r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2536
Expires: Thu, 09 Feb 2023 01:40:44 GMT
Date: Thu, 09 Feb 2023 00:58:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4253
Expires: Thu, 09 Feb 2023 02:09:21 GMT
Date: Thu, 09 Feb 2023 00:58:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 00:34:15 GMT
content-type: application/json
age: 1453
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5285e5c7348f3fbd5592c9ef2f1671bb
2291d66f50a6cca8cf4941a4f4f764efb1d16e25
5405d090c458dabd9ccb1e0404374429774d916cc5c274ad3c44162d3717a0e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3434
Expires: Thu, 09 Feb 2023 01:55:42 GMT
Date: Thu, 09 Feb 2023 00:58:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vI9zfdCf7mIYl65Zfp0Zjs8qYUMg2v8knp47Ufs0p5eD+bS0QhWlAyY9ILxJlb7Mmx9NyAmm44M=
x-amz-request-id: ATP4ZYPM9EAP5NS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 00:46:10 GMT
age: 738
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:58:28 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ded6.page.link/qEBk
142.250.74.97302 Found 0 B IP 142.250.74.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /qEBk HTTP/1.1
Host: ded6.page.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 00:58:28 GMT
location: http://go.gugekes.com/0kbz?Ga8h
cross-origin-resource-policy: same-site
content-security-policy: script-src 'nonce-NYd6SAGY4nrIUXzoaD8bKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5285e5c7348f3fbd5592c9ef2f1671bb
2291d66f50a6cca8cf4941a4f4f764efb1d16e25
5405d090c458dabd9ccb1e0404374429774d916cc5c274ad3c44162d3717a0e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 00:14:52 GMT
age: 2617
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
go.gugekes.com/0kbz?Ga8h
104.21.8.75302 Found 0 B IP 104.21.8.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0kbz?Ga8h HTTP/1.1
Host: go.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 09 Feb 2023 00:58:29 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Origin: *
Location: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Vary: User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdDE7Pl21AyZmeI3YYo%2Fy89kdLzbBnNNdhzvzdB6V3gVZsPfXsOiiQ1mcOTiLZL%2B9mGOR3TQ%2FrUbQ4YtElYcOapwj%2Fxv1TYSmCOHeXoCtG8gDX3sXak0FtZs6I%2Fmel5qBg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7968a82bac46b4f7-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6715
Expires: Thu, 09 Feb 2023 02:50:24 GMT
Date: Thu, 09 Feb 2023 00:58:29 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/gD9mndZ-HVA
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/gD9mndZ-HVA
IP 142.250.74.163:0
Hash 07cc4b3d5e56f43a87a9d88cbaa82261
eca60c294a062b8e229ea76dadfc2a63183bcd7c
7ef6f488472c0f36e0a0500972565d16ffb90b513f2b098ea541e6caf5d7ba95
POST /s/gts1p5/gD9mndZ-HVA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.240.124.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.124.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: otwOR6hA6Kxw7t0g6bYNGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2zfNgXB7B94JrS5LJ/z72EbR82M=
bitcoin-now.gugekes.com/no/images/logo-secure-pop.png
104.21.8.75200 OK 1.2 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/logo-secure-pop.png
IP 104.21.8.75:0
File type PNG image data, 57 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash c670ce72aa2f92feab48b832781dd95d
c0dbd06f04f87e14c2ce73a7c7fea6b1378af11f
98cfd4ddb345e21c26806136af724048d9b1849c2aa51f7f9c0f0a7663430931
GET /no/images/logo-secure-pop.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 1225
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "4c9-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uK3H3tAxS8uMIBE%2F1fc7HJSEk2iDLRtfGi09wy%2F2EdrfFLQn%2FA3d7BnNqOPmZZVWVdYk5Z1q2BckhfVyghLI6ZdHoRMmhVQjCnMZf7%2F0OIIUBNHuAORTWd1P8akP1eFC1Me0LGiafoUXOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fcbb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/card-logo.png
104.21.8.75200 OK 2.4 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/card-logo.png
IP 104.21.8.75:0
File type PNG image data, 377 x 35, 8-bit colormap, non-interlaced\012- data
Hash 9951128ad74ba50033febb989c05e8d0
7a86ec0f755da800466daf771788de7d0b636170
fb75af81e5ab3eaa4fd18350e80ac4476340b98bfb4c6a68289372f1b23511ef
GET /no/images/card-logo.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 2426
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "97a-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rmkx4tuDmwAto3ayF3lfGcqlEN8IvxPb8HmX1P1WPM%2Btinw46n0nx9ceYoKnLFkgFkRRI5CCGIevHxTjEdJlYPruuPdixciimujek%2BlRJCNGou%2BTKXsobM61C%2BFBaayrMzW2JdCicuJ%2FbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fceb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/phone-footer.png
104.21.8.75200 OK 143 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/phone-footer.png
IP 104.21.8.75:0
File type PNG image data, 407 x 490, 8-bit/color RGBA, non-interlaced\012- data
Size 143 kB (143070 bytes)
Hash 29dc8573e90b64ac6a6a25e774e1a59b
98c242e665286a76217747a5c29916e425410150
cb10ee79f87b655292f3c85335bebc0f3d57fbf9a21ec097241551bebceb32cf
GET /no/images/phone-footer.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 143070
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "22ede-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0iv%2BNH2SjYUPCKMNMIIr%2FlrbssBJIN0KFLIbaQdXpbkNVgCTkJrpBsux593CGmfmf1PqZ9bV%2BvJk%2Fbs3p6KgehHcGBmeD%2BFRMKYIdMX3evP8YeHzn1kC7WmUZo22jXiuPtjzAiVj%2FE%2Fsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fc9b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/attention-mob.png
104.21.8.75200 OK 415 B URL HTTP/2 bitcoin-now.gugekes.com/no/images/attention-mob.png
IP 104.21.8.75:0
File type PNG image data, 22 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash a34d08834fd21c0410760fc66596a67e
1b64680a92dc771c3188c4198103fc6d577cce4d
13d7ba4bc4f851eade9f22f06421b812fd0c23646f45e47d2d509d72d59d1e20
GET /no/images/attention-mob.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 415
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "19f-5ae2d8e5c0335"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TbNS3zgRaSY6Ib0%2BJwkJBkXaakTrdRHU9lefzfDlQxCxPhKR2Y3FLFf4gKijp4Z8CDlYMBn6MSBbPHjIFez0uqvRDRe28OQJ6zfHoO%2Fs1qANPXNFWNsPoGWA9mAsH0F7Cxu2v4crs6t7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fcfb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/btc-logo.png
104.21.8.75200 OK 2.0 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/btc-logo.png
IP 104.21.8.75:0
File type PNG image data, 190 x 30, 8-bit colormap, non-interlaced\012- data
Hash 4fb9be5dc40006b48597e7177cbde632
acde09fb71c5b528bc865b54430a78e81d38a3db
1ec7cde466bdca8cfa2fd5ecf30c90b23bb92f85489a8cd3df28697b956c8943
GET /no/images/btc-logo.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 2021
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "7e5-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7360
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBPV8HPKTFDFYfQdbZ1zrXZ0RdKsnO3tB89XQF1KdxeUvCSlaSU17O9MyO8EK3f0tGKBqn8P1jrMmolMPcGOdrdisNZG6V5gzqETjNbPKd4ufeB%2F%2FA2wkof4UQlRs4TCTkKrsMA8FOH8qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fd0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/volume.png
104.21.8.75200 OK 875 B URL HTTP/2 bitcoin-now.gugekes.com/no/images/volume.png
IP 104.21.8.75:0
File type PNG image data, 256 x 256, 1-bit colormap, non-interlaced\012- data
Hash 25209f54cceeb6ac42097d82256cbfab
a2cbcfb42b1ce89a17aed8bf640b90f057319390
cf53ba9a7f63136e884da82519c4f9343a04b1f56c4ad19b8014a91078f88e77
GET /no/images/volume.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 875
