r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15478
Expires: Mon, 06 Feb 2023 11:38:41 GMT
Date: Mon, 06 Feb 2023 07:20:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18917
Expires: Mon, 06 Feb 2023 12:36:00 GMT
Date: Mon, 06 Feb 2023 07:20:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 06:36:27 GMT
content-type: application/json
age: 2656
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6226
Expires: Mon, 06 Feb 2023 09:04:29 GMT
Date: Mon, 06 Feb 2023 07:20:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CDdlaWITnndIbWo1rkzlibHkpTTMyLRLLIZSi2qcSQIBpmroFFUC5tsHfGSKCX7pK33fa2WIrnw=
x-amz-request-id: HSHV3HGF77DRTDG2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 06:24:50 GMT
age: 3353
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:20:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sidewayssidle2112.blogspot.fr/2011
142.250.74.1302 Moved Temporarily 186 B URL HTTP/1.1 sidewayssidle2112.blogspot.fr/2011
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c7d464e4350d082fb3a7306179136a89
005f251f97cf0c4a53687e1d101149d9fb4263fe
c2c18f26ca7116f4b17ad6682b4b0355d7898307ce319e3b3361bcdfb074bd60
Analyzer Verdict Alert fortinet Malware
GET /2011 HTTP/1.1
Host: sidewayssidle2112.blogspot.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://sidewayssidle2112.blogspot.com/2011
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 06 Feb 2023 07:20:43 GMT
Expires: Mon, 06 Feb 2023 07:20:43 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 186
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 06:51:19 GMT
age: 1765
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15933
Expires: Mon, 06 Feb 2023 11:46:17 GMT
Date: Mon, 06 Feb 2023 07:20:44 GMT
Connection: keep-alive
push.services.mozilla.com/
44.226.39.149101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.226.39.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ri8LG20lt6N0va4hGeO7pg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WdnT0QFlvgubuZ2y9UVHDZyCq2I=
sidewayssidle2112.blogspot.com/2011
142.250.74.1200 OK 13 kB URL HTTP/1.1 sidewayssidle2112.blogspot.com/2011
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6515)
Hash 8ee2ae72c9e5a3ddacdb529e53c7f13f
933e2185b6803a9b1d2aa6d1cd0e8032b953aa55
fa07d29e468b07729208a25018e51257082d30a66b3865bbbbdcb5490379e583
Analyzer Verdict Alert fortinet Malware
GET /2011 HTTP/1.1
Host: sidewayssidle2112.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Mon, 06 Feb 2023 07:20:44 GMT
Date: Mon, 06 Feb 2023 07:20:44 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 11 Nov 2022 08:03:08 GMT
ETag: W/"f2a0ae4a988c0456058f9604498a2bb7f5020964384d180f9c01654e84e9503e"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 13144
Server: GSE
sidewayssidle2112.blogspot.com/js/cookienotice.js
142.250.74.1200 OK 2.0 kB URL HTTP/1.1 sidewayssidle2112.blogspot.com/js/cookienotice.js
IP 142.250.74.1:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: sidewayssidle2112.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/2011
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Mon, 06 Feb 2023 07:20:45 GMT
Expires: Mon, 13 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 05 Feb 2023 22:55:09 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08f413d9495301a18dcad1f0dbf03952
3a5f9dfb9ae6892aab934554cf811e176168dbe2
0804eb4b86e37241393f4610bbd36ca15934bd08bf8bf12754df88f57fa79a9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:28:44 GMT
expires: Fri, 02 Feb 2024 03:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 15:52:00 GMT
content-type: text/css
age: 359521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Mon, 06 Feb 2023 07:20:45 GMT
expires: Mon, 06 Feb 2023 07:20:45 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 450340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:56:35 GMT
expires: Wed, 08 Feb 2023 20:56:35 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 Feb 2023 17:54:33 GMT
content-type: image/gif
age: 383050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.weddingbells.ca/blogs/wp-content/uploads/2010/07/wbjuly_ritzcarlton_500x300.jpg
104.18.2.78301 Moved Permanently 0 B URL HTTP/1.1 www.weddingbells.ca/blogs/wp-content/uploads/2010/07/wbjuly_ritzcarlton_500x300.jpg
IP 104.18.2.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /blogs/wp-content/uploads/2010/07/wbjuly_ritzcarlton_500x300.jpg HTTP/1.1
Host: www.weddingbells.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 07:20:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Feb 2023 08:20:45 GMT
Location: https://weddingbells.ca/blogs/wp-content/uploads/2010/07/wbjuly_ritzcarlton_500x300.jpg
Server-Timing: cf-q-config;dur=5.9999947552569e-06
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 795220047e09b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ohsobeautifulpaper.com/wp-content/uploads/2010/11/Rock-n-Roll-Music-Inspired-Wedding-Invitations-Purple.jpg
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 ohsobeautifulpaper.com/wp-content/uploads/2010/11/Rock-n-Roll-Music-Inspired-Wedding-Invitations-Purple.jpg
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2010/11/Rock-n-Roll-Music-Inspired-Wedding-Invitations-Purple.jpg HTTP/1.1
Host: ohsobeautifulpaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 07:20:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Feb 2023 08:20:45 GMT
Location: https://ohsobeautifulpaper.com/wp-content/uploads/2010/11/Rock-n-Roll-Music-Inspired-Wedding-Invitations-Purple.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xojMrkQ0jPM8tZ1fTOy2ALF3DPfUD45M7kq6zoEAzH5IJ8zzAQeR5CnfPvnXU4WXmG0uJrR5kv0wDgPH63AbDco%2FClSSoDRz4LQYH6r97RcijqhR0PH3aLfBGx%2Fn8ukHTcpDjcIdOy6e"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795220047a3fb4fd-OSL
alt-svc: h2=":443"; ma=60
www.examiner.com/images/blog/replicate/EXID39025/images/100712010911resized_Carrie_Underwood_and_Mike_Fisher.jpg
172.67.140.67301 Moved Permanently 0 B URL HTTP/1.1 www.examiner.com/images/blog/replicate/EXID39025/images/100712010911resized_Carrie_Underwood_and_Mike_Fisher.jpg
IP 172.67.140.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/blog/replicate/EXID39025/images/100712010911resized_Carrie_Underwood_and_Mike_Fisher.jpg HTTP/1.1
Host: www.examiner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 07:20:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Feb 2023 08:20:45 GMT
Location: https://examiner.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0cUx7qBEuhS%2Bx3pAm%2FYg7OgW6lzBqnQzwO7minJrSFqTxsEwJjB2THY%2Bro7KDQybCc7vGWBujmB%2F8atSxwjxx%2BaJDYj%2B7zycuutTGmGg9ZnXSuXTcg8R3Gd52iMhMjkcIoM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79522004791cb4f4-OSL
alt-svc: h2=":443"; ma=60
img1.etsystatic.com/il_fullxfull.263619305.jpg
151.101.193.224301 Moved Permanently 0 B URL HTTP/1.1 img1.etsystatic.com/il_fullxfull.263619305.jpg
IP 151.101.193.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /il_fullxfull.263619305.jpg HTTP/1.1
Host: img1.etsystatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://img1.etsystatic.com/il/225e8b/263619305/il_fullxfull.263619305.jpg?optimize=low&auto=webp
Accept-Ranges: bytes
Date: Mon, 06 Feb 2023 07:20:45 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1634-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1675668046.530515,VS0,VE0
