Overview

URL siber-blog.blogspot.com/
IP216.58.211.129
ASNAS15169 Google Inc.
Location United States
Report completed2018-01-04 17:55:27 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-01-04 18:01:31 CET 2 Client IP  195.20.46.28 ET POLICY HTTP Request to a *.tk domain


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-01-04 2 dl.dropbox.com/u/66329776/eklentiler/ifadeler.js Malware
2018-01-04 2 dl.dropbox.com/u/66329776/eklentiler/ifadeler.js Malware
2018-01-04 2 dl.dropbox.com/u/66329776/eklentiler/ifadeler.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 216.58.211.129

Date UQ / IDS / BL URL IP
2018-03-24 21:34:31 +0100
0 - 0 - 0 216.58.211.129 216.58.211.129
2018-01-04 18:25:24 +0100
0 - 0 - 1 respuestas-biblicass.blogspot.com/2014/07/ser (...) 216.58.211.129
2018-01-04 18:25:01 +0100
0 - 1 - 0 asadspoetry.blogspot.co.uk/2011/11/main-aaina (...) 216.58.211.129
2018-01-04 18:20:44 +0100
0 - 0 - 1 rededownslivres.blogspot.com.br/2015/04/gta-5 (...) 216.58.211.129
2018-01-04 18:20:27 +0100
0 - 0 - 3 lajornadarticle.blogspot.com/2014/09/cristina (...) 216.58.211.129
2018-01-04 18:09:57 +0100
0 - 0 - 2 p4wprint.blogspot.com/ 216.58.211.129
2018-01-04 18:05:37 +0100
0 - 0 - 5 plandeahorrochevrolet.blogspot.com.ar/ 216.58.211.129
2018-01-04 18:03:44 +0100
0 - 0 - 2 tv3drama.blogspot.com/2014/05/kerana-terpaksa (...) 216.58.211.129
2018-01-04 17:52:20 +0100
0 - 0 - 2 undiamasconamaral.blogspot.com/2016/05/concie (...) 216.58.211.129
2018-01-04 17:45:13 +0100
0 - 0 - 5 elcallejondelalectura.blogspot.com/2013/11/li (...) 216.58.211.129

Last 10 reports on ASN: AS15169 Google Inc.

Date UQ / IDS / BL URL IP
2018-08-16 08:27:48 +0200
0 - 0 - 0 https://www.virustotal.com/#/url/a0a7641a19c3 (...) 74.125.34.46
2018-08-16 08:27:15 +0200
0 - 0 - 0 https://storage.googleapis.com/businessesbyd/ (...) 216.58.211.16
2018-08-16 08:25:41 +0200
0 - 0 - 7 www.choufvd.com/2018/06/5-2018-2m.html 216.58.211.19
2018-08-16 08:25:04 +0200
0 - 0 - 2 berita-mediasemasa.blogspot.com/2015/03/bayi- (...) 216.58.211.1
2018-08-16 08:21:15 +0200
0 - 0 - 2 pejuangbangsa31.blogspot.ca/2012/02/thaipusam (...) 216.58.211.1
2018-08-16 08:21:11 +0200
0 - 0 - 2 googletrendsonly.blogspot.com/2012/12/tori-bl (...) 216.58.211.1
2018-08-16 08:20:06 +0200
0 - 0 - 3 www.tuvisomenh.org/ 216.58.211.19
2018-08-16 08:20:02 +0200
0 - 0 - 2 ciliapibloggers.blogspot.com/2011/06/brand-lo (...) 216.58.211.1
2018-08-16 08:19:59 +0200
0 - 0 - 2 pornplate.blogspot.com/2012/10/ava-addams-sed (...) 216.58.211.1
2018-08-16 08:19:43 +0200
0 - 0 - 1 nude-stars-girls.blogspot.com/?m=0b/stats?sty (...) 216.58.211.1

No other reports on domain: siber-blog.blogspot.com



JavaScript

Executed Scripts (36)


Executed Evals (0)


Executed Writes (3)

#1 JavaScript::Write (size: 0, repeated: 3) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#2 JavaScript::Write (size: 24, repeated: 1) - SHA256: 40071f84eb760bf55b37b007420414031ee787dfd783d94f194f3aede64c0482

                                        16 Aral1k 2013 Pazartesi
                                    

#3 JavaScript::Write (size: 102, repeated: 1) - SHA256: 5b44c3079a610d04e4fa82bac6bf53079627594bdaced1df1372f78b40d90a0f

                                        < script src = "/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata" > < /script>
                                    


HTTP Transactions (74)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: siber-blog.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.217.22.161
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://siber-blog.blogspot.no/
Content-Encoding: gzip
Date: Thu, 04 Jan 2018 17:01:27 GMT
Expires: Thu, 04 Jan 2018 17:01:27 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 177
Server: GSE


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   177
Md5:    c89e633bf39eb9dc0c5a77cc784578ee
Sha1:   8410dc0ef9c80ef899a5eea15396e0972696aee5
Sha256: f3a4e24604c6347ba32cbdaa42801ef445403f7e238e9e2d9b23bb769aa54f52
                                        
                                            GET / HTTP/1.1 
Host: siber-blog.blogspot.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Thu, 04 Jan 2018 17:01:27 GMT
Date: Thu, 04 Jan 2018 17:01:27 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 27 Sep 2017 22:04:58 GMT
Etag: W/"9df0dd597ab3e0a003ed47037ee06d8a9649d6f69c0d4bda59c78baa8f895c50"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 23183
Server: GSE


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   23183
Md5:    d312bda7f1addfb4608dac431d70ca21
Sha1:   2e20e0a485fc9fcd4b85761095267297e39673df
Sha256: bd78dd415ff515a3ad72c8f5cfe1571f762eda7fe9a8c80fc052da5d56898d55
                                        