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "36b-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfmZ0blydrnSM%2FVdZuV%2BhturpOS7IJZz68Av4FWyVfdkZZzsmJfaDQCtTFIRGudCh%2BbmZstdJDqBZBhR1YfBlHjEN7txkpxhnhdPvhhju7mka%2F0Ik9Mu0S4Kham5%2BY9MJjCNEzxJ1e7EXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fd6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/form-headr.png
104.21.8.75200 OK 65 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/form-headr.png
IP 104.21.8.75:0
File type PNG image data, 1000 x 179, 8-bit colormap, non-interlaced\012- data
Hash 13bdee4cb30384d8576776157c7afe08
0263585f660cfa559f2dfdcde3f80a65835408ad
de14f5e6a350dea274b4742f13de4d68fac1b8d477c29308b41c0a2477aed985
GET /no/images/form-headr.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 64741
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "fce5-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsK6xVBglMdUrgnTHo%2Fk94FK6TcuPrxG9HSU75XQPmHYMQVfzTsLj4nCjSv6GVIShYyiU8MTHQ9AjviRjRKfbbVLVH5UsJ2g7fk12CMsmpl3h8lY8KR0k%2BcRTEVb0vtIdg%2Fh7YT7yjMq7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fd5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/bitgo.png
104.21.8.75200 OK 3.1 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/bitgo.png
IP 104.21.8.75:0
File type PNG image data, 88 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash b25c5404dc3943f93693f5e04618e5db
9f3c664b9b691c4c1548758881c246e7f9931667
dfb7536168ad36c8e8b111a424eb737579ce0eeaf80b3f4300e7bdd9b762feee
GET /no/images/bitgo.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 3080
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "c08-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjRVm3NohvrktaMwrm7p3wdSQCPnZk5vE7D2J59XfDqwMan5u3%2FYjtfL%2F%2BIQh1RrqSWh00z9fT%2BAoCpusint%2BGYtp0yrREx2LY5T90GhK4N0I3ESfEPpV5%2FsdxzVcmN3cM6Suz2XLvqSrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fd9b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/visa.png
104.21.8.75200 OK 3.9 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/visa.png
IP 104.21.8.75:0
File type PNG image data, 101 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash abea49af2179d59637e2ca7898379e78
449155b9b81d5d2a89eedac640317a514a5a2b06
175d4649926668778904590bb407aaa6d118b5f2e7de5a88462010b900cb5789
GET /no/images/visa.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 3931
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "f5b-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjN7XbXh93Q9s2oe9sdPysDlf5vctpwMsw%2B5K9pu4PM15jwaGAnsXz08CHQ45LDehFRiPBy3GajXSRjmJMsEqaFxqb%2BWl%2FVSdWu53pvx66F28b6sJqOxhJAqsDojaLCb05ntmnBRXuAZ%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fdcb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/arow-up.png
104.21.8.75200 OK 325 B URL HTTP/2 bitcoin-now.gugekes.com/no/images/arow-up.png
IP 104.21.8.75:0
File type PNG image data, 18 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e9810a72bae5cb0827aaf62811fd2e6
c8b1fa25b703a77c69efcde6a6cd1acf0193f467
8340840f98b8877e877be8a61bd3d33c35b44ecab72e1008a53d9c1c5340460e
GET /no/images/arow-up.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 325
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "145-5ae2d8e5c0335"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIrbqt9tsERv4yCq%2FJsIML6cfYaDOme0c2Xv%2BuEQgRZoZE2qeiwRF3kK6VAUV4SY0h5R1gn%2BzT0IUug05kjcVkEMUaiJ%2FiLa5a8La%2F58IawryGGslbh%2FTJWeLgrjfXn%2FEoPO2wszcTgMzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fd1b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/mcafee.png
104.21.8.75200 OK 2.8 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/mcafee.png
IP 104.21.8.75:0
File type PNG image data, 178 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 87b6da0e29bccb3f2031f8e844461a0a
82913e467ab9af87016e89e2afd885f7581e3c12
6fd1fe34a741dbad38a25cd795227c75e8888e4d68f587c6ed009a2fc8e89af4
GET /no/images/mcafee.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 2814
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "afe-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m10FnAWFd7l75Or0NbKznztkzJoX4ajwmuipM%2FDW3mN2HOAVGBspBFurMc20YrrZZLy3EysZvzNxoYfJNdLr6A%2BEbn2vX9zBjrodEVFywt%2BiGxKa%2FO%2F4FGgFygrh6H3Gw1fXsCYk4Qsnew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fd8b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/mastercard.png
104.21.8.75200 OK 2.4 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/mastercard.png
IP 104.21.8.75:0
File type PNG image data, 195 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash dacb21c2d17bd1f61fc076840b39c1a5
bbd10f8b6e604908c67508cd79405d8fe955b7bc
0939e5f32ee8167e8cf63dc1b12a9d0775afd30efcbb030defd14656889a4712
GET /no/images/mastercard.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 2355
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "933-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFmF4ggyY5ldYyIbPLu%2Fkento6ov5qZP3e9IEGMkmtfzKHsxWyNjAfE95n71jXwgjXPwPYpynN1UW5dAJwpd6vUQvTG0YTqoh0q0q4mrD0ag9jXI3Mh%2Fe3PjaYsX7vD%2FQsZOdbqm%2BvN5TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fdeb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/arrow-hide.png
104.21.8.75200 OK 194 B URL HTTP/2 bitcoin-now.gugekes.com/no/images/arrow-hide.png
IP 104.21.8.75:0
File type PNG image data, 22 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 13b128f47e5c68a9439a6367edc01e09
ad98a4bda2fe4dce486a0077d8c61e1a99d738c8
3c29ecfe4c96f47ea10e62d508cebf55e9d81b1933910b2c242b91b4b4d78c40
GET /no/images/arrow-hide.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 194
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "c2-5ae2d8e5c0335"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkYem54iSaLt6pCFO6c4Z4ngrL1kF3Z00zhCcn2EkoMA6nzTAnLq05K8XJDUMvg4xZBWWcY8Hn2y3NOUgCizkUXhyI6RSnhsWLQEwhzmgFF7poK09KTErkeWcD0hLNh3ho0I1zNda7WKDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fe7b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/winner-4.jpg
104.21.8.75200 OK 7.4 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/winner-4.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash 6788bc0e8c392291dda1aa9b20f0fc95
c480412e8aa29df54fb588a90685a7b975577e0a
04b8d5d17c1fb91b941a90fff455ae43dba0cea1198dffe93cf3c4d8bb11edf9
GET /no/images/winner-4.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 7391
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "1cdf-5ae2d8e5c3215"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XO5mQuTOKsETFcVdUBzVa%2Fd0rpIOe3q2GUWXntalRYHk%2BJq%2Fnq2c7NaIGtQLKofD%2FqAvZ1l6bnpz2ETCQE3BDrj0slmQR1uuWMvkNaEEmW9TSveDP42e8CIdiMj0uX7GlIEYwd4WXRWwKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fe8b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/arrow-more.png
104.21.8.75200 OK 194 B URL HTTP/2 bitcoin-now.gugekes.com/no/images/arrow-more.png
IP 104.21.8.75:0
File type PNG image data, 22 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 13b128f47e5c68a9439a6367edc01e09
ad98a4bda2fe4dce486a0077d8c61e1a99d738c8
3c29ecfe4c96f47ea10e62d508cebf55e9d81b1933910b2c242b91b4b4d78c40
GET /no/images/arrow-more.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 194
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "c2-5ae2d8e5c0335"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPbZKoTCvCraPHuujfYiFIkDMxZLIzad6%2FP5H74TVR3eZWMSqqU0EBDTTXhwYKb%2BigtM0OX7GRqFAYaVwPsnlm%2BQZJMkv4NjkOPEEuDlSVljglQ3WlmaNp%2FfXGlwXN3vctSGb4PaVVXJWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fe6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/news.png
104.21.8.75200 OK 4.9 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/news.png
IP 104.21.8.75:0
File type PNG image data, 421 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 258c78f9e4fde0ef2fe3ead15f56b6aa