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=300
img2.etsystatic.com/il_fullxfull.260934678.jpg
23.36.77.35301 Moved Permanently 0 B URL HTTP/1.1 img2.etsystatic.com/il_fullxfull.260934678.jpg
IP 23.36.77.35:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /il_fullxfull.260934678.jpg HTTP/1.1
Host: img2.etsystatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://img2.etsystatic.com/il_fullxfull.260934678.jpg
Cache-Control: private, max-age=0
Expires: Mon, 06 Feb 2023 07:20:45 GMT
Date: Mon, 06 Feb 2023 07:20:45 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Akamai-GRN: 0.1f4d2417.1675668045.1dc7258c
katelynjamesblog.com/wp-content/uploads/2010/12/modern-christmas-decor-peacock-tree-94.jpg
3.33.152.147404 Not Found 125 B URL HTTP/1.1 katelynjamesblog.com/wp-content/uploads/2010/12/modern-christmas-decor-peacock-tree-94.jpg
IP 3.33.152.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 2995357b538ef792ce59b1b7cca539c4
d33d8ce38719b45d0731f075f71593351023318c
aef27e8433e35954afe1798da5bde96145b020160cc2f16b1424425253fb545b
GET /wp-content/uploads/2010/12/modern-christmas-decor-peacock-tree-94.jpg HTTP/1.1
Host: katelynjamesblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 07:20:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Connection: keep-alive
Server: ip-100-74-2-16.eu-west-2.compute.internal
X-Request-Id: 68b8fbcd-d457-4c18-93b5-120a147313ed
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 61 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (1448)
Hash 62f98a42acaa85f40e228f65e5ee2361
a41c1755a6a2708340b74638f11ebdeed8e977db
54acbd2f18406888cbe8ee3fc76b512081c7c1c0102a4b1f7eef6cd11fc60f15
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 60741
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:19:07 GMT
expires: Fri, 02 Feb 2024 02:19:07 GMT
cache-control: public, max-age=31536000
age: 363698
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/img/share_buttons_20_3.png
216.58.207.233200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 216.58.207.233:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:38:23 GMT
expires: Thu, 09 Feb 2023 00:38:23 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 Feb 2023 18:53:01 GMT
content-type: image/png
age: 369742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.thestar.topscms.com/images/fa/2c/241e061d41ba88fc284c64b56ddc.jpeg
23.88.53.29404 Not Found 129 B URL HTTP/1.1 media.thestar.topscms.com/images/fa/2c/241e061d41ba88fc284c64b56ddc.jpeg
IP 23.88.53.29:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d10fe229d5809f3958cf8d3b96275d48
97f9577d54450a9011dbe6576cd6b80e4f028f19
1e00852d70770f57a0491112753a15fe021748e91ee5ab930f16de4ee6001895
GET /images/fa/2c/241e061d41ba88fc284c64b56ddc.jpeg HTTP/1.1
Host: media.thestar.topscms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Server: openresty
Date: Mon, 06 Feb 2023 07:16:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ny-image1.etsy.com/il_fullxfull.258932289.jpg
35.190.25.237301 Moved Permanently 261 B URL HTTP/1.1 ny-image1.etsy.com/il_fullxfull.258932289.jpg
IP 35.190.25.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7a050f43b1859cadc2e10fa1dcab7af4
45fd2dae8fec337e13a4c8c7a147af3774d16fd2
b05eeaff4f55fcc316b1b14ced4edd39ec18d144000098eaebce1e76afabd01c
GET /il_fullxfull.258932289.jpg HTTP/1.1
Host: ny-image1.etsy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: Apache
Location: http://img0.etsystatic.com/il_fullxfull.258932289.jpg
Content-Length: 261
Content-Type: text/html; charset=iso-8859-1
Via: 1.1 google
www.mywedding.com/blog/wp-content/gallery/parker-granatino/orchids-centerpiece-cameras-tables-wedding.jpg
54.175.218.223404 Not Found 153 B URL HTTP/1.1 www.mywedding.com/blog/wp-content/gallery/parker-granatino/orchids-centerpiece-cameras-tables-wedding.jpg
IP 54.175.218.223:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
GET /blog/wp-content/gallery/parker-granatino/orchids-centerpiece-cameras-tables-wedding.jpg HTTP/1.1
Host: www.mywedding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: nginx/1.18.0
Content-Length: 153
Connection: keep-alive
s1.hubimg.com/u/2941292_f520.jpg
52.70.155.212301 Moved Permanently 178 B URL HTTP/1.1 s1.hubimg.com/u/2941292_f520.jpg
IP 52.70.155.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /u/2941292_f520.jpg HTTP/1.1
Host: s1.hubimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 07:20:45 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: https://usercontent2.hubstatic.com/2941292_f520.jpg
s3.amazonaws.com/wedding_prod/photos/5e6a7f7a56eb46acb98532534d65db9e_m
54.231.199.24404 Not Found 302 B URL HTTP/1.1 s3.amazonaws.com/wedding_prod/photos/5e6a7f7a56eb46acb98532534d65db9e_m
IP 54.231.199.24:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 211c0794604373b0730bdd966647ebe0
339ac7086721fcb7b9bff2c491d52e64345a8d78
2d1bdcff7cd0f2bc407a905f2e227a880bdc5e05d660727550bcc058962f83f8
GET /wedding_prod/photos/5e6a7f7a56eb46acb98532534d65db9e_m HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
x-amz-request-id: AGHP4QHY5N76WJAN
x-amz-id-2: ZG0geF5dZt/8/OKWMTA0b+rzNGAL5RTVQB6rV6Lhm4SkILHL97dDoOcIb2K0ts7XY4DVqcmZixY=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: AmazonS3
www.mywedding.com/blog/wp-content/gallery/july-4/peacock-pier-one-board.jpg
54.175.218.223404 Not Found 153 B URL HTTP/1.1 www.mywedding.com/blog/wp-content/gallery/july-4/peacock-pier-one-board.jpg
IP 54.175.218.223:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 706a98254456810d3e849c3957af9d01
e461d072a6ba8f0082d6f187eba7f053343529c6
8351c0267c2cd7866ff04c04261f06cd75af9a7130aac848ca43fd047404e229
GET /blog/wp-content/gallery/july-4/peacock-pier-one-board.jpg HTTP/1.1
Host: www.mywedding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: nginx/1.18.0
Content-Length: 153
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.130200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.130:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sun, 05 Feb 2023 09:56:43 GMT
Expires: Sun, 19 Feb 2023 09:56:43 GMT
Cache-Control: public, max-age=1209600
Age: 77042
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
www.everyculture.com/images/ctc_04_img0986.jpg
23.227.169.75302 Found 238 B URL HTTP/1.1 www.everyculture.com/images/ctc_04_img0986.jpg
IP 23.227.169.75:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3c720bf0db3997e3f1043f59e42cddf6
17a6093b9185a35ab4280b61092f34c0491351af
9cf55e062e1d700cd0fb3e26620f624c00841fa959848dda09fff090380e6751
GET /images/ctc_04_img0986.jpg HTTP/1.1
Host: www.everyculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 302 Found
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: Apache
Location: https://www.everyculture.com/images/ctc_04_img0986.jpg
Content-Length: 238
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
photos.weddingbycolor.com/p/000/008/986/m/49706/p/photo/145255.jpg
172.67.177.29404 Not Found 109 B URL HTTP/1.1 photos.weddingbycolor.com/p/000/008/986/m/49706/p/photo/145255.jpg
IP 172.67.177.29:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /p/000/008/986/m/49706/p/photo/145255.jpg HTTP/1.1
