0c00f6cbd1452d7f873be85454196fd1
6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 23:56:28 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 32788
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-16bb3"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1671148588.dop230.sk1.t,1671148588.cds243.sk1.c
www.google.com/friendconnect/script/friendconnect.js
404 Not Found 1.6 kB URL HTTP/1.1 www.google.com/friendconnect/script/friendconnect.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8dc494040a252b9a3a9ea04255941cd6
663805a606e28589d28362cc1d8fa19a5bc56860
24d511499e91216fa0deefaf1c2875a378f83b01b170f2dfc50d27f2a4978a0a
GET /friendconnect/script/friendconnect.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1598
Date: Thu, 15 Dec 2022 23:56:28 GMT
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 36 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP
File type ASCII text, with very long lines (3577)
Hash 9a3e425004e7565e69efec90ee87c3a3
b0e02093bfbecbcb5a15ed165392f09eef611fa8
e625e86af0b469793f9501eb6dfa856ec90cc4318dfeda94eecef7dc1cd07f9f
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 15 Dec 2022 23:56:28 GMT
Expires: Thu, 15 Dec 2022 23:56:28 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 10492185661282778071
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36194
X-XSS-Protection: 0
www.rafist.com/wp-content/themes/internet-10/style.css
200 OK 2.0 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/style.css
IP
ASN #59674 Aysima Bilisim Teknolojileri
Hash e1755bf67f1a7fe1aa2dc6e805e24b75
a3df0dada92accd793a18022101c343ba269ed9a
78596413493a762a94bd0621551f6d997bcd94c11576a83b792741c632c7a209
GET /wp-content/themes/internet-10/style.css HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: text/css
last-modified: Mon, 23 Apr 2012 08:02:01 GMT
etag: "1c7f-4f950c79-6c21ba463c3d5095;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2014
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
www.rafist.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
200 OK 10 kB URL HTTP/1.1 www.rafist.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 915898ebd9c4735f3af4fe57348658a9
85d4bddc401bb373c291e46e617f9daa12e7883d
e25d0e73f89dc6245fde7c71d631bbec9f4c56d52a9a796af2e890ba1304605b
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.2 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: text/css
last-modified: Mon, 06 Dec 2021 19:38:17 GMT
etag: "13abe-61ae66a9-674a08ebbb803691;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 10496
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
ocsp.digicert.com/
200 OK 279 B IP
Hash 552328302359355ceeb71e59e2732c84
03f7d7b95a0003f65f446f62f5306863d7956f27
00129fbc5674efc40ae8d0f97b117d67658299fdf6af9b215f8f5147e6080e48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2682
Cache-Control: max-age=146948
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:28 GMT
Etag: "639b44b6-117"
Expires: Sat, 17 Dec 2022 16:45:36 GMT
Last-Modified: Thu, 15 Dec 2022 16:00:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
static.addtoany.com/buttons/share_save_171_16.png
200 OK 1.7 kB URL HTTP/2 static.addtoany.com/buttons/share_save_171_16.png
IP
File type PNG image data, 171 x 16, 8-bit colormap, non-interlaced\012- data
Hash a9951636f4e162bbe9997b13099c3697
e7711c0e4056a64f5b96d3fbc542cf124f3f5f03
2bd00c5fbf0d687a1dab7f7874c1a57ed73b855813f313ac4e1ec274c58eaa29
GET /buttons/share_save_171_16.png HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:28 GMT
content-type: image/png
content-length: 1657
cache-control: max-age=315360000, immutable
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2572
age: 7951635
etag: "a0c-4ddea93a51d00"
last-modified: Thu, 30 May 2013 07:37:56 GMT
via: e3s
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77a31db74e2a98f1-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.rafist.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
200 OK 241 B URL HTTP/1.1 www.rafist.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP
ASN #59674 Aysima Bilisim Teknolojileri
Hash adf659d40cdbf40aa150c2c765242b7e
139f21a147d8ff38610e3b30224e333e5b2f4825
52082cf36af67385b80b5b67ae80cdef7296ef940bdd67a244bc582b89fb658b
GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: text/css
last-modified: Mon, 06 Dec 2021 19:54:16 GMT
etag: "176-61ae6a68-60b34deb3f940692;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 241
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
www.rafist.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.2 kB URL HTTP/1.1 www.rafist.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:37:23 GMT
etag: "2bd8-61ae6673-d4aff6121782fbaa;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4168
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
www.rafist.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
200 OK 769 B URL HTTP/1.1 www.rafist.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (1391)
Hash 82e67f050afdb38c20ac6eb305f97c17
df1349df76d66a9cf64377cf335c67c337d85470
5f6c33116e2106cd0f2f28c16062f1d584e74b8539a14ed45e17957634d71b7e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.8.2 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:31:23 GMT
etag: "592-61ae650b-b5599861828c382d;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 769
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
www.rafist.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
200 OK 129 B URL HTTP/1.1 www.rafist.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with no line terminators
Hash 5ef26b5e47e6951f43ecf2b1fc645222
081afb52577f6f3bb044fdea6d34a632c3cce7e8
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:52:28 GMT
etag: "81-61ae69fc-aec1ee974bcf1457;;;"
accept-ranges: bytes
content-length: 129
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
200 OK 486 B URL HTTP/1.1 www.rafist.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (1519), with no line terminators
Hash 24fd55e75c0e55acafd43f93e8343c26
8d89ac6650f2b11623992db77fd1c48084a4ae18
820789fea848fa67db89200ffb57a82eebe880de4cc3db4bea6f98ffb9552cb8
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: text/css
last-modified: Mon, 06 Dec 2021 19:52:28 GMT
etag: "5ef-61ae69fc-32f5faac3a81a033;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 486