                                            GET /css?family=Telex HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.170
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 04 Jan 2018 17:01:27 GMT
Date: Thu, 04 Jan 2018 17:01:27 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   190
Md5:    8aa386d7fe3506eda34a6916beeb6f3d
Sha1:   69f1bfe047711fb675340108cdf1e74528eb3950
Sha256: 8436218fe334df4372c29027657b2b8ce51a55cf547bcbd94eda17ab1317d57a
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 04 Jan 2018 17:01:27 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    56e51d9b6f435a21c2c530458fb4e316
Sha1:   6d904aedeaa3720958adddd53c16e135a45dd4fc
Sha256: f1fd513d66d8dbb3c53a1764d15fd241b095057f2ffb25b815c44d84597ca883
                                        
                                            GET /js/plusone.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "c0fb986ad1bd412a32bb5507d84bb967"
Expires: Thu, 04 Jan 2018 17:01:27 GMT
Date: Thu, 04 Jan 2018 17:01:27 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=120=bRiysluxbOK8X2EANeDZMgb0qsQAbXXGVpZ_nlRnKQ86fZrC1J3b_O9dvVZMNGD-6tK-nlOkOi3TiDP54z5t9BuBMPPsmOnkDpsAnqqcQTfrnEezma-AYt8X4PWiZmkn;Domain=.google.com;Path=/;Expires=Fri, 06-Jul-2018 17:01:27 GMT;HttpOnly


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16883
Md5:    bd8b4a239acb050db70c51395821513f
Sha1:   9b73c36c5c8f43f39ff282a567464e7737aaafe4
Sha256: 8238558d31aed2f415dd093745474d4ae52495f1ebdd2a60c46a3a0ecd638678
                                        
                                            GET /u/94528358/Cufont.js HTTP/1.1 
Host: dl.dropbox.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:27 GMT
Content-Length: 178
Connection: keep-alive
Location: https://dl.dropbox.com/u/94528358/Cufont.js
X-Dropbox-Request-Id: 20c0005e466b0c85d4b9ea22126b7e7a


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /u/94528358/Quicksand.js HTTP/1.1 
Host: dl.dropbox.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:27 GMT
Content-Length: 178
Connection: keep-alive
Location: https://dl.dropbox.com/u/94528358/Quicksand.js
X-Dropbox-Request-Id: 981871801ac1aadc3cf20c0e72a9ed7f


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /u/66329776/eklentiler/ifadeler.js HTTP/1.1 
Host: dl.dropbox.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:27 GMT
Content-Length: 178
Connection: keep-alive
Location: https://dl.dropbox.com/u/66329776/eklentiler/ifadeler.js
X-Dropbox-Request-Id: f612d5611e72e491891c32b2c62abb99


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /-TMdA13fapcA/Up9cphXBCxI/AAAAAAAADlY/HqIu9Yooasc/s400/Injector_FaithDEV.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "ve59"
Expires: Fri, 05 Jan 2018 17:01:27 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Injector_FaithDEV.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:27 GMT
Server: fife
Content-Length: 39760
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 400 x 300, 8-bit/color RGB, non-interlaced
Size:   39760
Md5:    95f20f0ebf717c30c44faca140bd0563
Sha1:   efa32cc9b7e0044f32472b7a6d0308a10609cbb6
Sha256: d9a717318026bfa6b48c46dae577d3517339b5d413b6ab29e153e9480907af51
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 04 Jan 2018 17:01:27 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /jquery-latest.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         151.139.237.113
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Thu, 04 Jan 2018 17:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Vary: Accept-Encoding
Etag: W/"54499a48-4508e"
Expires: Fri, 05 Jan 2018 00:31:35 GMT
Cache-Control: max-age=86400, public
Access-Control-Allow-Origin: *
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   102774
Md5:    88a197a791720f129b79a89423b1d15c
Sha1:   291533acd554125cbe3d7edbdb3f480f4d559ade
Sha256: fa298f84f47d7d776dc72b5834aba481fc987772462b4970529338db227af0de
                                        
                                            GET /blog/tanercakan/reklamalani2-taner.jpg HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---
                                        
                                            GET /static/v1/widgets/3332739511-widget_css_bundle.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.169
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7982
Date: Sat, 09 Dec 2017 19:26:50 GMT
Expires: Sun, 09 Dec 2018 19:26:50 GMT
Last-Modified: Sat, 09 Dec 2017 18:25:48 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 2237678
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   7982
Md5:    d342012bb968e58616411584557ea607
Sha1:   8e698a3e4a67432fd5b28eb68a7d00ce52bc13f5
Sha256: 4e02127ac31a445d8ebb1681f44c2ceb56e7e55d1d2a443a80962909b0c23467
                                        
                                            GET /-YpoIVWHyu0U/Up9XNdYJrxI/AAAAAAAADlI/L4uVICIAtHM/s1600/SwitchForMetin2.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "ve53"
Expires: Fri, 05 Jan 2018 17:01:27 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="SwitchForMetin2.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:27 GMT
Server: fife
Content-Length: 42452
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 547 x 406, 8-bit/color RGB, non-interlaced
Size:   42452
Md5:    86fabf42d7444130f713f6cc5895f1d1
Sha1:   9355cace405afa31065868ac8a1852542e681504
Sha256: 5d73d0e2655e5289b0d046284dded171997547da747a334a8ee901f8997ba813
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Thu, 04 Jan 2018 17:01:28 GMT
Etag: "5a4e3abd-1d7"
Expires: Sat, 06 Jan 2018 17:01:28 GMT
Last-Modified: Thu, 04 Jan 2018 14:31:25 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    94e08bd52c4c0d77b01e79ce55cd35d8
Sha1:   51c70c0294d33c9e4761612a87c3c04dd342e270
Sha256: 31ee13760d54c95d89c82a044faf2fafec43dffc7e6443929ce455f3348beb62
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Thu, 04 Jan 2018 17:01:28 GMT
Etag: "5a4e12bd-1d7"
Expires: Sat, 06 Jan 2018 17:01:28 GMT
Last-Modified: Thu, 04 Jan 2018 11:40:45 GMT
Server: ECS (arn/4694)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    24ad01205b193c74eeb7a4ee43ebb7e4
Sha1:   21c7f87ff585e41f7f1939d6099a3befa8760963
Sha256: 1729eac5e90ccc5f522d1b8afa5037ab1fba07b179edcf48ae4fbf224aec8ea6
                                        