Host: photos.weddingbycolor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 07:20:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6bMWHOqtEmGOhEUGRLP9PZtha8CgVV3U9FhBrDqGG2k8kGoM%2B8vM%2F8%2FZ1KssNgF8IiDeRE4WeIOKXHkGjn0cgMICYeyS8r%2FY3qbdN2WzIq7tfpcDywCqZH8BoGK%2BWJrF1RFVTVtBYTf4Hu4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795220047d25b4f9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
photos.weddingbycolor.com/p/000/026/265/m/159462/p/photo/417791.jpg
172.67.177.29404 Not Found 109 B URL HTTP/1.1 photos.weddingbycolor.com/p/000/026/265/m/159462/p/photo/417791.jpg
IP 172.67.177.29:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /p/000/026/265/m/159462/p/photo/417791.jpg HTTP/1.1
Host: photos.weddingbycolor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 07:20:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhhSaF%2BYmy2YdgNgDvBlTmhKF6lGwuYmJ2IokbfJ5GFkLwOGkv8fYqc%2BnpyNWLF5BOgWj8h3Z2gODLFCiFLUPJos0z2Q2EHZQan%2Fd2CfLIpXYasoCwZMaiKamFvWLqfpPSB7hkG7lYlKIfAn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795220047af30b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.blogger.com/img/logo-16.png
216.58.207.233200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 216.58.207.233:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 23:18:51 GMT
Expires: Wed, 08 Feb 2023 23:18:51 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 01 Feb 2023 18:53:01 GMT
Content-Type: image/png
Age: 374514
ohanablog.com/wp-content/uploads/2011/04/vintage-wedding-in-San-Diego-06.jpg
35.209.99.96301 Moved Permanently 162 B URL HTTP/1.1 ohanablog.com/wp-content/uploads/2011/04/vintage-wedding-in-San-Diego-06.jpg
IP 35.209.99.96:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2011/04/vintage-wedding-in-San-Diego-06.jpg HTTP/1.1
Host: ohanablog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 06 Feb 2023 07:20:45 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ohanaphotographers.com/
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
X-Proxy-Cache-Info: DT:1
2.bp.blogspot.com/_ALgJmZKXivs/TDjzqvX5kyI/AAAAAAAAGVs/KYkVSFJqH0A/s1600/Carrie%252BUnderwood%252BWedding%252BCelebration.jpg
142.250.74.161200 OK 27 kB URL HTTP/1.1 2.bp.blogspot.com/_ALgJmZKXivs/TDjzqvX5kyI/AAAAAAAAGVs/KYkVSFJqH0A/s1600/Carrie%252BUnderwood%252BWedding%252BCelebration.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 300x400, components 3\012- data
Hash 7815e7fed35ec000808fb3bd26cfeaac
d02ef992bf639bd7b225345e5105f3a3be5ef653
eb94f445c25bd0bcc176732ccf3e2b9588ee8b707aaa5bb3080c764b6769f8b1
GET /_ALgJmZKXivs/TDjzqvX5kyI/AAAAAAAAGVs/KYkVSFJqH0A/s1600/Carrie%252BUnderwood%252BWedding%252BCelebration.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v195b"
Expires: Tue, 07 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Carrie Underwood Wedding Celebration.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: fife
Content-Length: 27388
X-XSS-Protection: 0
chatfa.com/wp-content/uploads/2011/10/Novia-D-Art-2012-Wedding-Dresses-91.jpg
52.86.6.113404 Not Found 77 B URL HTTP/1.0 chatfa.com/wp-content/uploads/2011/10/Novia-D-Art-2012-Wedding-Dresses-91.jpg
IP 52.86.6.113:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c34a8f7527346a7a86597c7b266cd505
5c6c3678d3bd84e8cbad82d78cc415d93a827f97
15b6cbbf77423f1f3016da610453a64b3ce38e96863807f18ee5fa6b24c93ce9
GET /wp-content/uploads/2011/10/Novia-D-Art-2012-Wedding-Dresses-91.jpg HTTP/1.1
Host: chatfa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
3.bp.blogspot.com/-vJrzXVLwqVM/TViL54A9FDI/AAAAAAAAAa0/Z5VAdyhKKUA/s1600/IMG_9740.JPG
142.250.74.161200 OK 222 kB URL HTTP/1.1 3.bp.blogspot.com/-vJrzXVLwqVM/TViL54A9FDI/AAAAAAAAAa0/Z5VAdyhKKUA/s1600/IMG_9740.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1200, components 3\012- data
Size 222 kB (221457 bytes)
Hash a1343c5d99aa18d31b89fd984785eabc
85874956475080492eaf6541e1e346c4d5a4f1c1
b8cec7f8ba4e2478719269f4fbc745b280e03009e97dd0014e22294c6dfb55f9
GET /-vJrzXVLwqVM/TViL54A9FDI/AAAAAAAAAa0/Z5VAdyhKKUA/s1600/IMG_9740.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1ad"
Expires: Tue, 07 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_9740.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: fife
Content-Length: 221457
X-XSS-Protection: 0
www.sunvary.com/App/Attachment/product/c7591f2a81d24740641cc0c91e6dcf08.jpg
139.196.165.246404 Not Found 4.6 kB URL HTTP/1.1 www.sunvary.com/App/Attachment/product/c7591f2a81d24740641cc0c91e6dcf08.jpg
IP 139.196.165.246:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1325), with CRLF line terminators
Hash edf7aa2edaedf0c59b5d5168f29902fd
4d56d68fe565b628b63878e3681c67865e6c2b82
362f54c082d64dae3cee528e0766685cc3163b1529cca4af07ea9109e8f4e87b
GET /App/Attachment/product/c7591f2a81d24740641cc0c91e6dcf08.jpg HTTP/1.1
Host: www.sunvary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.10.2
Date: Mon, 06 Feb 2023 07:20:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Set-Cookie: _scfc=d33ef5a94c8cea79cb28b87713cb07b5; expires=Mon, 06-Feb-2023 09:20:45 GMT; path=/
boc_session_site=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%228c1e81551cc26bdc2af9d2b1a82927ab%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675668045%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D9977519a75b2865e80e4e82217e2ad1028b1f55c; expires=Mon, 06-Feb-2023 09:20:45 GMT; path=/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2891
Expires: Mon, 06 Feb 2023 08:08:56 GMT
Date: Mon, 06 Feb 2023 07:20:45 GMT
Connection: keep-alive
3.bp.blogspot.com/_vXSiD0zg2zU/TFyMgcPvNSI/AAAAAAAAM94/Dn99yGj_91o/s800/kali7.jpg
142.250.74.161200 OK 57 kB URL HTTP/1.1 3.bp.blogspot.com/_vXSiD0zg2zU/TFyMgcPvNSI/AAAAAAAAM94/Dn99yGj_91o/s800/kali7.jpg
IP 142.250.74.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, software=Google], baseline, precision 8, 426x639, components 3\012- data
Hash 3a3ee8f22c2d2a3f000541d51c1ba3f1
65bba89b213021b04623b5595243004b1c3c924c
294f5223557356c3e27e0fbc806a10919805bacba6da1aa077c94c84ab8b5fbb
GET /_vXSiD0zg2zU/TFyMgcPvNSI/AAAAAAAAM94/Dn99yGj_91o/s800/kali7.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v33de"
Expires: Tue, 07 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="kali7.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: fife
Content-Length: 57259
X-XSS-Protection: 0
4.bp.blogspot.com/_qKYoJSQBkAc/TExHUHjhwCI/AAAAAAAAARE/c_874JWg0Bo/s1600/Lokeman.jpg
142.250.74.161200 OK 166 kB URL HTTP/1.1 4.bp.blogspot.com/_qKYoJSQBkAc/TExHUHjhwCI/AAAAAAAAARE/c_874JWg0Bo/s1600/Lokeman.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1557x1600, components 3\012- data
Size 166 kB (165856 bytes)
Hash ad2c3dc555f87796b546fc0a6691d326
72c37c836b25ddf2d9bd4e5ab00806cda53604c0
834fda8285df93b149b30b1288a46242a4e2e5feb4cfeb914623f27deb01e9bf
GET /_qKYoJSQBkAc/TExHUHjhwCI/AAAAAAAAARE/c_874JWg0Bo/s1600/Lokeman.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v111"
Expires: Tue, 07 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Lokeman.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: fife
Content-Length: 165856
X-XSS-Protection: 0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0f48a44e1aece8d271028a7b0684cac
9f7247a3bb9248cd281c568ebba6e52b38b00149
0a34b5dc66f170403e79b2315a7cacef1703ce3777a20914525f86d46c0cd637
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b3e78aa-f2de-4a48-82bf-952d0a22f875.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11481