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
ocsp.digicert.com/
200 OK 279 B IP
Hash 552328302359355ceeb71e59e2732c84
03f7d7b95a0003f65f446f62f5306863d7956f27
00129fbc5674efc40ae8d0f97b117d67658299fdf6af9b215f8f5147e6080e48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2682
Cache-Control: max-age=146948
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:28 GMT
Etag: "639b44b6-117"
Expires: Sat, 17 Dec 2022 16:45:36 GMT
Last-Modified: Thu, 15 Dec 2022 16:00:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
www.rafist.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
200 OK 4.9 kB URL HTTP/1.1 www.rafist.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (15224)
Hash c5861eec8c65717219134960db9e361e
7a9a5ed5ca3de9e30fa3c14d1ada2ecb6eb4505f
b96639b87d4a408e9cddadc6f2a1228cbb20678f3f069785fe0614c0db78430d
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.2 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:32:01 GMT
etag: "4705-61ae6531-82f5db8f0f3e14ce;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4937
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
www.rafist.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 31 kB URL HTTP/1.1 www.rafist.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type ASCII text, with very long lines (65447)
Hash 554969c8ed0e4b5eece1261c4e1e9cd0
3b514b21c2e26b2caa15054e43ed00184a8ebc38
4a10709ca76c5112fbaf69e065b4ef93dd37bcffd4ae39b351e56d40c9322123
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: application/javascript
last-modified: Mon, 06 Dec 2021 19:37:22 GMT
etag: "15db1-61ae6672-3d85f05f45f39527;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 30969
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OyDTerwa7Z8lIRpSZwhAvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: go6jDWqUHlKvMI5pSFsXQwFP7Zw=
platform.twitter.com/widgets.js
200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 410
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Thu, 15 Dec 2022 23:56:28 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
toplist.cz/count.asp?id=1258593
301 Moved Permanently 0 B URL HTTP/1.1 toplist.cz/count.asp?id=1258593
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /count.asp?id=1258593 HTTP/1.1
Host: toplist.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://toplist.cz/count.asp?id=1258593
toplist.sk/count.asp?id=1239364
301 Moved Permanently 0 B URL HTTP/1.1 toplist.sk/count.asp?id=1239364
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /count.asp?id=1239364 HTTP/1.1
Host: toplist.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://toplist.sk/count.asp?id=1239364
www.rafist.com/wp-content/themes/internet-10/images/folder.gif
200 OK 274 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/folder.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash e00a9767c5e0d703eef931e036cd63fa
e220ba12f15c75236e06da840e5d97701e58072c
30d9435caaf4e28152d2b2d76b191b7ccc34b57bd48d402a3d9071320d4b972e
GET /wp-content/themes/internet-10/images/folder.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:26 GMT
etag: "112-4f950dfa-b849865e8fab9f1e;;;"
accept-ranges: bytes
content-length: 274
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/comment.gif
200 OK 257 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/comment.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash 3b967759fddccb24519d3a5d8a16adda
bb6d5bbd898ac8a6163cccdaedd24464c23bc4ff
f8e3fa1c28678c564afdf457d1d81f915b1bb8486298c0aae2fd3cd2b3bfa0ab
GET /wp-content/themes/internet-10/images/comment.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:25 GMT
etag: "101-4f950df9-1d9fcd4b228460a8;;;"
accept-ranges: bytes
content-length: 257
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/timeicon.gif
200 OK 207 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/timeicon.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash cebf0d8c08804c222a97850ff556d6f7
f97818deec45a2787cdd059aefcae010b18a441b
490f47c0dad65dc119f7c92455c40dd2b7f63bdb48b97690cb97441db7207258
GET /wp-content/themes/internet-10/images/timeicon.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:32 GMT
etag: "cf-4f950e00-bd2d01fd4ac1a30b;;;"
accept-ranges: bytes
content-length: 207
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/com_form.png
200 OK 1.9 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/com_form.png
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash c01c0770d9ba38c354f0be88acdadaba
47745e2551c8e4982d5507261a6b54e7ab4409e0
6e2961ee278a2a38f92e87d4b71599df2ce94c4597b3f1914635a8b03c9c327b
GET /wp-content/themes/internet-10/images/com_form.png HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/png
last-modified: Mon, 23 Apr 2012 08:08:25 GMT
etag: "777-4f950df9-dae5c07302a5c1d4;;;"
accept-ranges: bytes
content-length: 1911
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/xmlsitemap.png
200 OK 273 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/xmlsitemap.png
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type PNG image data, 80 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 035834fd82fcff368a9d1072008c5553
0b206c56943d48aaa201c7df4c65b2f896afe2dc
c8cedaabdc248b16aa9af0b24367126342b5e2b927106d731fd34ed54e3647ad
GET /wp-content/themes/internet-10/images/xmlsitemap.png HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/png
last-modified: Mon, 23 Apr 2012 08:08:32 GMT
etag: "111-4f950e00-4834b12f649ed77e;;;"
accept-ranges: bytes
content-length: 273
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/digg.gif
200 OK 245 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/digg.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 14\012- data
Hash 2544327e9e076e0d47d7d61e3782e3da
0047c7c0cc5bacfbe040c836fee5708e22990f42
e4fb197ba9164b84bacc78856ea01599624d25065fd4df81499746e9ff62d66c
GET /wp-content/themes/internet-10/images/digg.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:26 GMT
etag: "f5-4f950dfa-62562bdd0dd74efa;;;"
accept-ranges: bytes
content-length: 245
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 15 Dec 2022 23:56:28 GMT
Connection: keep-alive
Content-Length: 0
ocsp.digicert.com/
200 OK 471 B IP
Hash 265916d2a0593eb24feac5fbc15140ed
ab86ab5c1da114c82fabd9752f98fbf65502648d
40da94ba8f4698a6671d41eebb2fb54b1d7ed31b3a7583892f11ee7cea975c5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 165