                                            GET /-PNYRh3wU8Pc/Up9cpnz9YwI/AAAAAAAADlc/GNFD3FuH2iE/s300/SwitchForMetin2_1.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "ve58"
Expires: Fri, 05 Jan 2018 17:01:27 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="SwitchForMetin2_1.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:27 GMT
Server: fife
Content-Length: 27668
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 209 x 300, 8-bit/color RGB, non-interlaced
Size:   27668
Md5:    01546cc31b44ef18165eca9e3a47c9cf
Sha1:   bc8a31f55a62b72964c57e35ac1259438af156b1
Sha256: eccbafbdae8c30dd3993a7fbd3b0493e217dfb6183f9a52099c56a4be8d89fda
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 04 Jan 2018 17:01:28 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    3270c53bc638337e124cf4dfbf95a47e
Sha1:   ab001e33ae1509bedc8716ac94f56b07f92f5bb4
Sha256: 3b8b0a509c54d91bc98be012c08bf82986e8a49251079dc6cb6c0b75e9342759
                                        
                                            GET /dyn-css/authorization.css?targetBlogID=1352598394392910792&zx=95e158bf-4961-4962-b0ae-f4cff08cc67b HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.169
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Cache-Control: private, max-age=1800
Pragma: no-cache
Expires: Thu, 04 Jan 2018 17:01:28 GMT
Date: Thu, 04 Jan 2018 17:01:28 GMT
Last-Modified: Thu, 04 Jan 2018 17:01:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   21
Md5:    b9afc501fc43fbea335a2dc5d43263a1
Sha1:   7290a2dd6afbf39ecfc35b52dfb32a38fc222994
Sha256: d6e425ca7840c0ab6f26f5fc2822a47e26b4a8bbd104468a9c185bc132b8662f
                                        
                                            GET /img/icon18_wrench_allbkg.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.169
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Content-Length: 475
Date: Sat, 30 Dec 2017 18:57:05 GMT
Expires: Sat, 06 Jan 2018 18:57:05 GMT
Last-Modified: Sat, 30 Dec 2017 17:21:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=604800
Age: 425063
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  PNG image, 18 x 18, 8-bit colormap, non-interlaced
Size:   475
Md5:    f617effe6d96c15acfea8b2e8aae551f
Sha1:   6d676af11ad2e84b620cce4d5992b657cb2d8ab6
Sha256: d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
                                        
                                            GET /u/94528358/Cufont.js HTTP/1.1 
Host: dl.dropbox.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 302 FOUND
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
content-security-policy: sandbox
Location: https://dl.dropboxusercontent.com/u/94528358/Cufont.js
Pragma: no-cache
Cache-Control: no-cache
X-Dropbox-Request-Id: a5814314c11055a09d8ff3d95f81a874
X-Robots-Tag: noindex, nofollow, noimageindex
Strict-Transport-Security: max-age=15552000; includeSubDomains


--- Additional Info ---
Magic:  HTML document text
Size:   372
Md5:    29b3c997d6de58f150257cfcb7bd30f2
Sha1:   aa6bdfa56f0b0c3bfd27054ef4f719cdcda38ddb
Sha256: b688cab0b870fc071b6c28c267c1f9ea222209f703ae140db56823eaab299f5b
                                        
                                            GET /js/plusone.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "812c348f2c162f22b7c846c831cb648d"
Expires: Thu, 04 Jan 2018 17:01:28 GMT
Date: Thu, 04 Jan 2018 17:01:28 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8;Domain=.google.com;Path=/;Expires=Fri, 06-Jul-2018 17:01:28 GMT;HttpOnly
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16879
Md5:    e3ced51533eebc0ae1f21f041e2500b8
Sha1:   49d6e2805210c96008fd92e4582b41919e48c0b1
Sha256: b9b00fb0a474e60b8d31d2ceb33cf3a7ae7164a9d1e60fcd3ee2568326457350
                                        
                                            GET /u/66329776/eklentiler/ifadeler.js HTTP/1.1 
Host: dl.dropbox.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 302 FOUND
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
content-security-policy: sandbox
Location: https://dl.dropboxusercontent.com/u/66329776/eklentiler/ifadeler.js
Pragma: no-cache
Cache-Control: no-cache
X-Dropbox-Request-Id: 7b37b47e5d254fb9403f0871925f12ba
X-Robots-Tag: noindex, nofollow, noimageindex
Strict-Transport-Security: max-age=15552000; includeSubDomains


--- Additional Info ---
Magic:  HTML document text
Size:   398
Md5:    0c48bd2a797051e9c6f2f61cd096c958
Sha1:   de2615c584aef31d2a451f70217137facf6faea0
Sha256: be6a40a2a401850620b18f913f216e8e84215c74f61cb1fa99fdac5a4e79ef19

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /u/94528358/Quicksand.js HTTP/1.1 
Host: dl.dropbox.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 302 FOUND
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
content-security-policy: sandbox
Location: https://dl.dropboxusercontent.com/u/94528358/Quicksand.js
Pragma: no-cache
Cache-Control: no-cache
X-Dropbox-Request-Id: 8d66a8c1e6e394883127c68a66301dca
X-Robots-Tag: noindex, nofollow, noimageindex
Strict-Transport-Security: max-age=15552000; includeSubDomains


--- Additional Info ---
Magic:  HTML document text
Size:   378
Md5:    2bc13f93a185491f63305782c2f1b946
Sha1:   1184bf962711c9ba2b2f6af84506d28cee832515
Sha256: 726d9c4acec40d29d85675a0e39225603f76db927a0f976bb9122c258111fdcd
                                        
                                            GET /u/94528358/Cufont.js HTTP/1.1 
Host: dl.dropboxusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Dropbox-Request-Id: 1bc410e1538a65bd1d1d8d2f55d74ddd
X-Robots-Tag: noindex, nofollow, noimageindex
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1053
Md5:    79646dde709a7916cc00becc2b02bea5
Sha1:   8319cd4635262dff05b8b493387f98c8ba613da1
Sha256: d4d8a7c6df69081a44d88d34381f631df86b1eee93b0473857b6cd8aa7605650
                                        