x-amzn-requestid: b50de2d1-c23b-4908-8fc3-e84eea0382a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRFL-oAMFnSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-0254cda141886e0f39e8f8b3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KIJ6iTpVC0gVV6Q0dd_-ZTWkwm3q0vP52N3088Rd7O9pb8D39XfnBg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:55:31 GMT
age: 33914
etag: "9f7247a3bb9248cd281c568ebba6e52b38b00149"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img1.etsystatic.com/il/225e8b/263619305/il_fullxfull.263619305.jpg?optimize=low&auto=webp
151.101.193.224200 OK 201 kB URL HTTP/2 img1.etsystatic.com/il/225e8b/263619305/il_fullxfull.263619305.jpg?optimize=low&auto=webp
IP 151.101.193.224:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x768, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 201 kB (201030 bytes)
Hash 33968be3d9b836eac95b55882cdd1120
97cc1bf10fd477e319ff8f0c7a6f30b1c43cec70
9fc4a2881fa690745552bb0c887e37bd88e47d897ec12b0b24a8f7fa14f13b2a
GET /il/225e8b/263619305/il_fullxfull.263619305.jpg?optimize=low&auto=webp HTTP/1.1
Host: img1.etsystatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=365000000, immutable
content-type: image/webp
etag: "x6qqk2o3dFDChrewkHoqBMsTvToTPq7qYyV7I7NMA6g"
expires: Tue, 05 Dec 2023 20:26:11 GMT
fastly-io-info: ifsz=211121 idim=1024x768 ifmt=jpeg ofsz=201030 odim=1024x768 ofmt=webp
fastly-stats: io=1
server: UploadServer
x-goog-generation: 1518196302479836
x-goog-hash: crc32c=aeT5Ug==, md5=q18BTt7oukqd2KQVxICHDQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 211121
x-guploader-uploadid: ADPycduOmTsC7U0-G-Aa_cs2_I5gsfD5V4J9biOWi-PKaZxq2kF20CqiHjKWGErMlsP64WGAh2-4fSNZtaX3V2BwVODkM0T7HIsL
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 06 Feb 2023 07:20:45 GMT
age: 5396074
x-served-by: cache-chi-kigq8000175-CHI, cache-bma1621-BMA
x-cache: HIT, MISS
x-cache-hits: 12, 0
x-timer: S1675668046.855976,VS0,VE104
vary: Accept
timing-allow-origin: *
strict-transport-security: max-age=300
content-length: 201030
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 33478
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1.bp.blogspot.com/--Pp-uaDfJDc/TnC0imq55rI/AAAAAAAABb8/iqLzApu-kac/s1600/DSC_1212.JPG
142.250.74.161200 OK 207 kB URL HTTP/1.1 1.bp.blogspot.com/--Pp-uaDfJDc/TnC0imq55rI/AAAAAAAABb8/iqLzApu-kac/s1600/DSC_1212.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1067, components 3\012- data
Size 207 kB (206970 bytes)
Hash 49f7b8077b48fa24fe1f18033fca7072
14f17dc44ccec6875f7627c4b07ac14a5ec6372e
afa1091ce45b812e33c05026f1b503db8f241e87a0cd903b40d0e25b955fc53e
GET /--Pp-uaDfJDc/TnC0imq55rI/AAAAAAAABb8/iqLzApu-kac/s1600/DSC_1212.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v58f6"
Expires: Tue, 07 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC_1212.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: fife
Content-Length: 206970
X-XSS-Protection: 0
www.bibendum.com.au/images/P/CHAMPAGNE-01.jpg
23.227.38.74301 Moved Permanently 0 B URL HTTP/1.1 www.bibendum.com.au/images/P/CHAMPAGNE-01.jpg
IP 23.227.38.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/P/CHAMPAGNE-01.jpg HTTP/1.1
Host: www.bibendum.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 07:20:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 237
X-Sorting-Hat-ShopId: 62074683630
X-Storefront-Renderer-Rendered: 1
Location: https://www.bibendum.com.au/images/P/CHAMPAGNE-01.jpg
X-Redirect-Reason: https_required
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none';
X-ShopId: 62074683630
X-ShardId: 237
Vary: Accept
X-Shopify-Stage: production
X-Dc: gcp-europe-north1,gcp-europe-west1,gcp-europe-west1
X-Request-ID: 51112333-984f-4e1c-9858-1c80fc5838bc
X-Download-Options: noopen
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0X98qQ3CJWi7XfZ%2BLgpqjW9U%2BG0pCb8xGZkFsP5YUw1shXT5XROmeWlvdYkjDeFlaiFSytrftwLfRQ2fqtlOT2ab6OqJUMRgj8BTtCQf0C720xHNuUILheTt0aNztgY9jOULo0g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: processing;dur=17, db;dur=5, asn;desc="50304", edge;desc="OSL", country;desc="NO", cfRequestDuration;dur=92.999935
Server: cloudflare
CF-RAY: 79522006ea4afab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 34243
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fashionpiece.com/wp-content/uploads/2011/09/02a91__perfume-a.jpg
18.119.154.66404 Not Found 9.0 kB URL HTTP/1.0 fashionpiece.com/wp-content/uploads/2011/09/02a91__perfume-a.jpg
IP 18.119.154.66:0
Hash fcf18a5c5740b0c2bfcfe858ee6e9dea
eb68e3c958fd2c1edd4dbd9dd9e1b124800e2f48
9beb1d864fb03793f3031ffe6966ed3f0ea86e83e739f6989d68c01140dda90b
GET /wp-content/uploads/2011/09/02a91__perfume-a.jpg HTTP/1.1
Host: fashionpiece.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2890
Expires: Mon, 06 Feb 2023 08:08:56 GMT
Date: Mon, 06 Feb 2023 07:20:46 GMT
Connection: keep-alive
2.bp.blogspot.com/_pqSmYRlFypk/S_lZStEYtQI/AAAAAAAAAww/MjlHfFBnZWU/s1600/WeddingArrival%252BLayout.jpg
142.250.74.161200 OK 350 kB URL HTTP/1.1 2.bp.blogspot.com/_pqSmYRlFypk/S_lZStEYtQI/AAAAAAAAAww/MjlHfFBnZWU/s1600/WeddingArrival%252BLayout.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1579x1600, components 3\012- data
Size 350 kB (349497 bytes)
Hash 4fd3b957f1fe3b524f31cd7067df402e
bca4f4a35ef418a354cf1d2faa0884d037d662b6
ef04edbbd5bcb3cf37c377955097153a9f7bbcab195bbc716a16075e986d02da
GET /_pqSmYRlFypk/S_lZStEYtQI/AAAAAAAAAww/MjlHfFBnZWU/s1600/WeddingArrival%252BLayout.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v30c"
Expires: Tue, 07 Feb 2023 07:20:45 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="WeddingArrival Layout.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 06 Feb 2023 07:20:45 GMT
Server: fife
Content-Length: 349497
X-XSS-Protection: 0
fashionpiece.com/wp-content/uploads/2011/09/02a91__panda-a.jpg
18.119.154.66404 Not Found 11 kB URL HTTP/1.0 fashionpiece.com/wp-content/uploads/2011/09/02a91__panda-a.jpg
IP 18.119.154.66:0
Hash f9197b28d61ef32f46371e6797615e88
f684644a655a21e892449557dcb02e4526d91070
da41dc4243f35062249034795d1585494055f18da5445f1f1862757b220714c4
GET /wp-content/uploads/2011/09/02a91__panda-a.jpg HTTP/1.1
Host: fashionpiece.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 000cb25b2cb4fa30ce745582dafbab99
a5227f79e64bcab8d8f03822e6d408400a03a23e
7f6a2a99bff95672d34b41489d0dd1132ab8654b745e728e15ed95e987b7ed62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10582
x-amzn-requestid: e18bacd8-6d0e-4957-93ab-97def7442f8c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okSFKKIAMFlUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214e-05486d9b283cedc008cba781;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p1ToWLG__PFWEMRxlPZcouvOTijPoUcMr7ubDCNcy2wMwgusbBjGPA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:34 GMT
etag: "a5227f79e64bcab8d8f03822e6d408400a03a23e"
content-type: image/jpeg
age: 32832
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.veezzle.com/photos/images/Wedding-centerpieces-with-peacock-feathers-dc49dc42dc4670a33381.jpg
198.252.98.90404 Not Found 2.2 kB URL HTTP/1.1 www.veezzle.com/photos/images/Wedding-centerpieces-with-peacock-feathers-dc49dc42dc4670a33381.jpg
IP 198.252.98.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 8c9388da7bbde4fb7e5a53c64795801f
ff8f03315fc803cc40f1426558fe8bc4f8acb132
ce168801c1111b8f294023387f40bb8f85f46ea7df95130621266dfe71036e96