Cache-Control: max-age=135791
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:28 GMT
Etag: "639b22f6-1d7"
Expires: Sat, 17 Dec 2022 13:39:39 GMT
Last-Modified: Thu, 15 Dec 2022 13:36:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
static.addtoany.com/menu/modules/core.9b4ec89f.js
200 OK 30 kB URL HTTP/2 static.addtoany.com/menu/modules/core.9b4ec89f.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 427b1dd805e1304ff8cb3c514e512c59
7d5e4aca6a2a156071d6277d1e9235b2e67b0d12
621d7f3acdf9b2d40e45f634a8b2185aba3e565b3e739439cd07360edf99382b
GET /menu/modules/core.9b4ec89f.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.rafist.com
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:28 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, immutable
cf-bgj: minify
access-control-allow-origin: *
etag: W/"117a5-5ee0ab045ab91"
last-modified: Tue, 22 Nov 2022 08:09:17 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79220
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77a31db7bea098f1-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.rafist.com/wp-content/themes/internet-10/images/barbg.gif
200 OK 982 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/barbg.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 82 x 32\012- data
Hash 8a4331a30416cf454ad2b0abc835c896
13f3a5a40cb75258f71b43b98abaa566138a4963
2367039c876efe5532796cdfeec5298a8026316c7091c7b8b44c425084f16558
GET /wp-content/themes/internet-10/images/barbg.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:23 GMT
etag: "3d6-4f950df7-558634703051d872;;;"
accept-ranges: bytes
content-length: 982
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/searchbg.gif
200 OK 5.3 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/searchbg.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 960 x 62\012- data
Hash dc50cf7cd190c424a469f362bfd3e0c6
c6ab373f20adfd8003ed654030f7dacf14897024
0d74b8e82110e6876d0c21c498d894a0d62c5189f190a172810d052d89b1704c
GET /wp-content/themes/internet-10/images/searchbg.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:30 GMT
etag: "14c7-4f950dfe-a28a27adb3e534e9;;;"
accept-ranges: bytes
content-length: 5319
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/rss.gif
200 OK 1.1 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/rss.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash 8241f89b2241fd3b946a5bedd9ba0788
740d56b5186d4e031e6b6a8c1493e8c82b266fe5
6511b1a23a8027bcf8e79861cedaa4a0919c06f90c969655fdf594086ccbd86e
GET /wp-content/themes/internet-10/images/rss.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:29 GMT
etag: "425-4f950dfd-7b6c67f0f4d453ea;;;"
accept-ranges: bytes
content-length: 1061
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/delicious.gif
200 OK 103 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/delicious.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 16 x 16\012- data
Hash 7b25927bd164778f4d3833065ad9ce3e
29aef72fab3d8ad3eaa87ca0c5c4039057cd875d
ba143df18daa5c1bb6f3187fca87f0abfa08865ec998b68cb5cc224d4c07eb54
GET /wp-content/themes/internet-10/images/delicious.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:25 GMT
etag: "67-4f950df9-1678e1f69de25baf;;;"
accept-ranges: bytes
content-length: 103
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
image.haber7.com/haber/109328.jpg
404 Not Found 360 B URL HTTP/1.1 image.haber7.com/haber/109328.jpg
IP
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae7a67b54b34829bc748c717192f95ee
fb0d95af9b21685074ff68f6587fba2edc279b0e
857507c73cbfe05f4471c44fef22ac7272061fd23ea7c2e9b94855d10d6e3c1b
GET /haber/109328.jpg HTTP/1.1
Host: image.haber7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 15 Dec 2022 23:56:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"601bda2a-213"
Content-Encoding: gzip
www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=http://www.facebook.com/yolguzergahi&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rafist.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: H+siIDPZg8Zj8mg/etcS2QwIN6XxEaQjFqJA2Xm68ZFSiPBvT+DUFIkmaVMdsOf37t+C5zfpVI/qQge8uSiRFA==
content-length: 0
date: Thu, 15 Dec 2022 23:56:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 265916d2a0593eb24feac5fbc15140ed
ab86ab5c1da114c82fabd9752f98fbf65502648d
40da94ba8f4698a6671d41eebb2fb54b1d7ed31b3a7583892f11ee7cea975c5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 165
Cache-Control: max-age=135791
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:28 GMT
Etag: "639b22f6-1d7"
Expires: Sat, 17 Dec 2022 13:39:39 GMT
Last-Modified: Thu, 15 Dec 2022 13:36:54 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 66d95a5dcdf933744c47f4fc372d1bb3
e26a5f0435191e83af6aa6f960f3e39195485038
6eedb245bdcdacc78c267fb3014eb6eba2d62414c9be6b1d8220f05ee4d4fa8e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6EEDB245BDCDACC78C267FB3014EB6EBA2D62414C9BE6B1D8220F05EE4D4FA8E"
Last-Modified: Thu, 15 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5562
Expires: Fri, 16 Dec 2022 01:29:11 GMT
Date: Thu, 15 Dec 2022 23:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0d06e27cdedda25ac9bf7fac5256b092
8f5975ce608e2fc6eec6c50717784a966ac4e104
9b0935a4697e46794f513a84043904106ee8ba5cf22e2442c191bf520e8b9bdf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B0935A4697E46794F513A84043904106EE8BA5CF22E2442C191BF520E8B9BDF"
Last-Modified: Thu, 15 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8904
Expires: Fri, 16 Dec 2022 02:24:53 GMT
Date: Thu, 15 Dec 2022 23:56:29 GMT
Connection: keep-alive
image.haber7.com/haber/109328.jpg
404 Not Found 360 B URL HTTP/1.1 image.haber7.com/haber/109328.jpg
IP
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae7a67b54b34829bc748c717192f95ee
fb0d95af9b21685074ff68f6587fba2edc279b0e
857507c73cbfe05f4471c44fef22ac7272061fd23ea7c2e9b94855d10d6e3c1b
GET /haber/109328.jpg HTTP/1.1
Host: image.haber7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 15 Dec 2022 23:56:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"601bda2a-213"
Content-Encoding: gzip
www.rafist.com/wp-content/themes/internet-10/images/shadow.gif
200 OK 1.1 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/shadow.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 65 x 70\012- data
Hash 0c5cd362d75428a7056c36db279d3408