                                            GET /img/icon18_edit_allbkg.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.169
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Content-Length: 162
Date: Sat, 30 Dec 2017 19:33:11 GMT
Expires: Sat, 06 Jan 2018 19:33:11 GMT
Last-Modified: Sat, 30 Dec 2017 15:19:52 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=604800
Age: 422897
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 18
Size:   162
Md5:    c991641178ff05adf0d004298b5eafa9
Sha1:   d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
Sha256: ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
                                        
                                            GET /-NSysMVP_qlA/UicEHZBUSxI/AAAAAAAABh0/LG5wuLubXbE/s1600/virustotal.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v61e"
Expires: Fri, 05 Jan 2018 17:01:28 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="virustotal.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:28 GMT
Server: fife
Content-Length: 2453
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 150 x 24, 8-bit/color RGBA, non-interlaced
Size:   2453
Md5:    55b6f2f8bd3b9afd518a4acc4b7959a2
Sha1:   82ad7ab2fd326ca7a95253eb7bc94994e80bb44d
Sha256: 9f1076e508d3f2fb3dcf0a1b7aca4f3148527eeb0d0bf6bfb3faccdc78307ec5
                                        
                                            GET /--kVbjQSJ3dQ/UmgkuoC-AiI/AAAAAAAACCQ/IPBp62V7eas/s1600/turbobit.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v826"
Expires: Fri, 05 Jan 2018 17:01:28 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="turbobit.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:28 GMT
Server: fife
Content-Length: 8339
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 170 x 43, 8-bit/color RGBA, non-interlaced
Size:   8339
Md5:    2307410014f630b14b2f1070486fc3fd
Sha1:   2a57928bf575de30c3458007266cf66017534ec7
Sha256: cabcc65a4cd2d5444b36bc20622b81682549e2cf97e7aa2c48bba631313a7f7a
                                        
                                            GET /-VcggbzD6rlE/Umgkuwr12iI/AAAAAAAACCU/BfjP_Zjw7no/s1600/uploaded.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v827"
Expires: Fri, 05 Jan 2018 13:59:02 GMT
Content-Disposition: inline;filename="uploaded.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:28 GMT
Server: fife
Content-Length: 9016
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400, no-transform
Age: 0


--- Additional Info ---
Magic:  PNG image, 170 x 43, 8-bit/color RGBA, non-interlaced
Size:   9016
Md5:    dd164901892a16a4ff7df71515de63d2
Sha1:   dc676ab575cfc4712af789c7d735f8fe072b7d0f
Sha256: 3648e75eff96e948d6f0471cba9b640cd8ca49dbf221e1d1035304edeeee78ef
                                        
                                            GET /-pm5XFi4YvgU/Uq2trbq8NTI/AAAAAAAAD7Q/eL3b_kb3z7o/s1600/Metin2Mod_Launcher_14-12-2013.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "vfb5"
Expires: Fri, 05 Jan 2018 17:01:28 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Metin2Mod_Launcher_14-12-2013.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:28 GMT
Server: fife
Content-Length: 182355
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 509 x 239, 8-bit/color RGBA, non-interlaced
Size:   182355
Md5:    8015c360ca3014aed1a23490bdbb313c
Sha1:   1ce1aa2562b847d73bb3d775384a07e4152eb820
Sha256: c92f01e8989c257df697692d37fe36710a2a96a2f5995ba083cd4563c81be846
                                        
                                            GET /-dYJ_TiLvHBo/Uq2uW2f_3_I/AAAAAAAAD7Y/6l4TBwyPO9k/s1600/Metin2Mod_FishBot.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "vfb7"
Expires: Fri, 05 Jan 2018 17:01:28 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Metin2Mod_FishBot.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:28 GMT
Server: fife
Content-Length: 287207
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 553 x 321, 8-bit/color RGB, non-interlaced
Size:   287207
Md5:    893e3ac17b07c26f6c22940984cdbcb2
Sha1:   127f9d36c6a863c7799f80670c9cc098703456cd
Sha256: fc54105857f277b7bac4e78701ad34546a238a9fa80b061dc9ea145a9ce289d6
                                        
                                            GET /static/v1/widgets/3396115317-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.169
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 45867
Date: Mon, 01 Jan 2018 23:46:08 GMT
Expires: Tue, 01 Jan 2019 23:46:08 GMT
Last-Modified: Mon, 01 Jan 2018 22:24:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 234920
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   45867
Md5:    3b584e37e74b5184a83f60944bf2abbf
Sha1:   ccaca663ce95b596e374afe2f609ec331e7d5c93
Sha256: cb268ec55a65996ce5168ba7770afbd8f9d48a081ec584ec5160d0c0bfa2b5e9
                                        
                                            GET /u/66329776/eklentiler/ifadeler.js HTTP/1.1 
Host: dl.dropboxusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Dropbox-Request-Id: 5fd857d7216ce4148aa7e93f50b31868
X-Robots-Tag: noindex, nofollow, noimageindex
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1053
Md5:    79646dde709a7916cc00becc2b02bea5
Sha1:   8319cd4635262dff05b8b493387f98c8ba613da1
Sha256: d4d8a7c6df69081a44d88d34381f631df86b1eee93b0473857b6cd8aa7605650
                                        
                                            GET /u/94528358/Quicksand.js HTTP/1.1 
Host: dl.dropboxusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Dropbox-Request-Id: 9534881dae134c746b6282785e925011
X-Robots-Tag: noindex, nofollow, noimageindex
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1053
Md5:    79646dde709a7916cc00becc2b02bea5
Sha1:   8319cd4635262dff05b8b493387f98c8ba613da1
Sha256: d4d8a7c6df69081a44d88d34381f631df86b1eee93b0473857b6cd8aa7605650
                                        
                                            GET /eklentiler/blogger-numaralandirma.js HTTP/1.1 
Host: tema.dataservis.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         79.98.129.111
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=604800
Expires: Thu, 11 Jan 2018 17:01:28 GMT
Last-Modified: Thu, 08 Dec 2011 23:50:55 GMT
Content-Length: 1481
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 04 Jan 2018 17:01:28 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1481
Md5:    2b03788bba4ec73f2f16455de6c1286d
Sha1:   a5cbf737e57845e609ff8d19471ed1e416d1e3ba
Sha256: 7cf12efacfb9a49606083137fafb78a26e8469279908793f393a77b8a1ec66ba
                                        