36dc07df5968528e4c7db8394736f412b4241e52
34fb9a079b52e3c69c3d8e0e9c44debe07087847203a688aec16b11ef9658310
GET /no/images/news.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 4930
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "1342-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQyWZgq63K55nxTg6dEjtb6rHumSF22VGvqFE8kgm74eyADs5PvLTs1DXekQ7HaVirrbuu9EGG7E48bcMcqN7C5BMh2qDwx9rjY9WoEHjFDB5MmQ%2FcyRMCfjEu0wnkor%2BUBjKKJQIGzuog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fe4b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/girl.jpg
104.21.8.75200 OK 39 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/girl.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 552x640, components 3\012- data
Hash 9a6143a64187e4503f8ab49a86e1253f
7803f71c0c3ba527ddab1fb5e9ce4f328fa51389
79a26b81a1e8082605ae24a7072732a934da14706a704667fe22c04271784edf
GET /no/images/girl.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 38828
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "97ac-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IltmRbFY5PBZmuijBx9aYjgK2eBUiu9teA5Z67DH9E5U1v4fpbKq9CwzG25Rb%2BOxolQV6SErkXhHk6y%2BN70ZorUMYu82FKWIzLxYysOIHLywSU0emp%2BKN0bIcwfLOgsyo9wB8oTH1SpQww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fe3b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/winner-1.jpg
104.21.8.75200 OK 27 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/winner-1.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 165x160, components 3\012- data
Hash f7c244f281b82d6ef8a0ea2095ddf0bd
d6972aee888b3bf961b6f6df5663377a845b8b90
88a53448024dc6e280b1f2b863d530231bd091e0e9c8284d595ce318012f5aa2
GET /no/images/winner-1.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 27417
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "6b19-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FYatwWTje5Ftdiz60Sg1lDJqE1Yv8LU1oiJu98zUtSBxD8%2BeR65P46ccMFWu0kq6XH1NFP6s2lCLE5QqPxnhvAu7iGwzNL88V6q%2BeYpDUfZ7Dk5zylObJ2nICi1%2FjyZ5FZ1ziuknbHntQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fe5b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/logo-secure.png
104.21.8.75200 OK 2.1 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/logo-secure.png
IP 104.21.8.75:0
File type PNG image data, 56 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 45062541f7b3118879867be25db1061e
2677fb34f1db4967923f82e6f3974c72c80b9945
a435b8877cffd4c48abf820dbaeab0a5fd77e6fb51148fc491874ca0370d0f0f
GET /no/images/logo-secure.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 2136
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "858-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7%2B4%2B0emGRs9ihTDuvFf6mhqcpTVeMEo6HdnqpZw%2FAaVTzdM7DucJWHr3wrm8q7QiLMCDmlypeZsxJwR80iaecCGdH8lT9brKMflHZQUv1f%2FMxxcGRlXZvRE2h0Wz4F7alWyGQhUGy98MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fe2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/winner-2.jpg
104.21.8.75200 OK 6.6 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/winner-2.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x160, components 3\012- data
Hash d715cfecbe46a65a0df4fb0118205e81
e8e40e2fb4c546723ca8fb043b4261170beea234
093cbb89a7d9c694e178aa3f7253971654c512c3ef0b31c2fc47aa1f63056bae
GET /no/images/winner-2.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 6615
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "19d7-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVfvFqcCXXiSPzYd0NOgrWr94sfRgKOF136Tmfcz6X5%2BKCY2rtPUpFIAFBjihGjwmVmRbkJruwR%2FgZ%2FbIRp5gOJe88NdpM1iZ1Rru%2BscnDalbecRDfjfIdpwjNetNBDglN8cbErzxhXq9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8323feab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/winner-4-big.jpg
104.21.8.75200 OK 33 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/winner-4-big.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash 70316b1abf4d3f1aed5af623a4d1bc61
656dd7db022bf8761acc4d8deb9715c18b49f769
0ac43344fe2b7ef36ab6e92b841d8b2e18e6348dd701ce236af3c9d3577715b0
GET /no/images/winner-4-big.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 32736
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "7fe0-5ae2d8e5c3215"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgBjNKu5iw2f9hVybT0v0pMSHvbO7G1GlkGau6ZbM4sR9fGaV8cTJEuipKUnw0vMW7QCdA1XAY%2FHjacNHkFWxfemKQ%2BwSJ83vzCvhC%2B1rgatlrnkuvUaK7M5cMVbvoOsxuRhiqV03xBjzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8323fedb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/winner-3.jpg
104.21.8.75200 OK 37 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/winner-3.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 165x160, components 3\012- data
Hash 1df9730db0c2aa14619c70b186d024c8
5aa68a7448c4e12e9194b06cdf8ac7a968ec3731
d1cc520c57effd7332520eb9e4818744de33a61b47cf68d67fe3cab079d09d81
GET /no/images/winner-3.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 36997
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "9085-5ae2d8e5c3215"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjB3GKjoq7ZDSXMsjYoJ3EGEOs8PUduS4BIQHbFI6Zb7hXFpx8Adhmf8KT7tU1EMA6VcQ5JAphvxm0Ofkgf2cW0OfLpSRWRKKkgLUOGITTQkwW5lDLY23kMm5Jtu9YHuU%2FfuAntZ1JfEUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8322fe9b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/winner-1-big.jpg
104.21.8.75200 OK 111 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/winner-1-big.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 266x540, components 3\012- data
Size 111 kB (110901 bytes)
Hash 2adaaa8bea730c893a23ef846488aba7
c6466411ee5b1780f083f4f8b317416cc19ed5e8
3d721d00a999bf0593fb78ac80d87132da24ed8f2664ea261e207dee7343c5f0
GET /no/images/winner-1-big.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 110901
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "1b135-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcCzkhbDCdJISPRkqP0zqwwBJubeWCG8rb4vYqz06ntBvGCCGIGT9IWtwMTIyPYkc6JAE%2BroRsOGotJR2K4LzX9JJ4Ew1kMN%2BjRc7gqcudbmj2txVw30ARVSaCeL32UKzRL%2B7oYDwZKVvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8323ff1b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/winner-2-big.jpg
104.21.8.75200 OK 29 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/winner-2-big.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 263x540, components 3\012- data
Hash f58523d3827ed06e1d9f13988756a422
6b94f68929d120b3f94b68ab9e9c4e3517a80e01
54fc61b152336f77f47c89a5eec4a340500d4656fcd69f2640fd716d542b0e98
GET /no/images/winner-2-big.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 29446
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "7306-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuqnS5tLnbVxgccOOuNYXGe2p8TeKlVPGVLWc6bl%2Fikw5wAt307VQS3iIwXKHfxkS2%2FXlkv1lEgy9iebEUSUky95e%2FnwkFwzd8PU%2Fy6CIXSzIPaPCzCOm%2FziCR4cEobFn6l%2BfM6y%2B5209A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8323ff3b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/question-img-1.jpg
104.21.8.75200 OK 225 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/question-img-1.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 650x400, components 3\012- data
Size 225 kB (224790 bytes)
Hash 83c2b18fc5fc01f7e327fe1b200632ca
382cf15572716f11afed7cc4eda9754980ea8902
b30f3313447b421ac4ad4f10f699004ff5fa37fc7b51ee057871df92a97967a9
GET /no/images/question-img-1.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 224790
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "36e16-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqAK6pPdwlKQiTJYCOivc3C5tMdviuUUMuCYk%2FTc%2BtT1153OZbfHJjX6wstIhKX9vxinN11NomlDnF%2B3BOGqqhqphKh6PPHpvhMFNmuBRUkBuw1QWPhMx1OxJNk8PSQRD%2Fcs1r2uAXm0AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8323ff4b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/question-img-1-mob.jpg