b6d425fa3360e9f36c310028ccc5dc7020be3474
c33f60eeb7b27583fd79c56c6b7ae208092d9deae86b9098bbcb9937824602b0
GET /wp-content/themes/internet-10/images/shadow.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:29 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:30 GMT
etag: "469-4f950dfe-1369923be64a2334;;;"
accept-ranges: bytes
content-length: 1129
date: Thu, 15 Dec 2022 23:56:29 GMT
server: LiteSpeed
vary: User-Agent
www.kalipci.com/images/cnc.png
200 OK 55 kB URL HTTP/1.1 www.kalipci.com/images/cnc.png
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 6b019c92889629583a42e6df5115bb5e
9e1a58bc67037f36cbda05165d4d385ccc075e3d
8b92a316e4e7650ed1ce79ab3377baa0b25d033bc0f2753d69428914670496f1
GET /images/cnc.png HTTP/1.1
Host: www.kalipci.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:28 GMT
content-type: image/png
last-modified: Tue, 02 Aug 2016 13:47:21 GMT
etag: "d6ff-57a0a469-d98890f38df5442a;;;"
accept-ranges: bytes
content-length: 55039
date: Thu, 15 Dec 2022 23:56:28 GMT
server: LiteSpeed
vary: User-Agent
www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FDestegi%2F173214066036266&width=270&colorscheme=light&connections=8&stream=false&header=true&height=290
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FDestegi%2F173214066036266&width=270&colorscheme=light&connections=8&stream=false&header=true&height=290
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FDestegi%2F173214066036266&width=270&colorscheme=light&connections=8&stream=false&header=true&height=290 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FDestegi%2F173214066036266&width=270&colorscheme=light&connections=8&stream=false&header=true&height=290
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 15 Dec 2022 23:56:29 GMT
Connection: keep-alive
Content-Length: 0
www.google.com/friendconnect/script/friendconnect.js
404 Not Found 1.6 kB URL HTTP/1.1 www.google.com/friendconnect/script/friendconnect.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8dc494040a252b9a3a9ea04255941cd6
663805a606e28589d28362cc1d8fa19a5bc56860
24d511499e91216fa0deefaf1c2875a378f83b01b170f2dfc50d27f2a4978a0a
GET /friendconnect/script/friendconnect.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1598
Date: Thu, 15 Dec 2022 23:56:29 GMT
www.rafist.com/wp-content/themes/internet-10/images/boxtop.gif
200 OK 538 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/boxtop.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 292 x 19\012- data
Hash 56e961a57fd7ce4a784c4dddef635620
cbc329427dc680a1b5a4fa1cd9142d42608e3973
5d4c304e65461b75fe2b0a30ffc4583a8058413737284d04e2814dc5a55f1d9b
GET /wp-content/themes/internet-10/images/boxtop.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:29 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:24 GMT
etag: "21a-4f950df8-47e429598fac3d5;;;"
accept-ranges: bytes
content-length: 538
date: Thu, 15 Dec 2022 23:56:29 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/box.gif
200 OK 4.1 kB URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/box.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 292 x 1500\012- data
Hash 1361a4fbc6a62dc167c7f727516e6bf1
821d3644e658d66c84f9dd292dfb1b6f498a4106
cfeba418f8b0fc736a60ad586dec665f7c6c900033d07ed0a71cb444287500fc
GET /wp-content/themes/internet-10/images/box.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:29 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:24 GMT
etag: "fff-4f950df8-872f56007a53cc9b;;;"
accept-ranges: bytes
content-length: 4095
date: Thu, 15 Dec 2022 23:56:29 GMT
server: LiteSpeed
vary: User-Agent
www.rafist.com/wp-content/themes/internet-10/images/gbox.gif
200 OK 622 B URL HTTP/1.1 www.rafist.com/wp-content/themes/internet-10/images/gbox.gif
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type GIF image data, version 89a, 960 x 35\012- data
Hash 74b83d05db89ac7f9371aa2d3db8a9a4
dc4998e4e519e1afe2edb7b84a2484976bf1eb45
4a16648e3dbc15a146cf35d92d322ab4c81bccb1893daa0f393d3af7f20ffbba
GET /wp-content/themes/internet-10/images/gbox.gif HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/wp-content/themes/internet-10/style.css
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:29 GMT
content-type: image/gif
last-modified: Mon, 23 Apr 2012 08:08:27 GMT
etag: "26e-4f950dfb-31fc738e46d7fa4d;;;"
accept-ranges: bytes
content-length: 622
date: Thu, 15 Dec 2022 23:56:29 GMT
server: LiteSpeed
vary: User-Agent
srv.sayyac.net/sa.js?_salogin=rafist&_sav=4.3
200 OK 0 B URL HTTP/1.1 srv.sayyac.net/sa.js?_salogin=rafist&_sav=4.3
IP
ASN #197720 TURKTICARET.NET YAZILIM HIZMETLERI SAN. ve TIC. A.S.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sa.js?_salogin=rafist&_sav=4.3 HTTP/1.1
Host: srv.sayyac.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Dec 2022 23:56:29 GMT
Content-Type: application/x-javascript
Content-Length: 0
Last-Modified: Wed, 16 Mar 2022 15:00:14 GMT
Connection: close
ETag: "6231fb7e-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-Ranges: bytes
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/Y-l1NtLH39y.css?_nc_x=Ij3Wp8lg5Kz
200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/Y-l1NtLH39y.css?_nc_x=Ij3Wp8lg5Kz
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (15591)
Hash e4bb82c9d1511fad5de7fc1d436a39d7
b51fc9c95e2518c3ba20ffab45242db1716a3741
5e4eaed206191981d5136d82247b16d3068d1e7d779da2f766c0243b09633c2f
GET /rsrc.php/v3/y1/l/0,cross/Y-l1NtLH39y.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 15 Dec 2023 16:38:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5YDno+fiSnobUeZleYNxSw==
x-fb-debug: NHjsp2waghgiqjuTKPXt4lUcLzvIvziWmCjO8cR9S7pooWeBW0GcAQKtpfZxZWweZ+ExfuLN/K0upsQAq9YYEA==
priority: u=2
content-length: 5342
x-fb-trip-id: 1904183273
date: Thu, 15 Dec 2022 23:56:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tcr.tynt.com/ti.js
200 OK 16 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213)
Hash a384492ef8f3bb035fc8ecba870e86d3
a6da9b212e2d640261cc1c1a5c98096aef5d8778
9232a4a99aa4630732414441f411afe936b0e95047f3d018e46c40f211fc1ede
GET /ti.js HTTP/1.1
Host: tcr.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 23:56:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-b4ff"
content-encoding: gzip
CF-Cache-Status: HIT
Age: 16062
Expires: Sun, 18 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=259200
Server: cloudflare