                                            GET /r81IrIB.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         151.101.36.193
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Tue, 24 Sep 2013 17:45:52 GMT
Etag: "623bc220ed40b8e001ff13bb9ce98ad3"
Fastly-Debug-Digest: f30a3318bd8999ddc51805041ddf68b00b3a751defe3da227a9235f031b8e6c6
Cache-Control: public, max-age=31536000
Content-Length: 13700
Accept-Ranges: bytes
Date: Thu, 04 Jan 2018 17:01:28 GMT
Age: 801542
Connection: keep-alive
X-Served-By: cache-iad2151-IAD, cache-ams4124-AMS
X-Cache: HIT, MISS
X-Cache-Hits: 1, 0
X-Timer: S1515085289.808318,VS0,VE85
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0


--- Additional Info ---
Magic:  PNG image, 300 x 100, 8-bit/color RGBA, non-interlaced
Size:   13700
Md5:    623bc220ed40b8e001ff13bb9ce98ad3
Sha1:   2d38ae391beea027fed023113207814b570ee7e2
Sha256: 0f81d1479b8e30d31e29ef79ddd6fe17234c1a9568edce86aa42fd46ac018587
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 46577
Date: Mon, 18 Dec 2017 23:40:57 GMT
Expires: Tue, 18 Dec 2018 23:40:57 GMT
Last-Modified: Sat, 16 Dec 2017 09:41:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 1444831
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   46577
Md5:    fbf344ae06d9f1f417ee5dcf12d85e0e
Sha1:   79567b240ee3535d13cf58486d38a81799bfaff5
Sha256: cb008d9655dfcb7e5fd310fa338a54d9ac367b40b3437fb3fd92255ef1b7a474
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: siber-blog.blogspot.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
                                        
Expires: Thu, 04 Jan 2018 17:01:29 GMT
Date: Thu, 04 Jan 2018 17:01:29 GMT
Cache-Control: private, max-age=86400
Last-Modified: Wed, 27 Sep 2017 22:04:58 GMT
Etag: W/"9df0dd597ab3e0a003ed47037ee06d8a9649d6f69c0d4bda59c78baa8f895c50"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   412
Md5:    23e5eb1119a7f4d2ab629ccd77a5f84b
Sha1:   f7a5a792e41005ba918551e4416c4bf639ec80ec
Sha256: a0c8d4831f453c316840a502432719f7f7d833bea4a9b59f548e4a1bc2bf0c8a
                                        
                                            GET /u/66329776/eklentiler/ifadeler.js HTTP/1.1 
Host: dl.dropbox.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 302 FOUND
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
content-security-policy: sandbox
Location: https://dl.dropboxusercontent.com/u/66329776/eklentiler/ifadeler.js
Pragma: no-cache
Cache-Control: no-cache
X-Dropbox-Request-Id: 4388d07a03d5eb9f229a2ce60494b2ef
X-Robots-Tag: noindex, nofollow, noimageindex
Strict-Transport-Security: max-age=15552000; includeSubDomains


--- Additional Info ---
Magic:  HTML document text
Size:   398
Md5:    0c48bd2a797051e9c6f2f61cd096c958
Sha1:   de2615c584aef31d2a451f70217137facf6faea0
Sha256: be6a40a2a401850620b18f913f216e8e84215c74f61cb1fa99fdac5a4e79ef19

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /u/66329776/eklentiler/ifadeler.js HTTP/1.1 
Host: dl.dropboxusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         162.125.65.6
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Dropbox-Request-Id: b4d8c896f56ddb7aabde75341a916bba
X-Robots-Tag: noindex, nofollow, noimageindex
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1053
Md5:    79646dde709a7916cc00becc2b02bea5
Sha1:   8319cd4635262dff05b8b493387f98c8ba613da1
Sha256: d4d8a7c6df69081a44d88d34381f631df86b1eee93b0473857b6cd8aa7605650
                                        
                                            GET /-alUX4IWDUrM/TxLldA2MUGI/AAAAAAAAGok/veMEs9wWF7Q/s1600/body.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v1a89"
Expires: Fri, 05 Jan 2018 17:01:29 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="body.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:29 GMT
Server: fife
Content-Length: 17635
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 227 x 160, 8-bit/color RGB, non-interlaced
Size:   17635
Md5:    0399601433ef54bdc748ec52cfb6b0e9
Sha1:   5585fb35d7048a336e4b199f9237ebb89e5ceab1
Sha256: fdd8743d22e62374b3e6686974b0eddd00297f2399ebb2ddefe6480c80c3f773
                                        
                                            GET /blog/tanercakan/reklamalani2-taner.jpg HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---
                                        
                                            GET /blog/tanercakan/headertaner.gif HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 429 Too Many Requests
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:30 GMT
Content-Length: 178
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    403214dab1dc8abd38496301eff419c1
Sha1:   b4c91f28fc64e602d63ae40f9e8ec23f2cd73c45
Sha256: ac061aeb038d56f49ccd10f7684c8f20b7a75d965279217bdd9665c65992bbc9
                                        
                                            GET /blog/tanercakan/aramakutucugu-taner.png HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 429 Too Many Requests
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:30 GMT
Content-Length: 178
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    403214dab1dc8abd38496301eff419c1
Sha1:   b4c91f28fc64e602d63ae40f9e8ec23f2cd73c45
Sha256: ac061aeb038d56f49ccd10f7684c8f20b7a75d965279217bdd9665c65992bbc9
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w/cb=gapi.loaded_1 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16431
Date: Mon, 18 Dec 2017 23:35:40 GMT
Expires: Tue, 18 Dec 2018 23:35:40 GMT
Last-Modified: Sat, 16 Dec 2017 09:41:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 1445149
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   16431
Md5:    30f706397131a3fed0adc8cafd83f56d
Sha1:   269c594ff683af8c4b90c599fba34fcc35c67124
Sha256: 047d33e6a09fb38c2977de780a5d8158114a83089f14542ba2ab015a07f58f94
                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Wed, 03 Jan 2018 02:36:38 GMT
Expires: Wed, 17 Jan 2018 02:36:38 GMT
Etag: 13036835877489095579
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 138291