104.21.8.75200 OK 75 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/question-img-1-mob.jpg
IP 104.21.8.75:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1588, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=970], progressive, precision 8, 211x345, components 3\012- data
Hash 1daa8293ecca4171e210976e0668bce5
47b765eaba90147277541cb3506457f2c79c577c
1654ab424c16995c5e454324c956f3d628a4146b7a8c11d1f80e8049a4f14a8e
GET /no/images/question-img-1-mob.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 75262
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "125fe-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr0fBq4TiZOk0pvPXFidJ%2FdmF4bopSeFlXqNJcAi2sBqzz24LXvmex3OuB4%2B1JvbTnWf6w9RtcGcmUWR05ysAZODeDLHAPqjl57gWW4pLfbNQx%2BtCzWudfIy5Nou9absxMWYU67lT8haOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8323ff7b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/question-img-2-mob.jpg
104.21.8.75200 OK 56 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/question-img-2-mob.jpg
IP 104.21.8.75:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1588, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=970], progressive, precision 8, 211x345, components 3\012- data
Hash e9200aaa9d85eff8c99359578c786def
99e2e802bfc882dcee5659f1ec2561c861640199
b3e267f4807ee0124c2fafb2ebe56759e830bce3b735c13ea774ddd32bb8d78a
GET /no/images/question-img-2-mob.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 56031
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "dadf-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th50ItcHOyuaoryt7%2FQEMZaTHE5qz72jFpUmZpWMYgr2B516bwNIvgfqJmdo9lj2ZhSy%2FUCfOlhfaiJjrt8TeEm4nZYXa8SUkkUE9%2F4gBh40yA%2BeF80EB1FOuF9HCElLBo5t9vx%2BhxuD4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324ff9b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/question-img-2.jpg
104.21.8.75200 OK 126 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/question-img-2.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 650x400, components 3\012- data
Size 126 kB (126193 bytes)
Hash 0a09a50b3c2c21551779cf46ce473784
7c2ecb19ec5790c850147ad83a04dd6589f9a38f
cde40b638254a00393bc2acb88acde723ffe8937fca0a3597d0d7c7d50e6dc17
GET /no/images/question-img-2.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 126193
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "1ecf1-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zTAlR8Jq0d5lFQwTm6LtuZgxb%2Bwlj0TnrgqDC5sI9jR713AgGQSPyTFTkVGYj1RwATFGb%2BZh%2B%2F6Et9tyKecwHnHVtB58bDXIIGo39zLXRbaecttKQGZuVm7yZhiQqFuSy7dGNT%2B11SOgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324ffab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/question-img-3.jpg
104.21.8.75200 OK 65 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/question-img-3.jpg
IP 104.21.8.75:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1588, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=970], baseline, precision 8, 312x511, components 3\012- data
Hash 2969353ec669c4a670464339e0200aac
005b7a977579f798fee6cd0d0458f50f58527362
5a54143606df25b867d1d086277980f8cbd97f09e40e0469c66c73837c8e8f94
GET /no/images/question-img-3.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 64801
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "fd21-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR88rR6U4vyiNbvopGNjPej%2BJbCXi9DCPfXOdi9rJIgPGVAvlfcsI4ro12d7QeLl44smYI9rxV7z0WNWMiRAKtvqV%2FOkbeH%2FdpSY1aTdzSXmHQY0IdM7ZioqLVlrF7mkp95PqoxLpE%2FzzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324ffbb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/winner-3-big.jpg
104.21.8.75200 OK 138 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/winner-3-big.jpg
IP 104.21.8.75:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 266x540, components 3\012- data
Size 138 kB (137585 bytes)
Hash f8a57e5f61c140819f1d2d18f8bf9e4e
652bf83227211643e2d50fb713fb5e94bcfe266a
6925214774e3846dd376830c0742dedb0468aa1d891af9535eca387a181c5fb7
GET /no/images/winner-3-big.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 137585
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "21971-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mg5J5C3c7Hijc3a0Nq4vSmLLOJ3P5n5EtcUFYJ%2B0KYNWoK4HqBGtmW7tj53ovwbPwvljv5u%2Fx8aWzc3EOdZXjdT3WyrpDQmmSPXTkzMLM8Udmocd251YZv2dOVI%2Fd0QtW6X5agY8bq6jKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8323ff2b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/question-img-3-mob.jpg
104.21.8.75200 OK 73 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/question-img-3-mob.jpg
IP 104.21.8.75:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1588, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=970], progressive, precision 8, 345x565, components 3\012- data
Hash bafffb92a0d927a88d56731121fc7ffa
2fd9c0641f6b3461e8e2b0dea1028f4dec82320b
a7b7b68032445f1cf5c8956ccf4bf7b21d16a61ab882ed9e892192554bf8dc2d
GET /no/images/question-img-3-mob.jpg HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/jpeg
content-length: 73202
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "11df2-5ae2d8e5c2275"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7351
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKMoJnN5r7c1Quykar9arPrcMe9VjOHoVedR4gKj44MPH928gqZex07F%2FgK%2BQBelI9Q%2BRv5DQxzNftQ0E39aVSKF1zIGLhgvfiuzxi3KOwRMqdWx7e0w1f5wWA6GCnoPqLIm6dcDcBLzdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324ffcb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/images/phone-footer-mob.png
104.21.8.75200 OK 57 kB URL HTTP/2 bitcoin-now.gugekes.com/no/images/phone-footer-mob.png
IP 104.21.8.75:0
File type PNG image data, 345 x 287, 8-bit/color RGBA, non-interlaced\012- data
Hash ace158c523ceadbc27b2980efb76da71
c154a5b7f4c5fd09581982a1dffb773ac3d4b30b
501c93c15e408a7f90b5c3c284bdf4f11e3245dd7afd146dec4fb2f1bd2be867
GET /no/images/phone-footer-mob.png HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: image/png
content-length: 57137
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: "df31-5ae2d8e5c12d5"
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 7351
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igNYkSy9o14o9hVPy81TC9SIIgdHYuw0rF6830jDr2QrV%2FzR15sRBBte%2FTRi2uTsa8ER08eb61nHpc6tHJVOqfLLQXmIpHYjBCej8sKu7jSmuPYsn5l0jn5O39oHm3CPMpcd4j6O3JtHzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324ffdb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/gD9mndZ-HVA
142.250.74.163200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/gD9mndZ-HVA
IP 142.250.74.163:0
Hash 07cc4b3d5e56f43a87a9d88cbaa82261
eca60c294a062b8e229ea76dadfc2a63183bcd7c
7ef6f488472c0f36e0a0500972565d16ffb90b513f2b098ea541e6caf5d7ba95
POST /s/gts1p5/gD9mndZ-HVA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12306
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 00:58:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12306
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 00:58:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12306
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 00:58:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12306
Expires: Thu, 09 Feb 2023 04:23:36 GMT
Date: Thu, 09 Feb 2023 00:58:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c1f5626e7ff7e681468c3c5820f3633
a8bb267f929b734a53b3dab0283c717270f6eb43