GET /photos/images/Wedding-centerpieces-with-peacock-feathers-dc49dc42dc4670a33381.jpg HTTP/1.1
Host: www.veezzle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
set-cookie: october_session=eyJpdiI6IlE4cTRjdEVLRDRhdWJ0dndFY3NGQlE9PSIsInZhbHVlIjoiNWp6UStQYjBJOHpCTHZpTzFyenZDa3JZN1Zzc09BYkF3bVpJQitQZHVCTFNcLzlpbEN6N2lFOTRXY1pUNUg0dU9YUVlUVmFHV0FKZDErelwvcURFMVdMUT09IiwibWFjIjoiNWJlNGM3ZGQxMTc1MWIwODNlODEzYWFhZTViMTk3Zjg0MzQxOTY0ZDQ0ZGU4NzlhM2MzZTg1YTlmNmVkNzNiYiJ9; expires=Mon, 06-Feb-2023 09:20:46 GMT; Max-Age=7200; path=/; HttpOnly
content-length: 2217
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 06 Feb 2023 07:20:46 GMT
server: LiteSpeed
pinnacleprodj.com/wp-content/uploads/2011/10/2011-10-08_16-55-33_886.jpg
198.49.23.144301 Moved Permanently 0 B URL HTTP/1.1 pinnacleprodj.com/wp-content/uploads/2011/10/2011-10-08_16-55-33_886.jpg
IP 198.49.23.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2011/10/2011-10-08_16-55-33_886.jpg HTTP/1.1
Host: pinnacleprodj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Age: 0
Date: Mon, 06 Feb 2023 07:20:46 GMT
Location: https://www.pinnacleprodj.com/wp-content/uploads/2011/10/2011-10-08_16-55-33_886.jpg
Server: Squarespace
Set-Cookie: crumb=BeX93LCOsX0NNDZlZWQ0ODY1N2JlNWZmODIyMjk5NmIwZDljMDYx;Path=/
X-Contextid: ZcVVPqEF/ntQ67jn2
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3113a81026590559421fce32f0d292cd
efc9c0ef6ba9b9570ee9e79b52b5c50b8299f01b
78ea5fe18731c709631e2427a40ec584f70a454e97556a5f69614535d1893f75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6185
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Etag: "63df8135-117"
Last-Modified: Mon, 06 Feb 2023 05:37:41 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279
www.weddingdressesstyle.com/wp-content/uploads/2011/12/MoniqueLhuillierFallWinter2012WeddingDressesCollection91.jpg
156.234.3.211200 OK 241 B URL HTTP/1.1 www.weddingdressesstyle.com/wp-content/uploads/2011/12/MoniqueLhuillierFallWinter2012WeddingDressesCollection91.jpg
IP 156.234.3.211:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e249b650fd607845d8f8435fb0323ece
cc663123691bde9e6fe3cc05a988283a2bd98d7f
bb4a8a4c71e6b7d914a1a5d1ce4eef0139f11a8a34ec49077f512dadbdbec029
GET /wp-content/uploads/2011/12/MoniqueLhuillierFallWinter2012WeddingDressesCollection91.jpg HTTP/1.1
Host: www.weddingdressesstyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 07:20:45 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
image.made-in-china.com/2f0j00hvftjglrHCuw/New-Embroidered-Wedding-Dress-Bridal-Dress-Angela-150-.jpg
104.18.28.187200 OK 261 kB URL HTTP/1.1 image.made-in-china.com/2f0j00hvftjglrHCuw/New-Embroidered-Wedding-Dress-Bridal-Dress-Angela-150-.jpg
IP 104.18.28.187:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1332x1559, components 3\012- data
Size 261 kB (260846 bytes)
Hash cf67703c0dbfec6be8629bc76a692166
17223627b0d3e8e40452e9f820b361455eb6294f
43b6fcc19fac5830052d8be8092ece3977d7bff8794045b8133e1b3268bcbc63
GET /2f0j00hvftjglrHCuw/New-Embroidered-Wedding-Dress-Bridal-Dress-Angela-150-.jpg HTTP/1.1
Host: image.made-in-china.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:46 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 21 May 2014 17:17:31 GMT
Expires: Fri, 28 Sep 2970 06:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Timing-Allow-Origin: *
CF-Cache-Status: MISS
Cache-Control: public, max-age=29904676754
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7952200588cd0afe-OSL
rokgear.files.wordpress.com/2009/10/paisley-skull-rokgear1.jpg
192.0.72.25200 OK 371 kB URL HTTP/2 rokgear.files.wordpress.com/2009/10/paisley-skull-rokgear1.jpg
IP 192.0.72.25:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 230x230, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=EASTMAN KODAK COMPANY, model=KODAK EASYSHARE C743 ZOOM DIGITAL CAMERA, orientation=upper-left, xresolution=2270, yresolution=2278, resolutionunit=2, software=Microsoft Windows Photo Gallery 6.0.6001.18000, datetime=2009:10:24 03:56:06], baseline, precision 8, 1211x950, components 3\012- data
Size 371 kB (370792 bytes)
Hash 96f4a027b17a5e2daa78fc3a6361637c
aeb043f30e68b048b3c74b1236c255696e84f871
8c37ba6aa98b8a1b72f8f5f2a78c1f219c02569ab5524477370bd595add18d53
GET /2009/10/paisley-skull-rokgear1.jpg HTTP/1.1
Host: rokgear.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:20:45 GMT
content-type: image/jpeg
content-length: 370792
last-modified: Wed, 28 Oct 2009 15:17:54 GMT
expires: Sat, 04 Mar 2023 03:27:05 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://rokgear.wordpress.com
vary: Origin
x-nc: MISS arn 25 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.weddingdressesstyle.com/wp-content/uploads/2011/10/CymbelineSpringSummer2012BridalGowns91.jpg
156.234.3.211200 OK 241 B URL HTTP/1.1 www.weddingdressesstyle.com/wp-content/uploads/2011/10/CymbelineSpringSummer2012BridalGowns91.jpg
IP 156.234.3.211:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e249b650fd607845d8f8435fb0323ece
cc663123691bde9e6fe3cc05a988283a2bd98d7f
bb4a8a4c71e6b7d914a1a5d1ce4eef0139f11a8a34ec49077f512dadbdbec029
GET /wp-content/uploads/2011/10/CymbelineSpringSummer2012BridalGowns91.jpg HTTP/1.1
Host: www.weddingdressesstyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 07:20:46 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//sidewayssidle2112.blogspot.com/2011&ref=&l=wedding
81.17.18.197302 Found 11 B URL HTTP/1.1 lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//sidewayssidle2112.blogspot.com/2011&ref=&l=wedding
IP 81.17.18.197:0
ASN #51852 Private Layer INC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?if=1&scr_w=1280&scr_h=1024&blog=http%3A//sidewayssidle2112.blogspot.com/2011&ref=&l=wedding HTTP/1.1
Host: lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 06 Feb 2023 07:20:45 GMT
location: http://click-v4.celxkpdir.com/click?i=xBNNJdvKXGU_0
server: nginx
set-cookie: sid=c5d1a0e4-a5ee-11ed-83a9-1dddd446c330; path=/; domain=.lostwebtracker.com; expires=Sat, 24 Feb 2091 10:34:53 GMT; max-age=2147483647; HttpOnly
www.blogger.com/navbar.g?targetBlogID=3725263390518830050&blogName=Nichol-Louise%27s+blog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sidewayssidle2112.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://sidewayssidle2112.blogspot.com/&vt=3686292336284943543&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
216.58.207.233200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=3725263390518830050&blogName=Nichol-Louise%27s+blog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sidewayssidle2112.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://sidewayssidle2112.blogspot.com/&vt=3686292336284943543&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
IP 216.58.207.233:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3170)
Hash 8566ea0c93b5add1f0255338e069cf6c
ec00ecd7c846f3bfa5f3f139d87ef3f201c39d28
27cb986be1ff7aae592513decba3bc16d5b02c5fca9080c81617316123d597c7
GET /navbar.g?targetBlogID=3725263390518830050&blogName=Nichol-Louise%27s+blog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sidewayssidle2112.blogspot.com/search&blogLocale=en_GB&v=2&homepageUrl=http://sidewayssidle2112.blogspot.com/&vt=3686292336284943543&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 07:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2602