CF-RAY: 77a31dbb5ef9b50f-OSL
widgets.amung.us/small.js
200 OK 3.5 kB URL HTTP/1.1 widgets.amung.us/small.js
IP
File type ASCII text, with very long lines (8560), with no line terminators
Hash 08283f674ed2a3a87b0ca0b64950ef28
1d6018c4a9104d337726cfe9f67b43ff37acc0cb
442e1c2e9e1692d86c6c4df3c68167fbddb4ec4ec7fa90258fd683f5a5f3578d
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 23:56:29 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 15 Dec 2022 21:42:09 GMT
etag: W/"639b94b1-2170"
expires: Fri, 16 Dec 2022 23:48:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 504
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77a31dbb5dd20b49-OSL
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 15 Dec 2022 23:06:07 GMT
Expires: Fri, 16 Dec 2022 01:06:07 GMT
Cache-Control: public, max-age=7200
Age: 3022
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
www.rafist.com/favicon.ico
200 OK 4.8 kB URL HTTP/1.1 www.rafist.com/favicon.ico
IP
ASN #59674 Aysima Bilisim Teknolojileri
File type MS Windows icon resource - 4 icons, 16x16, 16 colors, 4 bits/pixel, 48x48, 8 bits/pixel\012- data
Hash 0c2638253fbb0b1fac78238fbb0f70be
e98a61f9be45f619be47e1bfbfbbeba9876ad77a
d0959bcb72da7102d3744f6d3c0c6c1822aa15af07a5536edda59849c010b748
GET /favicon.ico HTTP/1.1
Host: www.rafist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/gundem/selcuk-cheneye-adam-gondermis.html
Cookie: sayfa_sayac_okunan=YToxOntpOjA7aTo4NTk0O30%3D
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 23:56:29 GMT
content-type: image/x-icon
last-modified: Mon, 23 Apr 2012 07:54:32 GMT
etag: "1e26-4f950ab8-48322b867f0c3a88;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4765
date: Thu, 15 Dec 2022 23:56:29 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 76342e17f518d383455bb527dcd69aaf
7deb5f63197259b85d651f28cccf6ed7b876cc47
a8d3ef749bee471bf92905f15fabc171be88cc03cb97e9f7566e70efcd82864d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fwww.rafist.com
200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fwww.rafist.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fwww.rafist.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10962
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 23:56:29 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
IP
Hash 9cc2a8796f509bd72f28e82ffdb13b5c
dfb31a381aa7f64abfa521e60462f967f69582b2
e678c5d5359e0ea7a958ffa48253990e746d00f364db505791697639425b4e6c
POST /s/gts1p5/JNJj-Xek6-M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=pub-7960993394641930&plah=www.rafist.com&bust=31071167
200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=pub-7960993394641930&plah=www.rafist.com&bust=31071167
IP
File type ASCII text, with very long lines (5918)
Size 120 kB (119959 bytes)
Hash 43e6fadcabeeb461ed1a0eceabf15b40
ccc6699fc0aefb747db73fe2b0f2a3e071c3bb77
a73bea5975c453175f8528c8755f6cfd10ba0b35208bd31a5a978df0f60e5b64
GET /pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=pub-7960993394641930&plah=www.rafist.com&bust=31071167 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 15 Dec 2022 23:56:29 GMT
expires: Thu, 15 Dec 2022 23:56:29 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 10084218200512321739
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1489665685&utmhn=www.rafist.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&utmhid=1666285339&utmr=-&utmp=%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&utmht=1671148586585&utmac=UA-5464494-5&utmcc=__utma%3D16126261.715670347.1671148587.1671148587.1671148587.1%3B%2B__utmz%3D16126261.1671148587.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1121341893&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1489665685&utmhn=www.rafist.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&utmhid=1666285339&utmr=-&utmp=%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&utmht=1671148586585&utmac=UA-5464494-5&utmcc=__utma%3D16126261.715670347.1671148587.1671148587.1671148587.1%3B%2B__utmz%3D16126261.1671148587.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1121341893&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1489665685&utmhn=www.rafist.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&utmhid=1666285339&utmr=-&utmp=%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&utmht=1671148586585&utmac=UA-5464494-5&utmcc=__utma%3D16126261.715670347.1671148587.1671148587.1671148587.1%3B%2B__utmz%3D16126261.1671148587.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1121341893&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 15 Dec 2022 23:56:29 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
ocsp.digicert.com/
200 OK 313 B IP
Hash 4965f8b9c0fa65885822de7ec1253953
33b810891fce59d62ec08f2eeda39e83c1684131
7d513b7e050d8d26c8cfbe364ba7cebd6ea9e9e5ac0eff48a4c2a37062c6baca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2452
Cache-Control: max-age=107455
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Etag: "639aab58-139"
Expires: Sat, 17 Dec 2022 05:47:24 GMT
Last-Modified: Thu, 15 Dec 2022 05:06:32 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 06612a702dd3686207e6a4031f79d34e
3a1be9901f9c9271b91a2b00ee7e6abc49086ba5
154da1479719d54b088120f2435ab08c2a44743abe2c2e67ae78db9537ecef40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3972e23b068a857e4b879417ecbf1d1a
c5593984f70d07200faa6a1ca10572cb8670665d
db8f4f555c201994b386c718409b4f7b9dc75ef6910891a3d27097a0cb425e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.rafist.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.rafist.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.rafist.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Dec 2022 23:56:29 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.rafist.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.rafist.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.rafist.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Dec 2022 23:56:29 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585
200 OK 402 B URL HTTP/2 syndication.twitter.com/settings?session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585
IP
File type JSON data\012- , ASCII text, with very long lines (1109), with no line terminators
Hash 20129f6ba74cadb768c12cfebff99625
744c5248ab9712adf0179067dbadae75464f7383