38d81274cc9f71f149091f72494c74872d99909c69d612a595c930c4755c4da3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 1b0f88cf-460b-4ed2-8235-86c9e3e3ff93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffW2uG3LIAMF3cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d604f7-42e5c38315bdbd47615985b6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 05:32:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nfLYmz3SEBzBp32-FDPDF-rqh4-pAjLixYD4abVqF5fl3awttBNRUA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:47:56 GMT
age: 7834
etag: "a8bb267f929b734a53b3dab0283c717270f6eb43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10fd2f55fa0cfb8616ded6ddc2bb511a
996ed68f1b9770a19a97f6c8d359e338b8c8b3ca
e552d31a5e531386b9830bb58486f09bfcb3400676f726f93fdbea08336a09da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 658f8678-b67d-4f98-b728-cf9cbad3aa86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ABI38GUpIAMFY0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e38832-2ab19d0f2345fc7515775298;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 11:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBM94J-bP0KLv3VUKHBQcndevBxzLc1rQ27Mc4Z_C-CGOyCH_FlKDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:14:59 GMT
age: 30692
etag: "996ed68f1b9770a19a97f6c8d359e338b8c8b3ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:24:16 GMT
age: 59654
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ed633b05ccadc8b87e83413641f1ef
aafed39990cf6a3391d53355085d816167a500fa
c9202e36b231d0a9a9cba1ff8f570e5b0fbba215eb6b28e3989fd442ee7f5835
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8717
x-amzn-requestid: dbb8b5a2-d3f6-42e2-8778-da19de081cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2c0LHaiIAMF5cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df41b4-309b6b1f651f68453dd52f55;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 05:42:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hBfl0rPzn_iOD9xRlc236_IEvyGlK5WteH1y4cd0aYxlFzd3RVfgkQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:47 GMT
age: 11743
etag: "aafed39990cf6a3391d53355085d816167a500fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb7c8b758fe17f6c06ce2bebb5008495
032d747cf20951f6ca6fd51489fefd7c09c4948d
835d89e028ec4c85a845f2835cb5eddb9653937f6736e2713b671419474608ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12811
x-amzn-requestid: be33f9ef-31cb-4572-9f22-0a433423e195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChzZFiWIAMFgmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4167b-70ed2a756b8da4372ccc1f83;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:39:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HB03bmBiXVTrYbU01OssMQ_EbKhhFPhoUa-qcze2ZgD9Hr48Q8mEbQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:15:23 GMT
age: 9787
etag: "032d747cf20951f6ca6fd51489fefd7c09c4948d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc553a8677d9c0bf4835a0c29a7345c
ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8
e821faf86e44f2b9c9d5bd8cd3575c0a99acfc58774077034c413e345a7c0c0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: a900a5b4-85cd-4817-8e70-2516eb33a0a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fox8IHMuIAMFdHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c9e7-1122726b315a7c5623d1ff3f;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 02:09:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0giOb6VA3jgf_3ep6DqSBrFhYz8aBNWTjxpitvm9NWe2oNQlJ5UbEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:09:32 GMT
age: 10138
etag: "ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bitcoin-now.gugekes.com/no/css/index.css
104.21.8.75200 OK 30 kB URL HTTP/2 bitcoin-now.gugekes.com/no/css/index.css
IP 104.21.8.75:0
Hash 8ea8e982925c10fe163e50852e049e02
dc95fb6995b3344b554fb797e9bcdc48bd1edd87
3791cd13dc5de27805ce371b59c8814c41ca0820c744e05c70b0df621cef413e
GET /no/css/index.css HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: text/css
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"9349-5ae2d8e5c0335-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scAn%2FmZQrV2ynL%2Bey2HW5H153tmu0LnfklNFa%2FNElFzWP74fuSx7PWkW57O79R0tW8dnkgp%2BwWBMwHFe4Ego9o0wV1J4JrBVgRm4RFfzSct0rk3TjKFKnZ%2FT1h56cXdtRJ6KKn03GDsGWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fc7b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
172.217.21.174200 OK 7.7 kB URL HTTP/2 s.ytimg.com/yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (783)
Hash 8a16a770683ddcefb4bf88b49fdf94f8
96eb759723f032cfade39ca4de4082166aca8be4
173795ca8b1880e750ef95ad05a896e225a530f2aa27536ba3d15c6603a22d8e
GET /yts/jsbin/www-widgetapi-vflN2g023/www-widgetapi.js HTTP/1.1
Host: s.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: https://www.youtube.com
content-length: 7738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 18:54:58 GMT
expires: Sun, 12 Feb 2023 18:54:58 GMT
cache-control: public, max-age=691200
last-modified: Sat, 23 Feb 2019 21:30:08 GMT
content-type: text/javascript
age: 367412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 529828
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:20:45 GMT
expires: Tue, 06 Feb 2024 17:20:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 200266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
216.58.207.194302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 09 Feb 2023 00:58:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 00:50:50 GMT
expires: Thu, 09 Feb 2023 01:05:50 GMT
cache-control: public, max-age=900
age: 461
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/6D1MIjhka4s?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=6D1MIjhka4s&mute=1&enablejsapi=1&origin=https%3A%2F%2Fbitcoin-now.gugekes.com&widgetid=1
172.217.21.174200 OK 28 kB URL HTTP/2 www.youtube.com/embed/6D1MIjhka4s?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=6D1MIjhka4s&mute=1&enablejsapi=1&origin=https%3A%2F%2Fbitcoin-now.gugekes.com&widgetid=1
IP 172.217.21.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash a8aac4ad77cdb89c9ae4e30d2b434ad4
b4e67d20e9f81b693b333d4a0c7568a76a624324
a7314ff4a532fa116ea98c911a5784f4185a38a773d4049a18aebc1f652ee661
GET /embed/6D1MIjhka4s?controls=1&disablekb=0&loop=1&modestbranding=1&rel=0&fs=0&showinfo=0&autoplay=1&playlist=6D1MIjhka4s&mute=1&enablejsapi=1&origin=https%3A%2F%2Fbitcoin-now.gugekes.com&widgetid=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 00:58:31 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=WhgwqOCUNTY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=52lGGy_gb1Q; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 00:58:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnprMU5ESXdOek01TnpBMU9EY3dNdz09ELeKkZ8GGLeKkZ8G; Domain=.youtube.com; Expires=Tue, 08-Aug-2023 00:58:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+916; expires=Sat, 08-Feb-2025 00:58:31 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js
216.58.211.4200 OK 14 kB URL HTTP/2 www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js
IP 216.58.211.4:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a72a9cb71841fbd9df6502c1ae94e6d7
27c0e02ddad7adec3ff2cbeb134d2cb7320cee37
40fdb6d71f277b3f81579b9bbabe3e1edaaecb2a651bfc632041038946131287
GET /js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:00:59 GMT
expires: Mon, 05 Feb 2024 22:00:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
age: 269853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 25aa490af32a98e30ac9da0dce385b2d
b062d716388ab7895c15330b50ea681bd656c1b9
49546d12aded05e1d31687ec22ca113c85c55181d05b7b5f8e35285024030238
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 Feb 2023 00:58:32 GMT
server: ESF
cache-control: private
content-length: 30832
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 433af7e1e2f0f14adb78a739bbae1832
fab933db47af9ab3f4f86befee579ac9972b82fd