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 883dd1396aee04282429cf5d7a5359f5
4b68d0e51f4bf6cdf7aa61f18435f7644172a3d6
1ad3d6617fcb0b454655fa917ad5944f6743230348647f24960438522eef452b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AD3D6617FCB0B454655FA917AD5944F6743230348647F24960438522EEF452B"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21392
Expires: Mon, 06 Feb 2023 13:17:18 GMT
Date: Mon, 06 Feb 2023 07:20:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b55fb98a30f9d26afba9dd0ca74f1f70
49e6987a6c77fa8d2503c0e6821580e53bcc79a0
3673f3a17a2fec01f939336940d5f685efeb4c98004d64cad14d0d4d7a2c0442
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=156154
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Etag: "63e06948-117"
Expires: Wed, 08 Feb 2023 02:43:20 GMT
Last-Modified: Mon, 06 Feb 2023 02:43:20 GMT
Server: nginx
Content-Length: 279
apis.google.com/js/platform:gapi.iframes.style.common.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform:gapi.iframes.style.common.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash eb1d12f632b489080577377bf9deb08b
2ce8d059c1a7b717b40280fc380745500319c805
58c8f5569695f851b0319332019116d5362fd63de9c836594e185923cea90563
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20960
date: Mon, 06 Feb 2023 07:20:46 GMT
expires: Mon, 06 Feb 2023 07:20:46 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "cd99eb5425d8c161"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2bd91c712c797e1719aaab0d750c70e7
795135afc95e6056d24d00eccfba00b284789ce1
719881d26f1d21a30c0811a31c02922394d1bfc3267cc006368748e671c83cdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=155765
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Etag: "63e067c3-117"
Expires: Wed, 08 Feb 2023 02:36:51 GMT
Last-Modified: Mon, 06 Feb 2023 02:36:51 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 601909b85216f4aae5fe3b66a421a9c8
35936515385a8e1bde4402e0f7529453638eb3eb
c45f21be117d6f9e42db8fedc524cbacc08e5cd87ae179cc82f1eace8d340a63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=101419
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Etag: "63df9379-117"
Expires: Tue, 07 Feb 2023 11:31:05 GMT
Last-Modified: Sun, 05 Feb 2023 11:31:05 GMT
Server: nginx
Content-Length: 279
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 45 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (1448)
Hash e109643c6c3b1b66def84e3a7c3bd6a7
3eb8ca5c8d01b789b986da9ee9fd5c5d9cac095c
9005c29bc089e7bf687c6ba4c556bb08aaddfa96a5592e9c4f4d03b87523d5f9
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 03:44:05 GMT
expires: Sun, 04 Feb 2024 03:44:05 GMT
cache-control: public, max-age=31536000
age: 185801
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=3725263390518830050&zx=360214ab-17e0-4e45-9cc8-c2d2277dbd4e
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=3725263390518830050&zx=360214ab-17e0-4e45-9cc8-c2d2277dbd4e
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=3725263390518830050&zx=360214ab-17e0-4e45-9cc8-c2d2277dbd4e HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 07:20:46 GMT
last-modified: Mon, 06 Feb 2023 07:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
examiner.com/
172.67.140.67200 OK 29 kB IP 172.67.140.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (23403)
Hash 0c0f93474a67eb9c8aef95f2a71fffa4
1466d2981217ad8ea7f060d6920db75ab2b3e422
0c527e86f0a2ee17194a15bc35258f41e66514876f39b5e3e44c72a3651691c2
GET / HTTP/1.1
Host: examiner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:46 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=31536000, max-age=60, max-age=0
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
vary: X-Forwarded-Proto,Accept-Encoding
expires: Mon, 06 Feb 2023 07:02:27 GMT
last-modified: Mon, 06 Feb 2023 07:02:29 GMT
cf-cache-status: HIT
age: 680
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fPqWSKf5DC%2BESWwAYjlz6yF9hpRgf7UjWkBxxEiB%2FaJoFoZNm5OsUoc54trvYVbg%2Blxurnyv5Spl6yR0m2KLtPCg9pj4VYac60zrg7TR%2Fq3mKZcG%2FlqXlLmN93ZZ7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795220095bfcb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resources.blogblog.com/img/navbar/arrows-light.png
216.58.207.233200 OK 117 B URL HTTP/2 resources.blogblog.com/img/navbar/arrows-light.png
IP 216.58.207.233:0
File type PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash 25c2b0cfe0ad4dcda4a0e3727d091d80
b9d16f4311e64648b7970baf00cb9841e3c3351b
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
GET /img/navbar/arrows-light.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:39:05 GMT
expires: Thu, 09 Feb 2023 00:39:05 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 Feb 2023 13:53:11 GMT
content-type: image/png
age: 369701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/followers.g?blogID=3725263390518830050&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http://sidewayssidle2112.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
216.58.207.233302 Found 520 B URL HTTP/2 www.blogger.com/followers.g?blogID=3725263390518830050&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http://sidewayssidle2112.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
IP 216.58.207.233:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1032)
Hash 6dce329dfbb914452fe4f7a5d5c75d31
4ff590b468714abac1fc507bd5163bc87f4a9758
fd537617bbe548763cfb09bd6d5a720fb08823e537a7d7171ad3e7e7d422643b
GET /followers.g?blogID=3725263390518830050&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http://sidewayssidle2112.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3725263390518830050%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://sidewayssidle2112.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3725263390518830050%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://sidewayssidle2112.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Mon, 06 Feb 2023 07:20:46 GMT
expires: Mon, 06 Feb 2023 07:20:46 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 520
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdc9497aa41f62e1ae9577e3e98486e
48347cc1a2251540b4ab07c44b2dbf36ec33e2af
77e95b0c75d14971de92d15b463ee043c9bc0de337ea2ffb402afa73a76399b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E95B0C75D14971DE92D15B463EE043C9BC0DE337EA2FFB402AFA73A76399B6"
Last-Modified: Sat, 04 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Mon, 06 Feb 2023 13:20:02 GMT
Date: Mon, 06 Feb 2023 07:20:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e11dcc5ae62e80e09454f987c9fc4d3b
e6ce4f8560d4b052dca404233a2d89c7461403db
8d96a6a878fa54929ee16347f98ef4569fd956f4dc0f969ba0c602f8ded9cda5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bios.weddingbee.com/pics/105592/bevfabriccrafts_2141_146791931.jpg
98.158.193.95200 OK 128 kB URL HTTP/1.1 bios.weddingbee.com/pics/105592/bevfabriccrafts_2141_146791931.jpg
IP 98.158.193.95:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, description=trilight candleholder, manufacturer=NIKON CORPORATION, model=NIKON D200, xresolution=222, yresolution=230, resolutionunit=2, software=Adobe Photoshop Elements 6.0, datetime=2010:11:26 12:13:59], baseline, precision 8, 399x600, components 3\012- data
Size 128 kB (127596 bytes)
Hash 21ee5642394d0378ce6bbb96efa01011