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            GET /embed/Vdvwb7eGd5c HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.21.174
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Content-Length: 0
X-Content-Type-Options: nosniff
Expires: Tue, 27 Apr 1971 19:44:06 EST
Location: https://www.youtube.com/embed/Vdvwb7eGd5c
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
Cache-Control: no-cache
Date: Thu, 04 Jan 2018 17:01:29 GMT
Server: YouTube Frontend Proxy
Set-Cookie: VISITOR_INFO1_LIVE=UbQSMZCHQs8; path=/; domain=.youtube.com; expires=Wed, 05-Sep-2018 04:54:29 GMT; httponly VISITOR_INFO1_LIVE=UbQSMZCHQs8; path=/; domain=.youtube.com; expires=Wed, 05-Sep-2018 04:54:29 GMT; httponly YSC=tDGSnYXuUts; path=/; domain=.youtube.com; httponly


--- Additional Info ---
                                        
                                            GET /-PP3-EDrCzJc/UeZkm-38CsI/AAAAAAAABKE/45v3c98Z_rA/s1600/Download.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v4a3"
Expires: Fri, 05 Jan 2018 17:01:29 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Download.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:29 GMT
Server: fife
Content-Length: 2312
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   2312
Md5:    1db3f52a881c28eeadf377e331f142ef
Sha1:   e9c35f04740a07b7744e88fc97aafba9200a94f2
Sha256: fca90e6be4649702f206d7cdd44f782544cea6445b88a402446305669431ae16
                                        
                                            GET /16/c/k0n67.png HTTP/1.1 
Host: f1302.hizliresim.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         217.182.130.166
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 222
Accept-Ranges: bytes
Last-Modified: Tue, 29 Sep 2015 18:55:31 GMT
Etag: a5d9d8428e0a60caf6cf5ff99c3a32cf
X-Timestamp: 1443552930.93213
X-Object-Meta-Mtime: 1426789082.243516
X-Trans-Id: tx97b6f15e7d4e4eb194afd-005a4e5de9
X-Openstack-Request-Id: tx97b6f15e7d4e4eb194afd-005a4e5de9
Date: Thu, 04 Jan 2018 17:01:29 GMT
X-IPLB-Instance: 12631


--- Additional Info ---
Magic:  PNG image, 15 x 45, 8-bit/color RGBA, non-interlaced
Size:   222
Md5:    a5d9d8428e0a60caf6cf5ff99c3a32cf
Sha1:   56735b0cd868845026d4ae9906c52d95c5e038d7
Sha256: 1fb1ceee31aef705e56db5a60d1a6b5f318b7589e48060a6d450ec8ac3daadb9
                                        
                                            GET /blog/tanercakan/devamtaner.png HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 429 Too Many Requests
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:31 GMT
Content-Length: 178
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    403214dab1dc8abd38496301eff419c1
Sha1:   b4c91f28fc64e602d63ae40f9e8ec23f2cd73c45
Sha256: ac061aeb038d56f49ccd10f7684c8f20b7a75d965279217bdd9665c65992bbc9
                                        
                                            GET /data/icons/ledicons/clock.png HTTP/1.1 
Host: cdn1.iconfinder.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         46.227.65.28
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: keycdn-engine
Date: Thu, 04 Jan 2018 17:01:29 GMT
Content-Length: 741
Connection: keep-alive
Last-Modified: Tue, 12 May 2015 16:56:22 UTC
Expires: Thu, 11 Jan 2018 17:01:29 GMT
Cache-Control: max-age=604800
X-Upstream: pikea
Link: <https://www.iconfinder.com/data/icons/ledicons/clock.png>; rel="canonical"
X-Cache: HIT
X-Edge-Location: sest
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   741
Md5:    868a650f4515e5eed901b8932ed1814f
Sha1:   6197f73657aa29bc37e3d3a54c193bb15b044b5e
Sha256: f5fa7e787d4f42daf8671cefe9bbd5870f7431ca15c00adb314623e5baa99aa3
                                        
                                            GET /blog/tanercakan/headertaner.gif HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 429 Too Many Requests
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:31 GMT
Content-Length: 178
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    403214dab1dc8abd38496301eff419c1
Sha1:   b4c91f28fc64e602d63ae40f9e8ec23f2cd73c45
Sha256: ac061aeb038d56f49ccd10f7684c8f20b7a75d965279217bdd9665c65992bbc9
                                        
                                            GET /navbar.g?targetBlogID=1352598394392910792&blogName=siberblog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://siber-blog.blogspot.com/search&blogLocale=tr&v=2&homepageUrl=http://siber-blog.blogspot.com/&vt=1853378523578133894&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.169
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 04 Jan 2018 17:01:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   2687
Md5:    b4e4851fa25c993515362af7b3608970
Sha1:   aa3736d1735489c2c03e0998becf27c60e1eecfb
Sha256: fae719c626901ce5ea7ab8927ffd2a5edc0af41a544fe12bcd65134316004c54
                                        
                                            GET /js/platform:gapi.iframes.style.common.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.blogger.com/navbar.g?targetBlogID=1352598394392910792&blogName=siberblog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://siber-blog.blogspot.com/search&blogLocale=tr&v=2&homepageUrl=http://siber-blog.blogspot.com/&vt=1853378523578133894&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "1acbe90765c1284447d05015144a0d63"
Expires: Thu, 04 Jan 2018 17:01:30 GMT
Date: Thu, 04 Jan 2018 17:01:30 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16893
Md5:    bcc5d69454d9b39e9d4554f738ae6ce9
Sha1:   7cacefb16ca3d23a4b615a577e6eb5c8ca927d9b
Sha256: d4f1c6f5591828440b2cf80c8382dd0fd4ddbfbb311a55ec51102663c97ecd0e
                                        