a6be621f8cdc57bd55a8e73ff58a34b6a816eb558cb88b49cc031222042f82a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJV0Wcdqw5AXFbkPXy2q7ui41HoDWEEUcJtZqA=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJV0Wcdqw5AXFbkPXy2q7ui41HoDWEEUcJtZqA=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 8ba3a21cea9c1b20ef092154f5ec873c
73fd59cffe528f061b7ca06762a2267e669383de
5403d7af7a0adfb77adf677f3e3b5c38d3555a484d0bc60340c5cfa08fab6f64
GET /ytc/AL5GRJV0Wcdqw5AXFbkPXy2q7ui41HoDWEEUcJtZqA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 10 Feb 2023 00:58:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 00:58:32 GMT
server: fife
content-length: 1003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 433af7e1e2f0f14adb78a739bbae1832
fab933db47af9ab3f4f86befee579ac9972b82fd
a6be621f8cdc57bd55a8e73ff58a34b6a816eb558cb88b49cc031222042f82a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 09 Feb 2023 00:58:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash dc2798312fe4d3d2390fd40a1bc8bc3c
14c1f7feb11ffdf84af52086c5694e2dcdb053e0
27eca77abc6bdf4eaddc82114194931a23e51a7512f7276b555825e2a60e59cc
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1072
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 09 Feb 2023 00:58:32 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4a78eb228548cddadb00d933843f7206
a430424163ec1e42a6b9422c1c5bb1157e694c6f
cd25bcf0668c26c0ed9c4ef956ddfd77f36c2370396806f577f9dbd24f0dcce0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4a78eb228548cddadb00d933843f7206
a430424163ec1e42a6b9422c1c5bb1157e694c6f
cd25bcf0668c26c0ed9c4ef956ddfd77f36c2370396806f577f9dbd24f0dcce0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=243&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2006250&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=video%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=3951551&dur=128.761&lmt=1664126075943462&mt=1675904015&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1216224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKw_BUZv5YIjtBsO_yqaWV4YV1pkba4Pqx1E7TRH3F0xAiAJIYLgEKJ46Yi8WRyGqNKxrNfnkyqnIJBk0ZS9a7oMcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPVPkBx6z_bz-L6pmB-bXCQg5MJy4UwxWEVqYuo8YX3LAiEArgpDhTmX_PKNtrHSIL7BNwtncP1IgsDo5PCDmJsyOLA%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&range=0-104533&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=243&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2006250&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=video%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=3951551&dur=128.761&lmt=1664126075943462&mt=1675904015&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1216224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKw_BUZv5YIjtBsO_yqaWV4YV1pkba4Pqx1E7TRH3F0xAiAJIYLgEKJ46Yi8WRyGqNKxrNfnkyqnIJBk0ZS9a7oMcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPVPkBx6z_bz-L6pmB-bXCQg5MJy4UwxWEVqYuo8YX3LAiEArgpDhTmX_PKNtrHSIL7BNwtncP1IgsDo5PCDmJsyOLA%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&range=0-104533&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1065), with no line terminators
Hash 88e1fa158d47af752d5d6111ccb53cc9
9af1c63be6968027f552b6aa633f654261b536f0
a30e3bfd960220dfe5378a07a2b9209ddb6f143799b688ff0c392af5f2837c5e
POST /videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=243&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2006250&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=video%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=3951551&dur=128.761&lmt=1664126075943462&mt=1675904015&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1216224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKw_BUZv5YIjtBsO_yqaWV4YV1pkba4Pqx1E7TRH3F0xAiAJIYLgEKJ46Yi8WRyGqNKxrNfnkyqnIJBk0ZS9a7oMcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPVPkBx6z_bz-L6pmB-bXCQg5MJy4UwxWEVqYuo8YX3LAiEArgpDhTmX_PKNtrHSIL7BNwtncP1IgsDo5PCDmJsyOLA%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&range=0-104533&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 09 Feb 2023 00:58:32 GMT
Expires: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1065
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=251&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2006250&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=audio%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=1860087&dur=128.781&lmt=1664125992441697&mt=1675904015&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL7pqFSGw0SnlGHJzZGSaOkZ2Rr3XWcuP24ct0BHociBAiAsalbgqfED4nljl_fLo_s1qycoALBYICTJ1lwIcp_NMw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPVPkBx6z_bz-L6pmB-bXCQg5MJy4UwxWEVqYuo8YX3LAiEArgpDhTmX_PKNtrHSIL7BNwtncP1IgsDo5PCDmJsyOLA%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&range=0-66019&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=251&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2006250&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=audio%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=1860087&dur=128.781&lmt=1664125992441697&mt=1675904015&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL7pqFSGw0SnlGHJzZGSaOkZ2Rr3XWcuP24ct0BHociBAiAsalbgqfED4nljl_fLo_s1qycoALBYICTJ1lwIcp_NMw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPVPkBx6z_bz-L6pmB-bXCQg5MJy4UwxWEVqYuo8YX3LAiEArgpDhTmX_PKNtrHSIL7BNwtncP1IgsDo5PCDmJsyOLA%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&range=0-66019&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1033), with no line terminators
Hash c1fc4ad8069830720f566c30b283835c
5ab564254809ba2ffed0c47caef12f3c055e51c6
757e185e3ce38233ca6d30ed58cf7fbe0c057a65ebe0ac8f163f7f56b32d2107
POST /videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=251&source=youtube&requiressl=yes&mh=QH&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2006250&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=audio%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=1860087&dur=128.781&lmt=1664125992441697&mt=1675904015&fvip=1&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL7pqFSGw0SnlGHJzZGSaOkZ2Rr3XWcuP24ct0BHociBAiAsalbgqfED4nljl_fLo_s1qycoALBYICTJ1lwIcp_NMw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPVPkBx6z_bz-L6pmB-bXCQg5MJy4UwxWEVqYuo8YX3LAiEArgpDhTmX_PKNtrHSIL7BNwtncP1IgsDo5PCDmJsyOLA%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&range=0-66019&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 09 Feb 2023 00:58:32 GMT
Expires: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1033
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 4a78eb228548cddadb00d933843f7206
a430424163ec1e42a6b9422c1c5bb1157e694c6f
cd25bcf0668c26c0ed9c4ef956ddfd77f36c2370396806f577f9dbd24f0dcce0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6cdb3ed6c58a99c8e56ae787b2fe0342
5b1152a01cf1a8be9129bf18a57291d2a9adc02e
9244027a06ce46145b9ef5c48cc47bc04add05e0dc52f00c9f2205f84129e6ef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6cdb3ed6c58a99c8e56ae787b2fe0342
5b1152a01cf1a8be9129bf18a57291d2a9adc02e
9244027a06ce46145b9ef5c48cc47bc04add05e0dc52f00c9f2205f84129e6ef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=251&source=youtube&requiressl=yes&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=audio%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=1860087&dur=128.781&lmt=1664125992441697&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL7pqFSGw0SnlGHJzZGSaOkZ2Rr3XWcuP24ct0BHociBAiAsalbgqfED4nljl_fLo_s1qycoALBYICTJ1lwIcp_NMw%3D%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675904253&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgZ7KoB5eOqSVGpyMVyo6l_Vcp7lZkPDPXA74DCOw4oDQCIQC1EAAuIgoF0EhpsxT-Dxg4cvAbibLm9a4jBFLKfq_NrQ%3D%3D&range=0-66019&rn=4&rbuf=0&pot=D9J87ABBAa0n0kQQib_G_xXaicf1oayKm_HK84cY6-mkVMhlsd7iZWSN0L-7kUG8PYKmjAZ7rBJg3WZwEfHZ1vhk-yMU7BRbOz4jEpyj9am4ozCZPlaz28DPEIR-qVOecw6CFwU=