654493d9940350fbd8d536875f89ae2ac0e6ab2a
da81e09cd9f24d40307e82c5d2c135eadd333d1f0a3b8acd476cf5c372de4a50
GET /pics/105592/bevfabriccrafts_2141_146791931.jpg HTTP/1.1
Host: bios.weddingbee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:45 GMT
Last-Modified: Thu, 20 Jan 2011 01:16:37 GMT
ETag: "1f26c-49a3ce2956740"
Accept-Ranges: bytes
Content-Length: 127596
Access-Control-Allow-Origin: *
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: BIGipServerweddingbee-web_POOL=3364622346.20480.0000; path=/; Httponly
X-FRAME-OPTIONS: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3725263390518830050%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://sidewayssidle2112.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3725263390518830050%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://sidewayssidle2112.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
142.250.74.45302 Found 464 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3725263390518830050%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://sidewayssidle2112.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3725263390518830050%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://sidewayssidle2112.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (509)
Hash 8b0f4d6ab57cce00e07c637370c185c0
5ed10947245a4238536b088b6dfc2f4e17f07ad4
1500e68e113bc5fd3815c4c4d797599df9d3d7f9cbe717e1bdf25deb750451f2
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3725263390518830050%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://sidewayssidle2112.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3725263390518830050%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://sidewayssidle2112.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.AMZ27oQJoUI.O/d%253D1/rs%253DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 07:20:46 GMT
location: https://www.blogger.com/followers.g?blogID=3725263390518830050&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-6KDalYuEcs0av9gpb7P-LQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 464
server: GSE
set-cookie: __Host-GAPS=1:BqfsHXY-G8pIdfHZuACOZXHplYK80Q:LcEoaz_DZxHpH9Kr;Path=/;Expires=Wed, 05-Feb-2025 07:20:46 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.everyculture.com/images/ctc_04_img0986.jpg
23.227.169.75200 OK 25 kB URL HTTP/2 www.everyculture.com/images/ctc_04_img0986.jpg
IP 23.227.169.75:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Taken from:004, CountriesCultures_FM.qxd page 146Extracted on 24/08/2003", baseline, precision 8, 484x288, components 1\012- data
Hash 4729f907ba6e25bb7df34f75ad0f5e7f
c0a24ee69bcc409dc5f107b4f826c27961dbede0
266863491b2e300339b2d63b3a5772e60004ecd923e50869af18d7717c881b54
GET /images/ctc_04_img0986.jpg HTTP/1.1
Host: www.everyculture.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:46 GMT
server: Apache
last-modified: Fri, 29 Aug 2003 20:57:14 GMT
etag: "62e0-3c60e876c5e80"
accept-ranges: bytes
content-length: 25312
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 07:20:46 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2bd91c712c797e1719aaab0d750c70e7
795135afc95e6056d24d00eccfba00b284789ce1
719881d26f1d21a30c0811a31c02922394d1bfc3267cc006368748e671c83cdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Server: ECS (amb/6BBA)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b55fb98a30f9d26afba9dd0ca74f1f70
49e6987a6c77fa8d2503c0e6821580e53bcc79a0
3673f3a17a2fec01f939336940d5f685efeb4c98004d64cad14d0d4d7a2c0442
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=156154
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:46 GMT
Etag: "63e06948-117"
Expires: Wed, 08 Feb 2023 02:43:20 GMT
Last-Modified: Mon, 06 Feb 2023 02:43:20 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
bios.weddingbee.com/pics/136443/bevfabriccrafts_2170_251424316.jpg
98.158.193.95200 OK 173 kB URL HTTP/1.1 bios.weddingbee.com/pics/136443/bevfabriccrafts_2170_251424316.jpg
IP 98.158.193.95:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, description=silver glass cup chalice, manufacturer=NIKON CORPORATION, model=NIKON D200, xresolution=226, yresolution=234, resolutionunit=2, software=Adobe Photoshop Elements 6.0, datetime=2011:02:14 09:19:43], baseline, precision 8, 414x600, components 3\012- data
Size 173 kB (173026 bytes)
Hash 07d1a5a88c5e224985d10b2504a97b1b
0feb2cfc763879fe161c90d30b3dfde691cb1701
5460331aac2529ee2e749f4d37a44e0d43ac8ffb963ae0aab8e06aeb85bcc239
GET /pics/136443/bevfabriccrafts_2170_251424316.jpg HTTP/1.1
Host: bios.weddingbee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:45 GMT
Last-Modified: Thu, 01 Sep 2011 21:26:57 GMT
ETag: "2a3e2-4abe7e786aa40"
Accept-Ranges: bytes
Content-Length: 173026
Access-Control-Allow-Origin: *
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
Set-Cookie: BIGipServerweddingbee-web_POOL=3616280586.20480.0000; path=/; Httponly
X-FRAME-OPTIONS: SAMEORIGIN
img0.etsystatic.com/il_fullxfull.258932289.jpg
23.36.77.35200 OK 277 kB URL HTTP/2 img0.etsystatic.com/il_fullxfull.258932289.jpg
IP 23.36.77.35:0
ASN #20940 Akamai International B.V.
File type ISO Media, AVIF Image\012- data
Size 277 kB (276810 bytes)
Hash 374b25fac0d791e3c354e03095209410
d95c9827d1a905b4c479262a7884a38804b0aeab
9ac716a6c0e3976868c849133a1b56314598c7e3d427f6a533da02d09520573b
GET /il_fullxfull.258932289.jpg HTTP/1.1
Host: img0.etsystatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "b36f495e2e5ceda18846b4f2ab401885"
last-modified: Sat, 21 Jan 2023 02:24:52 GMT
server: Akamai Image Manager
content-length: 276810
content-type: image/avif
cache-control: private, no-transform, max-age=1191933
expires: Mon, 20 Feb 2023 02:26:19 GMT
date: Mon, 06 Feb 2023 07:20:46 GMT
timing-allow-origin: *
akamai-grn: 0.1f4d2417.1675668045.1dc72614
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
www.thegreatwedding.com/Images/Divina-Sposa-Wedding-Dress-2012-Collections-91.jpg
52.86.6.113404 Not Found 71 kB URL HTTP/1.0 www.thegreatwedding.com/Images/Divina-Sposa-Wedding-Dress-2012-Collections-91.jpg
IP 52.86.6.113:0
Hash e87a492c56a2913c460acc7507a17ade
dcbf6f1cf2e257848ae8bccb868fd4c10d3f8b07
82660a68b713e6eb7d35044d8b4be5a2cad66aff12982322c7e60a9b572cbae0
GET /Images/Divina-Sposa-Wedding-Dress-2012-Collections-91.jpg HTTP/1.1
Host: www.thegreatwedding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdc9497aa41f62e1ae9577e3e98486e
48347cc1a2251540b4ab07c44b2dbf36ec33e2af
77e95b0c75d14971de92d15b463ee043c9bc0de337ea2ffb402afa73a76399b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E95B0C75D14971DE92D15B463EE043C9BC0DE337EA2FFB402AFA73A76399B6"
Last-Modified: Sat, 04 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Mon, 06 Feb 2023 13:20:02 GMT
Date: Mon, 06 Feb 2023 07:20:46 GMT
Connection: keep-alive
click-v4.celxkpdir.com/click?i=xBNNJdvKXGU_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.celxkpdir.com/click?i=xBNNJdvKXGU_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=xBNNJdvKXGU_0 HTTP/1.1
Host: click-v4.celxkpdir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://feed.us.adrunnr.com/12/?id=c5e0d94b-a5ee-11ed-b32b-6dcb609c9b17
Pragma: no-cache
img2.etsystatic.com/il_fullxfull.260934678.jpg
23.36.77.35200 OK 186 kB URL HTTP/2 img2.etsystatic.com/il_fullxfull.260934678.jpg
IP 23.36.77.35:0
ASN #20940 Akamai International B.V.