53476bf04ddc3dbf9b75ba3f96f28a345c9cac4d9f7b0f57f901870692a4acf2
GET /settings?session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:29 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Thu, 15 Dec 2022 23:56:29 GMT
content-length: 402
content-encoding: gzip
x-transaction-id: 78521bfbba9a61fa
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 107
x-connection-hash: ae943f0aa5e58ecee3f1e64b297554f114647e4f41bdf61be3b0e239cb0b572b
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 06612a702dd3686207e6a4031f79d34e
3a1be9901f9c9271b91a2b00ee7e6abc49086ba5
154da1479719d54b088120f2435ab08c2a44743abe2c2e67ae78db9537ecef40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 863 B IP
Hash ef1142d41bc6c7ca1757f0e1d54ba412
401ee4dd99c0c59fa82acded5d61ca454d6e0c3f
649607cf07e4766a3b787902d80246456b46673675433ac354730f5298c3b5e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 23:56:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 23:33:40 GMT
Expires: Wed, 21 Dec 2022 23:33:39 GMT
Etag: "c4d7240463ae3f6f8b96286fb35174c34aee6964"
Cache-Control: max-age=516429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77a31dbc8ce9b4ed-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 215b076267525eee2fadb8d889e5f351
28d0a048b68627916191262fee89a8db4b1614b2
44da07142c9aad7201a7ccb38b4bf03c82f1a66b730a953c0306fe09e3025ad5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f46d0144529642dad27295829df7096f
51bd4dc551c45d735c673df86c6db7fae0de3f6c
42d763bdc1612d859a65c52bccb14ce104acae8c0964bc17de0f13829077ffa3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.rafist.com&callback=_gfp_s_&client=ca-pub-7960993394641930&gpid_exp=1
200 OK 250 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.rafist.com&callback=_gfp_s_&client=ca-pub-7960993394641930&gpid_exp=1
IP
File type ASCII text, with very long lines (387), with no line terminators
Hash f106a7efe87f0417eca7b5e1c2e1a08d
87cfa458b0393912430512625861925be3b2afc4
abf60ad65286e08d9fccaefa18aafad6d328bbd8399d80de228960400bd9e6b5
GET /gampad/cookie.js?domain=www.rafist.com&callback=_gfp_s_&client=ca-pub-7960993394641930&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Dec 2022 23:56:29 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f46d0144529642dad27295829df7096f
51bd4dc551c45d735c673df86c6db7fae0de3f6c
42d763bdc1612d859a65c52bccb14ce104acae8c0964bc17de0f13829077ffa3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12768
Expires: Fri, 16 Dec 2022 03:29:17 GMT
Date: Thu, 15 Dec 2022 23:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12768
Expires: Fri, 16 Dec 2022 03:29:17 GMT
Date: Thu, 15 Dec 2022 23:56:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12768
Expires: Fri, 16 Dec 2022 03:29:17 GMT
Date: Thu, 15 Dec 2022 23:56:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30739a2896ba00103578a7cd3589767c
b8da5c239832fc19c22722c23412adac1ef200ec
b406a1135ac6a56d3b7e3ba1f9adeb1a69d56e7a070f30e1dd20fea4ebedf3a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44d28b3d-7927-4346-840a-8cfc2e3ea292.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5424
x-amzn-requestid: e579538e-8990-425d-a635-ede55d60ed50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNSvBETaoAMFyKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b97f9-3560628d3673feb33f4b958e;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:56:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CjP6MuggD8GZZTJUICeoKXHsb5qopw53uqsKfb6drH5nHj4gL1CptQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:15:00 GMT
age: 6089
etag: "b8da5c239832fc19c22722c23412adac1ef200ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6687764dac3b78ac0875863d82d1c43
cf0b4f1a944611c48d6880fad9e6e8f59f4ede85
891d55811df9c641d6661226a40eaed5ca69478d13037c6d36d4b05e66cbd09a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15091f4c-2105-4edd-b96f-b5940e3ba64a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7626
x-amzn-requestid: c645ee0a-505b-4d4c-92d9-97e6478a6f6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRNQHhsoAMFR1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9587-6d1dbf0f75a3eb86447ea1ed;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4BE_glis7gAiH9xE17A0HdWY7u2IfQB6DxMRwHYQXbVelLXH4JrKPQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:59 GMT
age: 6390
etag: "cf0b4f1a944611c48d6880fad9e6e8f59f4ede85"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61f4298f623f1d3736e5a4e34d42cb29
d183592b6efcd90bc1b10b11641999e82b30b813
3f69949de6c2328a1cb564d90338220812b05b50acafd02051619a0777b90a57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11517
x-amzn-requestid: 0a7dcdfb-d929-402d-9c1b-3fb369ae56d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJJELFIAMFRVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b956d-2a8feedd7c51991c1fb9676c;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bfTeGDInC1kr-T9TbxxhYeym2_TeJp734xXUh87QOybYDZFgROncQw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:19:32 GMT
age: 5817
etag: "d183592b6efcd90bc1b10b11641999e82b30b813"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7368b60db0458b59ffc968f09b85fdd5
f359f9799d0f0dc7dccfbadeaf922b4050a5e692
26aa7f684080dace9064fc7973c6a5761985c69e73373fb24c644ab2efe26c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12482
x-amzn-requestid: edd7e693-4c4a-4203-8b12-c044825947bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJvGAUIAMF1gA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9571-151a50943b420ba86ab61dda;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s2ITT38OGjs_LjIKFKnrqzT0Oay3veQw3iPUL8b3tdD1yOhIzwvu4g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:17:09 GMT
age: 5960
etag: "f359f9799d0f0dc7dccfbadeaf922b4050a5e692"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00f5a5bd-1394-4dc7-9558-bf36502f5a45.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00f5a5bd-1394-4dc7-9558-bf36502f5a45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91773f7aa7f55783662d3714ec66d03a
217708c5ac8003d7d0f90200744da4ca07a1506c
2ced817da5c13aad9059c98b4ddb29a13ecb2cb4ee118298b1c9b42ed6bca0de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00f5a5bd-1394-4dc7-9558-bf36502f5a45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12942