                                            GET /blog/tanercakan/aramabutonu-taner.png HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /resimler/menu-ayrac.png HTTP/1.1 
Host: wmaraci.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.244.57.46
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: public, max-age=604800
Expires: Thu, 11 Jan 2018 17:01:28 GMT
Last-Modified: Mon, 23 Jul 2012 18:38:52 GMT
Content-Length: 236
Date: Thu, 04 Jan 2018 17:01:28 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 1 x 38, 8-bit/color RGBA, non-interlaced
Size:   236
Md5:    b7fa9b56b4ec6898dad143386f4a82b3
Sha1:   d698a30c223714c9376f5412df72caae5da93fc3
Sha256: ceac47c112f337ab05d9e96efbd023c97b76bea08c57568ce52c5c966f9f0aec
                                        
                                            GET /feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata HTTP/1.1 
Host: siber-blog.blogspot.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Etag: W/"e8c92a68818d6576c4f6d7e986021931471bc8a3c026396734db6c51179d4ee3"
Date: Thu, 04 Jan 2018 17:01:30 GMT
Server: blogger-renderd
Expires: Thu, 04 Jan 2018 17:01:31 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 27 Sep 2017 22:04:58 GMT
Content-Encoding: gzip
Content-Length: 1328
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   1328
Md5:    8ddb566dc143e214f77c15cb642c32b8
Sha1:   0dd948cb2b4c6e543ca1290fd64184f40171103d
Sha256: 64fa2b9d2668a2755545604a977518e6978b1be708c9266b969326100c22d811
                                        
                                            GET /-sWCyMyh45ZE/UM3crjSohjI/AAAAAAAAAEk/LP-pou7pzSs/s1600/mavibg.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         172.217.22.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v49"
Expires: Fri, 05 Jan 2018 17:01:30 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mavibg.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 04 Jan 2018 17:01:30 GMT
Server: fife
Content-Length: 257
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  PNG image, 1 x 40, 8-bit/color RGB, non-interlaced
Size:   257
Md5:    e06a715cde27d0f4141cc73f1c21354f
Sha1:   4d6c86432b66055b801dbdf386739068e8a891e2
Sha256: 9e29447f3a90b5149484f505748f9643d730d3e8e1a945640a1be3b61089ee07
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=gapi_iframes_style_common,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.blogger.com/navbar.g?targetBlogID=1352598394392910792&blogName=siberblog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://siber-blog.blogspot.com/search&blogLocale=tr&v=2&homepageUrl=http://siber-blog.blogspot.com/&vt=1853378523578133894&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 58159
Date: Mon, 18 Dec 2017 23:40:49 GMT
Expires: Tue, 18 Dec 2018 23:40:49 GMT
Last-Modified: Sat, 16 Dec 2017 09:41:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 1444841
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   58159
Md5:    567b52a4f5596a6f12bda9191ca553c8
Sha1:   393bad2e686c699465aae60bde62ea763d3988de
Sha256: d3016d5c64c357dd987cc3487764570bb4015e6e0305de986c3be47f3fed5c21
                                        
                                            GET /data/icons/Sizicons/16x16/double_comment.png HTTP/1.1 
Host: cdn1.iconfinder.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         46.227.65.28
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: keycdn-engine
Date: Thu, 04 Jan 2018 17:01:30 GMT
Content-Length: 406
Connection: keep-alive
Last-Modified: Tue, 12 May 2015 15:56:13 UTC
Expires: Thu, 11 Jan 2018 17:01:30 GMT
Cache-Control: max-age=604800
X-Upstream: pikea
Link: <https://www.iconfinder.com/data/icons/Sizicons/16x16/double_comment.png>; rel="canonical"
X-Cache: MISS
X-Edge-Location: sest
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   406
Md5:    92e5e125338a65db78e5eba0a9d9a1db
Sha1:   bee37b6ec69181c1c784dec0a6edd75bc9ab202d
Sha256: 70e4ac117d3a0ce0dca1d683b003694afcef18c9615c1847757079fe97ca180d
                                        
                                            GET /data/icons/pc_de_hamburg_icon_pack/16x16/category.png HTTP/1.1 
Host: cdn1.iconfinder.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         46.227.65.28
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: keycdn-engine
Date: Thu, 04 Jan 2018 17:01:30 GMT
Content-Length: 473
Connection: keep-alive
Last-Modified: Tue, 12 May 2015 20:27:33 UTC
Expires: Thu, 11 Jan 2018 17:01:30 GMT
Cache-Control: max-age=604800
X-Upstream: pikea
Link: <https://www.iconfinder.com/data/icons/pc_de_hamburg_icon_pack/16x16/category.png>; rel="canonical"
X-Cache: MISS
X-Edge-Location: sest
Access-Control-Allow-Origin: *
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   473
Md5:    8409cce3c80524e393b8d4bc22742015
Sha1:   b9ecbc1043775118dbf92b9edadd1e2635ccb0b5
Sha256: 670f1a8819432fbe3bd5dd93779c86f81b55f5a864db187b5e24ece9fefa7eec
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=auth/exm=gapi_iframes_style_common,plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w/cb=gapi.loaded_1 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.blogger.com/navbar.g?targetBlogID=1352598394392910792&blogName=siberblog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://siber-blog.blogspot.com/search&blogLocale=tr&v=2&homepageUrl=http://siber-blog.blogspot.com/&vt=1853378523578133894&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19920
Date: Tue, 19 Dec 2017 00:11:49 GMT
Expires: Wed, 19 Dec 2018 00:11:49 GMT
Last-Modified: Sat, 16 Dec 2017 09:41:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 1442981
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   19920
Md5:    032dd666345b6ef4e4c7fbf466d1f405
Sha1:   5374ed709207802d927e7dfbc68d15f05ded3bde
Sha256: 84565ce0ffca018920b847305252b889632985183984275dc8552ac70653ab18
                                        