74.125.111.70200 OK 66 kB URL HTTP/1.1 rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=251&source=youtube&requiressl=yes&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=audio%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=1860087&dur=128.781&lmt=1664125992441697&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL7pqFSGw0SnlGHJzZGSaOkZ2Rr3XWcuP24ct0BHociBAiAsalbgqfED4nljl_fLo_s1qycoALBYICTJ1lwIcp_NMw%3D%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675904253&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgZ7KoB5eOqSVGpyMVyo6l_Vcp7lZkPDPXA74DCOw4oDQCIQC1EAAuIgoF0EhpsxT-Dxg4cvAbibLm9a4jBFLKfq_NrQ%3D%3D&range=0-66019&rn=4&rbuf=0&pot=D9J87ABBAa0n0kQQib_G_xXaicf1oayKm_HK84cY6-mkVMhlsd7iZWSN0L-7kUG8PYKmjAZ7rBJg3WZwEfHZ1vhk-yMU7BRbOz4jEpyj9am4ozCZPlaz28DPEIR-qVOecw6CFwU=
IP 74.125.111.70:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash dee1d006ee76e6f0a258db0cc1c88528
9f840ad81c5b1ebed2c5b3f91d0745035bfcf30e
28bd31414e24359555fe7b997876c57ce6e76fc3ae113b0fbb3ef138605f8be3
POST /videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=251&source=youtube&requiressl=yes&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=audio%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=1860087&dur=128.781&lmt=1664125992441697&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&txp=1211224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL7pqFSGw0SnlGHJzZGSaOkZ2Rr3XWcuP24ct0BHociBAiAsalbgqfED4nljl_fLo_s1qycoALBYICTJ1lwIcp_NMw%3D%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675904253&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgZ7KoB5eOqSVGpyMVyo6l_Vcp7lZkPDPXA74DCOw4oDQCIQC1EAAuIgoF0EhpsxT-Dxg4cvAbibLm9a4jBFLKfq_NrQ%3D%3D&range=0-66019&rn=4&rbuf=0&pot=D9J87ABBAa0n0kQQib_G_xXaicf1oayKm_HK84cY6-mkVMhlsd7iZWSN0L-7kUG8PYKmjAZ7rBJg3WZwEfHZ1vhk-yMU7BRbOz4jEpyj9am4ozCZPlaz28DPEIR-qVOecw6CFwU= HTTP/1.1
Host: rr1---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 25 Sep 2022 17:13:12 GMT
Content-Type: audio/webm
Date: Thu, 09 Feb 2023 00:58:32 GMT
Expires: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 66020
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6cdb3ed6c58a99c8e56ae787b2fe0342
5b1152a01cf1a8be9129bf18a57291d2a9adc02e
9244027a06ce46145b9ef5c48cc47bc04add05e0dc52f00c9f2205f84129e6ef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=243&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=video%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=3951551&dur=128.761&lmt=1664126075943462&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&txp=1216224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKw_BUZv5YIjtBsO_yqaWV4YV1pkba4Pqx1E7TRH3F0xAiAJIYLgEKJ46Yi8WRyGqNKxrNfnkyqnIJBk0ZS9a7oMcg%3D%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675904253&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgN-8_-2DcyCqiRL1u0Zs0yIzDFWLZPstpvrJ3jAX5SiwCIQD_LCP9e05nsyI4GTiiPybHj4CXDGVmhAmEc8ZEZFs4jw%3D%3D&range=0-104533&rn=3&rbuf=0&pot=D9J87ABBAa0n0kQQib_G_xXaicf1oayKm_HK84cY6-mkVMhlsd7iZWSN0L-7kUG8PYKmjAZ7rBJg3WZwEfHZ1vhk-yMU7BRbOz4jEpyj9am4ozCZPlaz28DPEIR-qVOecw6CFwU=
74.125.111.70200 OK 104 kB URL HTTP/1.1 rr1---sn-5go7ynld.googlevideo.com/videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=243&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=video%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=3951551&dur=128.761&lmt=1664126075943462&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&txp=1216224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKw_BUZv5YIjtBsO_yqaWV4YV1pkba4Pqx1E7TRH3F0xAiAJIYLgEKJ46Yi8WRyGqNKxrNfnkyqnIJBk0ZS9a7oMcg%3D%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675904253&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgN-8_-2DcyCqiRL1u0Zs0yIzDFWLZPstpvrJ3jAX5SiwCIQD_LCP9e05nsyI4GTiiPybHj4CXDGVmhAmEc8ZEZFs4jw%3D%3D&range=0-104533&rn=3&rbuf=0&pot=D9J87ABBAa0n0kQQib_G_xXaicf1oayKm_HK84cY6-mkVMhlsd7iZWSN0L-7kUG8PYKmjAZ7rBJg3WZwEfHZ1vhk-yMU7BRbOz4jEpyj9am4ozCZPlaz28DPEIR-qVOecw6CFwU=
IP 74.125.111.70:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 104 kB (104534 bytes)
Hash 62c43bff347e4e90501653d8d8608620
331de1c8049fcf154b6d4fe0a1fb52939f539576
9a023bf3aa079398ecfb6b8e52414c374fc5d2991a1d43141ccab55a3af162cc
POST /videoplayback?expire=1675925912&ei=N0XkY8qBOuWE0u8Pzrua-Ac&ip=91.90.42.154&id=o-AGvadFA67qRAsx5KZQW1eJjvg9qiiM3M_ki_zDCvb5cK&itag=243&aitags=134%2C136%2C160%2C243&source=youtube&requiressl=yes&spc=H3gIhqB25HNJ8J02cqdkYiN7p9W7J0M&vprv=1&mime=video%2Fwebm&ns=qqE9q4eKok0Wg0xMQLNZYr8L&gir=yes&clen=3951551&dur=128.761&lmt=1664126075943462&keepalive=yes&fexp=24007246,24424483&c=WEB_EMBEDDED_PLAYER&txp=1216224&n=8m5NII4u1DRifg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKw_BUZv5YIjtBsO_yqaWV4YV1pkba4Pqx1E7TRH3F0xAiAJIYLgEKJ46Yi8WRyGqNKxrNfnkyqnIJBk0ZS9a7oMcg%3D%3D&alr=yes&cpn=eiRa8h6EUMZLaHYF&cver=1.20230131.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=QH&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675904253&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgN-8_-2DcyCqiRL1u0Zs0yIzDFWLZPstpvrJ3jAX5SiwCIQD_LCP9e05nsyI4GTiiPybHj4CXDGVmhAmEc8ZEZFs4jw%3D%3D&range=0-104533&rn=3&rbuf=0&pot=D9J87ABBAa0n0kQQib_G_xXaicf1oayKm_HK84cY6-mkVMhlsd7iZWSN0L-7kUG8PYKmjAZ7rBJg3WZwEfHZ1vhk-yMU7BRbOz4jEpyj9am4ozCZPlaz28DPEIR-qVOecw6CFwU= HTTP/1.1
Host: rr1---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 25 Sep 2022 17:14:35 GMT
Content-Type: video/webm
Date: Thu, 09 Feb 2023 00:58:32 GMT
Expires: Thu, 09 Feb 2023 00:58:32 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 104534
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d7814305f961caded310b6f2089219b
efcb6a067bb023865823625e67d9de60d44685e0
3c01637a052e2394774fc8f6dd37a284afaf76b423219ecd26a89c2d8b69c121
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9846
x-amzn-requestid: 4e6cc2be-bc18-4d66-b338-833a05d0d998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsaDlGV4oAMFoZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3d49-14fc32183d3c6afb3a64c27d;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 04:34:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -Gn6wHGlx11IB8EcdbgpJVc-6BTEeIyEDyhrW7fPdCiWqdnQ89k2bQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:11:08 GMT
age: 10049
etag: "efcb6a067bb023865823625e67d9de60d44685e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/getdetector.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/getdetector.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/getdetector.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"d8-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCMA%2FrSxRUV5TKr8ouzR5v9nJO2ShmGljYXBbbBcz9cq0OreQc42AoGJDESzWcpUEwYVS9IrB%2BqRLlnXotonwFJc5VRzPaTt8woDTSjn%2FoQTxcxt4ceXPsRyKXRMGA6uQodSK8Dp6lYgJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324808b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/css/intlTelInput.css
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/css/intlTelInput.css
IP 104.21.8.75:0
GET /no/css/intlTelInput.css HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: text/css
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"5ec5-5ae2d8e5c0335-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXublSGr7khlIN64BDJLuBLM1y82y4aAOqVsgZDmwqWXQJYdbco%2BGPNNeseZorVbhRb8FhEydTZ0%2FMumF8QMLpypEYgYdXWHhyqMaVPnk7JyXfXv7oMliFLq%2FQcRDx1qYq1z1J1pAu2RKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324802b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/commonJs.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/commonJs.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/commonJs.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 12:19:12 GMT