x-amzn-requestid: c24b370e-1b90-4a84-9cd8-ddf93dbfa165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ7gEwUoAMF05g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9516-429915140a9ffcc272a2620d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:43:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KJ5QVcjO9r17UagPqlKXFHnmR0TRCHyUvHnd2B34wg8AwMbj7NEdVQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:53 GMT
age: 6396
etag: "217708c5ac8003d7d0f90200744da4ca07a1506c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VKiSckNu6PytSQ7EIpATluVcfUOgFKEGId4nCg2sGcbl6Bqbt2-wRg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:50:30 GMT
age: 7559
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=roa03d91thhu&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&c=s&x=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&y=&a=0&d=1.831&v=27&r=9344
200 OK 50 B URL HTTP/1.1 whos.amung.us/pingjs/?k=roa03d91thhu&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&c=s&x=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&y=&a=0&d=1.831&v=27&r=9344
IP
File type ASCII text, with no line terminators
Hash f16be6e62d0b5ffec0bfa61c52aee900
5bf292ad4b604ef74706a20274286021c9824899
cfe03855018a4024241b935dc23a8134deda6f4abb68b50b71eca817a95fad99
GET /pingjs/?k=roa03d91thhu&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&c=s&x=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&y=&a=0&d=1.831&v=27&r=9344 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rafist.com/
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 23:56:29 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77a31dbdbb5a0b06-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4beafb95d0a662fa7eb81909b51358ff
c4d7240463ae3f6f8b96286fb35174c34aee6964
e39ff4ed5f0ac4c67cf6618e63360e532fe16a1b27e6d17831ef32ef9658a735
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Dec 2022 23:56:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 23:33:40 GMT
Expires: Wed, 21 Dec 2022 23:33:39 GMT
Etag: "c4d7240463ae3f6f8b96286fb35174c34aee6964"
Cache-Control: max-age=516429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77a31dbdde72b4ed-OSL
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP
File type ASCII text, with very long lines (7017), with no line terminators
Hash 83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10961
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Thu, 15 Dec 2022 23:56:29 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
200 OK 15 kB URL HTTP/1.1 platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26401)
Hash 5b6eacf8366355e295156bc22b73d149
99b2bc06459f9bdd5f56be679f9e4b037240dbc1
4a9108d556fbb6eed9ab92f81b4fd15202ed5504ad32d39ee2ff19445fe943c0
GET /widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10467
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 23:56:30 GMT
Etag: "309f7bc00699d43138a43b3eefbc89f6+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 15412
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10961
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 23:56:30 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
200 OK 15 kB URL HTTP/1.1 platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26401)
Hash 5b6eacf8366355e295156bc22b73d149
99b2bc06459f9bdd5f56be679f9e4b037240dbc1
4a9108d556fbb6eed9ab92f81b4fd15202ed5504ad32d39ee2ff19445fe943c0
GET /widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10467
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 23:56:30 GMT
Etag: "309f7bc00699d43138a43b3eefbc89f6+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 15412
platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
200 OK 15 kB URL HTTP/1.1 platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26401)
Hash 5b6eacf8366355e295156bc22b73d149
99b2bc06459f9bdd5f56be679f9e4b037240dbc1
4a9108d556fbb6eed9ab92f81b4fd15202ed5504ad32d39ee2ff19445fe943c0
GET /widgets/follow_button.644279d1635fd969e87af94a98bd232b.tr.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10556
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 23:56:30 GMT
Etag: "309f7bc00699d43138a43b3eefbc89f6+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:55 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 15412
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587196%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587196%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587196%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:30 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Thu, 15 Dec 2022 23:56:30 GMT
content-length: 43
x-transaction-id: ea26b2e2ca1cd14d
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: ae943f0aa5e58ecee3f1e64b297554f114647e4f41bdf61be3b0e239cb0b572b
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587198%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587198%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587198%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:29 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Thu, 15 Dec 2022 23:56:30 GMT
content-length: 43
x-transaction-id: 821d460d6d3b2c6a
strict-transport-security: max-age=631138519
x-response-time: 114
x-connection-hash: ae943f0aa5e58ecee3f1e64b297554f114647e4f41bdf61be3b0e239cb0b572b
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587197%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587197%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22tr%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1671148587197%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b3c9ba9f49405ff22e7ddddbc5cefa38f2129585 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:29 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Thu, 15 Dec 2022 23:56:30 GMT
content-length: 43
x-transaction-id: 06d301248f4a6634
strict-transport-security: max-age=631138519
x-response-time: 118
x-connection-hash: ae943f0aa5e58ecee3f1e64b297554f114647e4f41bdf61be3b0e239cb0b572b
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=anehAeJVKr4lROadbi-bpO&dn=TI&cc=1&r=
200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=anehAeJVKr4lROadbi-bpO&dn=TI&cc=1&r=
IP