                                            GET /se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Anavbar%3Aplusone&size=medium&hl=no&origin=https%3A%2F%2Fwww.blogger.com&url=http%3A%2F%2Fsiber-blog.blogspot.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.blogger.com/navbar.g?targetBlogID=1352598394392910792&blogName=siberblog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://siber-blog.blogspot.com/search&blogLocale=tr&v=2&homepageUrl=http://siber-blog.blogspot.com/&vt=1853378523578133894&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Vary: Accept-Encoding
Timing-Allow-Origin: *
Expires: Thu, 04 Jan 2018 17:01:30 GMT
Date: Thu, 04 Jan 2018 17:01:30 GMT
Cache-Control: private, max-age=3600
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   4018
Md5:    b3f9eb6fbc06208bf1997a4ee50692a3
Sha1:   4dd914ea4d32efde2d17e34dc0223f327249dab8
Sha256: c29d038d3dc7ae4caad8a643afb66a0fab1546e1b7363e1398b67fe5a5942c4d
                                        
                                            GET /blog/tanercakan/yazartaner.png HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=googleapis_client,gapi_iframes_style_common,gapi_iframes_iframer/am=AQ/rt=j/d=1/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&source=blogger%3Anavbar%3Aplusone&size=medium&hl=no&origin=https%3A%2F%2Fwww.blogger.com&url=http%3A%2F%2Fsiber-blog.blogspot.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 43950
Date: Mon, 18 Dec 2017 23:35:29 GMT
Expires: Tue, 18 Dec 2018 23:35:29 GMT
Last-Modified: Sat, 16 Dec 2017 09:41:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 1445161
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   43950
Md5:    2b3a082960fb83a26eab814c7f1a7c89
Sha1:   27ef6f5ecd1ae3412cabf9fa17c52a8ce32f8f3b
Sha256: 812bacd2463a90362ba6769cabf2fa98a8aabee169e4558d044b938fabdfce11
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 04 Jan 2018 17:01:31 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    f93bd7ee5e8f3ed35108e42596aeba6f
Sha1:   870ad51a394071ffba3e75cfd82c8492a1b74754
Sha256: 6f6e77d849a59e10a9f96c95af8b624e083c29902ab02ccbc61637793607a610
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1391
Content-Transfer-Encoding: binary
Cache-Control: max-age=368968, public, no-transform, must-revalidate
Last-Modified: Mon, 1 Jan 2018 23:29:20 GMT
Expires: Mon, 8 Jan 2018 23:29:20 GMT
Date: Thu, 04 Jan 2018 17:01:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1391
Md5:    8b99626f1cfb85b77033f2f46c86f3b4
Sha1:   aa8240fc4de5479211f82f457f8a346fe6bb8e26
Sha256: 6a806943261614f3b43bd2e991a89e5a9a7480bfbd6817a7106fef2af7b217bb
                                        
                                            GET /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.blogger.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.blogger.com/navbar.g?targetBlogID=1352598394392910792&blogName=siberblog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://siber-blog.blogspot.com/search&blogLocale=tr&v=2&homepageUrl=http://siber-blog.blogspot.com/&vt=1853378523578133894&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.173
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 04 Jan 2018 17:01:31 GMT
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   365
Md5:    127481260de8f3fb29b491335acd6043
Sha1:   020c8390752cd9bebd672b44f26c624fa4e46fa2
Sha256: fd46525a30b3e211f01600a8ad276d130c7b6b760fe9ab8ebeada83bf8447a6f
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 04 Jan 2018 17:01:31 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    50ef4a53eb3bc10293779bff45eea3dc
Sha1:   8fab8639475acd3414c7cca01b1ff8087dbd3090
Sha256: 3ebb9eb0abee25e74f544763e32702c6c6f18fa9dfd6d6123b4dfebf7012e647
                                        
                                            GET /js/rpc:shindig_random.js?onload=init HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.blogger.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "617d7cbad1e6b0d692e15c708f0aad80"
Expires: Thu, 04 Jan 2018 17:01:31 GMT
Date: Thu, 04 Jan 2018 17:01:31 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   4751
Md5:    0cb5e0f3f553021425033158af30192b
Sha1:   675f8a618a0eed54972f14dac2a94667dfa8a2a1
Sha256: 3649afd205bb0276d723657fb5b0912f5b404bd89ff1aaeb7aaf9816cc7cb5f7
                                        
                                            GET /accounts/o/1765587600-postmessagerelay.js HTTP/1.1 
Host: ssl.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.blogger.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w

                                         
                                         172.217.22.163
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3869
Date: Fri, 15 Dec 2017 09:59:38 GMT
Expires: Sat, 15 Dec 2018 09:59:38 GMT
Last-Modified: Fri, 15 Dec 2017 03:26:18 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1753313
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3869
Md5:    517b730ed4187b2010856914003eeede
Sha1:   4482eab87e32e103a9e6cf9362dfbb7dc4356c81
Sha256: 92c25f7249e36f8147938176d88790281117b38bbade4414e5bc9955b35fe235
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.lyon4aDFbFk.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.blogger.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w
Cookie: NID=120=P5wyv8l0zSzlYboePdc44RWo9bqJSujjo_BLSSXd3HpL7ANAMSM5wmrFfndH3qIAU8DGUAr4hieGguvk34Mdln60qGeww-Nx3eYwXRFxf6pdOXCVGwcUP3BpS_uODAT8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16321
Date: Mon, 18 Dec 2017 23:31:25 GMT
Expires: Tue, 18 Dec 2018 23:31:25 GMT
Last-Modified: Sat, 16 Dec 2017 09:41:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 1445406
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   16321
Md5:    e8a5205b645bc4e3bdc461a0cfa4e78e
Sha1:   4480c752763826b37c83e215a6142929d8e15182
Sha256: a4b36b3e9fd91cf6a4bdefdeb84bd4df6a881ab2b6669d65367175fdc11a3582
                                        
                                            GET /blog/tanercakan/headerlogo-taner.png HTTP/1.1 
Host: birmmo.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         195.20.46.28
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx
Date: Thu, 04 Jan 2018 17:01:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache


--- Additional Info ---
                                        
                                            GET /navbar.g?targetBlogID=1352598394392910792&blogName=siberblog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://siber-blog.blogspot.com/search&blogLocale=tr&v=2&homepageUrl=http://siber-blog.blogspot.com/&vt=1853378523578133894&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.lyon4aDFbFk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCOKMiz7gIVCZ62llAJ83SLnLLBl4w HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://siber-blog.blogspot.no/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---