etag: W/"30ad-5ea4895a716fc-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQsFh1YbJvWn2nlDaCwedtQqQ5GcM9ylGH9rFYgSr9RdNdG9fDfZGsHnoRs4t5e4FfFcmhO4cDMNBYeYLPU09LcYZv8CFPBmYx19g5fSsm9dig7WgoqZlgBbir%2BquXdArRSGbJ1b%2FdKCsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a832580cb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/device.min.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/device.min.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/device.min.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"a2d-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUyAij4OPUAr65EnJ346iJClUuBpoaLqT3VaXxfLAi%2FmwNLffnEZzMbH2XL6M5OPSv2Ojv3yE1ndcTkIhcoO7AAQxtj5fAnY6LZG9J4zCCTgw5gFNDxSv7EzRgit1%2FsAABCUi5CY00S%2FYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a832882ab4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/jquery.min.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/jquery.min.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/jquery.min.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"17505-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=479EGZlI8RWkeHbtZZh8KkpMzZStRC3meebaV5KboWQGGQllScFdBMgkETRNdqihv2TSb5IgJ87dOv87FOA%2BX3NOOVpV%2B20A7RHTSUyH6zp6J9Dy7SJJttbLTMo9C3A4Bj%2BFj19IKh2Y5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324804b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
IP 104.21.8.75:0
GET /no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1 HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:29 GMT
content-type: text/html
last-modified: Thu, 01 Apr 2021 16:26:47 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b77FwPPJsjTjrTQYeQaXcM7GucS7eXW83ftGuVoYyl3Ys0cA5HBi7FybGEcgD6wHsFSZcO3UxQbdZWVYWvtZXBYqo76JxobWOJOr7bfKw40j6C5DQjdOqy1%2Bxs7U4YvjvGbz70PR86ilQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a82fced8b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/intlTelInput.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/intlTelInput.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/intlTelInput.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"7f1f-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5roQ0zHaZfrWRNcNQY9VoBpHrkKPZ40RxQhPq0nin4mu%2BTpsjpwXuaQsgQHbIoUU0vBZMpLjyQAiBM65NVO9G%2Bh2%2BQ8OX1AkaDgA3ia%2FSjFWRdAAlBfECraumVrpePHulrqmSUmJLDLA7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8326811b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/bootstrap.min.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/bootstrap.min.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/bootstrap.min.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"9004-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06xFblK7u0ZoWzQEy%2F5zCIuKvcCHuDSZDnfxTiRuubMp%2B8zmXQMAk0zVrF7KUclE8ztHOWvTWCUPeR9l6wdoU%2Bbx%2FpOTwZfMd2iWKJHgtaEHmVLNb%2FFtPf8y3dsmasYiOyIm5sTQJgMYWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324805b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/css/bootstrap.min.css
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/css/bootstrap.min.css
IP 104.21.8.75:0
GET /no/css/bootstrap.min.css HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: text/css
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"22485-5ae2d8e5c0335-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6i1vk08jdOw8RUgyQkSxB8LI9lHlYvQZ5MGva9%2BK8zOyEmIMUxJ%2F6SJBkIxZyXLJrjlssgU8oeaa8oN0xZI3gtYZOlURvR9foaYHEQMhTC1Zt9FKlIcAqQAgj8ZeV063o4NG4KlhXHKUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8321fc5b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/css/stylesheet.css
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/css/stylesheet.css
IP 104.21.8.75:0
GET /no/css/stylesheet.css HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: text/css
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"1dab-5ae2d8e5c0335-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62YuLVSZIVeOKWncT6i2aHtGHfiePhZtLH4l95sO2hBdGQlNPdGztIG9zDdLABri%2FW0HgJ1jY%2FZijWHSSpP6%2BpiGJr%2BeJSNN9AjtT46uOxwAynkGzbGfJde%2Brqs7ry1KXOoCBMUc3a4zug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8324ffeb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/script.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/script.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/script.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"2be3-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81ZucRcJhBF0xNuS2VXhrT03gvF9r5vCgM9FUqHdxjKZXP0k56dNA8BPeFSKKjz%2BQ5aZGAdCD%2BEL4KzyG%2FfWX179RHPPqJ6Iyitc66CCaqGY2gKFebhKKfDfX4DKFVJNXkLcQUVSJ3cnIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a832882db4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/custom.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/custom.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/custom.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"543-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HGZqe6dg%2BaUK0Phn1dwYzw20f%2BqvLylFymNJHFdf%2Bz1qf6lfm7Pk1oXzjoXlYxBGn%2BvKek%2FQkB2lmdxIjvGOXwbNifUjmOmHIi7Za8SpPMonAcTgxfttNHlb4813qWI8sBUjLGqbfMJzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a832882bb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/currency.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/currency.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/currency.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"481-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1CCdf6EaHqxZ7zv5MiED%2BCJ%2BYT89cD9vx0yOj4iFjERkrea4YRjPueTfNgg%2BmgcmdikXZHmbtTbMlLVIv646OqhUCa2rnTL8Wa8KCn8tZwuzeiuC3dyKbJsuHc51vgCN3wSUgjp8LxnoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a832882cb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/jquery.validate.min.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/jquery.validate.min.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/jquery.validate.min.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"58a7-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBdORcW%2Fg6FfcBJpUtDDg7eMNviCamC%2F%2BfEeV%2FFKyhU9PFvqEjRpk%2F3gtl9n3bIFf1WwFGkk%2BMnhqMz2LwSlIiG0YOJ1j1MNCSVtdEPBN6RHxhPI0bdGM8wAOZstwiyABohA4Wd3cx4z5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8327817b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/index.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/index.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/index.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Mon, 31 Aug 2020 14:52:48 GMT
etag: W/"779-5ae2d8e5c3215-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZlkbmiskw0Ze4E8lVReOE687yU6lhlauF3%2FrKXoHQts5McproCrdrduLI5NQ10VlaTtYC201RXI4YaLs8YyjbPsoO1q7tGaOWD0yabi9GS2XhNhSir1pwfPynj8LeBmK4ipnFNklOM6XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8326812b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoin-now.gugekes.com/no/js/valid.js
104.21.8.75200 OK 0 B URL HTTP/2 bitcoin-now.gugekes.com/no/js/valid.js
IP 104.21.8.75:0
Analyzer Verdict Alert fortinet Phishing
GET /no/js/valid.js HTTP/1.1
Host: bitcoin-now.gugekes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoin-now.gugekes.com/no/?session=be9ce58a8bef4d1aad742d2629e07299&aff_id=12563&fpp=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:58:30 GMT
content-type: application/javascript
last-modified: Tue, 03 Nov 2020 08:17:10 GMT
etag: W/"4fd0-5b32f7d4f088f-gzip"
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxst90Ip5%2FhWzb9MqXPy2XGj6l0xVWdmt%2F4a%2FLChl%2FUmawT6LZW%2BKIqDJIK85K%2FXp4WJVD9brJGGmJFk6i6oZixVHRs2zKQhX%2BgpO1eyImU6ae6lGs76fpf1rJimdEa8Wprpqf%2FaseLayw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968a8327823b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2