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=anehAeJVKr4lROadbi-bpO&dn=TI&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Fri, 16 Dec 2022 23:56:30 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Thu, 15 Dec 2022 23:56:29 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler&cu=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0&t=Sel%C3%A7uk%2C%20Cheney%E2%80%99e%20adam%20g%C3%B6ndermi%C5%9F%20-%20Rafist%20Genel%20Bilgiler HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=anehAeJVKr4lROadbi-bpO&lm=0&ts=1671148586568&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0658ef125bd8442e132d3bef74b51bd4
7e1560a37c82e4d5701234ef1f468cf7dc6b3424
212e248977815411e81afe66298195166c0ce992472201df995122b367f59360
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.rafist.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.rafist.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.rafist.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 15 Dec 2022 23:56:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 15 Dec 2022 23:56:30 GMT
expires: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 11:46:58 GMT
expires: Thu, 14 Dec 2023 11:46:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 130172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d8728b37979eb7ff6c3ad5a96091d4ce
988859950d480caa2fe23e14d5f29df17827dc6d
a33db1e064a2e10cb01ecc3184b4f65f134f93a10647c67602bfcea6d0c56740
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 792901e2b261cd86e25dc3a3543c927f
c606c179970a0310d81286a927cf0863a7839fd2
48b981949f5832d55f3cbcc3a11abd8d9ddc5e63a62bcec30384bee614616fd5
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 15 Dec 2022 23:56:30 GMT
date: Thu, 15 Dec 2022 23:56:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-BcLBY3RvlU_p9Iu-JKvT9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 371baf8f9095ee3dd632a9ca15da8c7c
6300df62d8650fb94442fdbaa9b12acd4abcddfd
961dba83ddd0cf1c1c7028687f4b5ffb98dc8609045a8f73ea59e49ebfbe5a1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Dec 2022 23:56:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.addtoany.com/menu/page.js
200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:28 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 143209
etag: W/"c04-5ee0ab04c6251"
last-modified: Tue, 22 Nov 2022 08:09:18 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77a31db74e2598f1-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&j=
200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&j=
IP
GET /i/?l=http%3A%2F%2Fwww.rafist.com%2Fgundem%2Fselcuk-cheneye-adam-gondermis.html&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:29 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Fri, 16-Dec-2022 01:19:49 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Fri, 16-Dec-2022 03:56:29 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1671148589; Domain=dtscout.com; Expires=Sat, 25-Mar-2023 23:56:29 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.475
expires: Thu, 15 Dec 2022 23:56:28 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBr2RJmj6v8ZJnjlMjfw4QVM4PJhHyGUfza2%2Fe4X2PxH7%2FZAD5GMjlo5DsxJ0Zmhgs6Dp404i%2Bx7pLqMuaLJLztWrFQIkKH6aMmVQVMq%2FnMMP%2B0hbxCeFIKAMlaGEhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77a31dbc2b1498f7-ARN
content-encoding: br
X-Firefox-Spdy: h2
toplist.sk/count.asp?id=1239364
200 OK 0 B URL HTTP/2 toplist.sk/count.asp?id=1239364
IP
GET /count.asp?id=1239364 HTTP/1.1
Host: toplist.sk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rafist.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:29 GMT
server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9
pragma: no-cache
cache-control: private,no-cache,no-store,must-revalidate,max-age=0
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
x-w: 9
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
toplist.cz/count.asp?id=1258593
200 OK 0 B URL HTTP/2 toplist.cz/count.asp?id=1258593
IP
GET /count.asp?id=1258593 HTTP/1.1
Host: toplist.cz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rafist.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:29 GMT
server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9
pragma: no-cache
cache-control: private,no-cache,no-store,must-revalidate,max-age=0
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
x-w: 4
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=rafist.com&_ss=4xxlab57fu&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6tfo&_cb=_dtspv.c
200 OK 0 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=rafist.com&_ss=4xxlab57fu&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6tfo&_cb=_dtspv.c
IP
GET /pv/?_a=v&_h=rafist.com&_ss=4xxlab57fu&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=6tfo&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Cookie: m=1; oa=1; df=1671148589
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:29 GMT
content-type: application/javascript
x-t: 0.147
x-c: 0
expires: Thu, 15 Dec 2022 23:56:28 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCBV6Jjl2O8nzWLnGuDgWl182j2jOmCj8tesEl4JcBWdhCCaWv0lBWp59wNx9b5hiI%2BvQHTwrzg%2FCymiRaIG7UQmX5xnd7521h4eC5jv%2B5KwrikzHryEu5Pyoe1bEMw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77a31dbddbc798f7-ARN
content-encoding: br
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
200 OK 0 B IP
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:30 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:21 GMT
vary: Accept-Encoding
etag: W/"62d96951-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 30570
expires: Sun, 18 Dec 2022 23:56:30 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 77a31dbf8a07b4ff-OSL
X-Firefox-Spdy: h2
sc.tynt.com/script/sc/anehAeJVKr4lROadbi-bpO.js
200 OK 0 B URL HTTP/2 sc.tynt.com/script/sc/anehAeJVKr4lROadbi-bpO.js
IP
GET /script/sc/anehAeJVKr4lROadbi-bpO.js HTTP/1.1
Host: sc.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rafist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Dec 2022 23:56:30 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
status: 200 OK
x-rack-cache: fresh
cache-control: max-age=86400, public, s-maxage=172800
last-modified: Thu, 15 Dec 2022 15:04:43 GMT
x-xss-protection: 1; mode=block
x-request-id: 22e3fe84-364b-47a5-840d-27c554d059bf
x-content-digest: 72a6195042fe9092998fb2abfd618ab5ee05170f
x-runtime: 0.003269
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Fri, 16 Dec 2022 23:18:50 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 77a31dbde91ab4ff-OSL
X-Firefox-Spdy: h2
185.179.25.119
141.101.120.11
23.36.77.32
142.250.74.130
31.13.72.36
88.86.101.4
93.184.220.29