File type ISO Media, AVIF Image\012- data
Size 186 kB (185582 bytes)
Hash fd1ea425a6b669e51cfdc13310625895
75f31ff496374ff4e5f123dfa9baafcc0c21023a
dfe6980ed6b8f2b0511cd0daf7cfa48dfa2ca6ea1ee5c82ba677ef3ba0e2a7a3
GET /il_fullxfull.260934678.jpg HTTP/1.1
Host: img2.etsystatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "biGk5jV2yIoAiQkX+xPk0IYt2hw5VS2548CkpHjYIjk"
last-modified: Thu, 05 Jan 2023 04:48:15 GMT
server: Akamai Image Manager
content-length: 185582
content-type: image/avif
cache-control: private, no-transform, max-age=2162469
expires: Fri, 03 Mar 2023 08:01:55 GMT
date: Mon, 06 Feb 2023 07:20:46 GMT
timing-allow-origin: *
akamai-grn: 0.1f4d2417.1675668045.1dc725e1
strict-transport-security: max-age=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 1ad22799fb657a368d55177a2873143b
af0138cbca4dba33ff5492f0b2a5fdd06f41d737
19bc5699f0083261ec53069d0b1058523525adffd27b964b257a5f117a5a7168
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111541
Date: Mon, 06 Feb 2023 07:20:47 GMT
Etag: "63dfa72a-1d7"
Expires: Tue, 07 Feb 2023 14:19:48 GMT
Last-Modified: Sun, 05 Feb 2023 12:55:06 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SPdlU7BAedsszFkBEGQ_mMD30J_0RLNop_4Qfqwv1xwuYT0CSts2ag==
Age: 5082
feed.us.adrunnr.com/12/?id=c5e0d94b-a5ee-11ed-b32b-6dcb609c9b17
44.209.25.171307 Temporary Redirect 0 B URL HTTP/2 feed.us.adrunnr.com/12/?id=c5e0d94b-a5ee-11ed-b32b-6dcb609c9b17
IP 44.209.25.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /12/?id=c5e0d94b-a5ee-11ed-b32b-6dcb609c9b17 HTTP/1.1
Host: feed.us.adrunnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Mon, 06 Feb 2023 07:20:47 GMT
content-length: 0
location: https://trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=a2c9f98a&cost=0.0007&browser=Firefox&carrier=&cid=c5e0b234-a5ee-11ed-b32b-cb8ee4c6044b
set-cookie: __sess=c6b31cef-a5ee-11ed-b32b-6dcb609c9b17; Expires=Thu, 01 Jan 2099 00:00:00 GMT; Domain=adrunnr.com; Secure; SameSite=None
X-Firefox-Spdy: h2
www.naturalbeautiesfloral.com/picture/weddings-flowers-chicago-54.jpg%3FpictureId%3D5663706%26asGalleryImage%3Dtrue
169.150.236.100404 Not Found 50 kB URL HTTP/1.1 www.naturalbeautiesfloral.com/picture/weddings-flowers-chicago-54.jpg%3FpictureId%3D5663706%26asGalleryImage%3Dtrue
IP 169.150.236.100:0
Hash 6a35cd070e6056c6b14c3cf36efdea5a
133463322ab15704acf2a0bd3733c5adc184332a
d349607e78979914201255c139cf929bcce9d0a079271936c4c162ed119152f5
GET /picture/weddings-flowers-chicago-54.jpg%3FpictureId%3D5663706%26asGalleryImage%3Dtrue HTTP/1.1
Host: www.naturalbeautiesfloral.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 07:20:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: BunnyCDN-IL1-1070
CDN-PullZone: 913532
CDN-Uid: 5394955d-1467-45fe-a539-7870a9314cdf
CDN-RequestCountryCode: NO
Cache-Control: public, max-age=0
Link: <http://www.naturalbeautiesfloral.com/wp-json/>; rel="https://api.w.org/"
CDN-ProxyVer: 1.03
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 404
CDN-CachedAt: 02/06/2023 07:20:46
CDN-EdgeStorageId: 894
CDN-Status: 404
CDN-RequestId: 51cc7b822c735491f85d46357b91105e
CDN-Cache: BYPASS
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 601909b85216f4aae5fe3b66a421a9c8
35936515385a8e1bde4402e0f7529453638eb3eb
c45f21be117d6f9e42db8fedc524cbacc08e5cd87ae179cc82f1eace8d340a63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:47 GMT
Server: ECS (amb/6B7B)
Content-Length: 279
trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=a2c9f98a&cost=0.0007&browser=Firefox&carrier=&cid=c5e0b234-a5ee-11ed-b32b-cb8ee4c6044b
18.158.88.249302 Found 0 B URL HTTP/2 trk.suprclicks.com/bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=a2c9f98a&cost=0.0007&browser=Firefox&carrier=&cid=c5e0b234-a5ee-11ed-b32b-cb8ee4c6044b
IP 18.158.88.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bc98edd7-1543-43f7-b2f0-6108fbb348b2?pid=a2c9f98a&cost=0.0007&browser=Firefox&carrier=&cid=c5e0b234-a5ee-11ed-b32b-cb8ee4c6044b HTTP/1.1
Host: trk.suprclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 06 Feb 2023 07:20:47 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w5hilkr28ujln7em2hhc2o3q
pragma: no-cache
set-cookie: bc98edd7-1543-43f7-b2f0-6108fbb348b2-v4=w4lJW4lsMwyEolacRsYR0pAciblIylVZGi7sLWc1rrk; Max-Age=86400; Expires=Tue, 07-Feb-2023 07:20:47 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=j%2BbbEU70e%2FgUyXlQx4YtD64PNz%2Fwozf0vc6tLn64%2Ffdyd6DJRBBC10vBr7Jk32HffmfYOeL3lWQ9aySVuBitqIctf048ZGaUpNg%2B%2BQIBPNCl51enYD1eDfx%2BXRCrWjDJp%2FtebC5KPCMKOXudAp6YOA%3D%3D; Max-Age=31536000; Expires=Tue, 06-Feb-2024 07:20:47 GMT; Domain=trk.suprclicks.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
farm8.staticflickr.com/7153/6469953681_55c8889c94.jpg
143.204.48.75301 Moved Permanently 167 B URL HTTP/1.1 farm8.staticflickr.com/7153/6469953681_55c8889c94.jpg
IP 143.204.48.75:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /7153/6469953681_55c8889c94.jpg HTTP/1.1
Host: farm8.staticflickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 06 Feb 2023 07:20:47 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://farm8.staticflickr.com/7153/6469953681_55c8889c94.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6til6NudWy8Igtkiqna7kDEzf7Jk7GEsiA1iKz34StrIRA3B4F0zZw==
farm3.static.flickr.com/2672/3885299098_361f94ffe0.jpg
143.204.48.75301 Moved Permanently 167 B URL HTTP/1.1 farm3.static.flickr.com/2672/3885299098_361f94ffe0.jpg
IP 143.204.48.75:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /2672/3885299098_361f94ffe0.jpg HTTP/1.1
Host: farm3.static.flickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 06 Feb 2023 07:20:47 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://farm3.static.flickr.com/2672/3885299098_361f94ffe0.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wg_2O204Rawq2Lp01fQDVvH9V4Zvimp_ly_Pckvo2wBjBRR5H1tkWw==
farm5.static.flickr.com/4102/4880086532_cf0d454a95.jpg
143.204.48.75301 Moved Permanently 167 B URL HTTP/1.1 farm5.static.flickr.com/4102/4880086532_cf0d454a95.jpg
IP 143.204.48.75:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /4102/4880086532_cf0d454a95.jpg HTTP/1.1
Host: farm5.static.flickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 06 Feb 2023 07:20:47 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://farm5.static.flickr.com/4102/4880086532_cf0d454a95.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ABYcEoo25SuZauINQhWzN__G3uHpFsrtkLtQhBB_Gd9O8A7UeIHllQ==
www.bibendum.com.au/images/P/CHAMPAGNE-01.jpg
23.227.38.74404 Not Found 26 kB URL HTTP/2 www.bibendum.com.au/images/P/CHAMPAGNE-01.jpg
IP 23.227.38.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2680)
Hash 95ecef4bf909c10af7471f7c5a586ba3
3360f3710f89039209e7db8d873bba9bcd3faf27
21956cc30905566563939bd84b9ce144590c757a65397a743fe0062b3d5b84cf
GET /images/P/CHAMPAGNE-01.jpg HTTP/1.1
Host: www.bibendum.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 07:20:46 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 237
x-sorting-hat-shopid: 62074683630
x-storefront-renderer-rendered: 1
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin, <//cdn.shopify.com/s/files/1/0620/7468/3630/t/45/assets/layout.theme.min.css?v=179565260474644052891662956459>; as="style"; rel="preload"
x-alternate-cache-key: cacheable:a87f02eb6cd662a19869e22e1aea5d71
x-cache: miss
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 62074683630
x-shardid: 237
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-europe-north1,gcp-europe-west1,gcp-europe-west1
x-request-id: ed75386c-b2d2-4e69-80a0-90ddcd2e6c1b
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
set-cookie: keep_alive=4c7bb9e9-07c6-4b1d-8252-afdc4e3cbbd7; path=/; expires=Mon, 06 Feb 2023 07:50:46 GMT; HttpOnly; SameSite=Lax
cart_currency=AUD; path=/; expires=Mon, 20 Feb 2023 07:20:46 GMT; SameSite=Lax
_y=153bba0a-0183-43b7-b929-a0abf68f9a32; Expires=Tue, 06-Feb-24 07:20:46 GMT; Domain=bibendum.com.au; Path=/; SameSite=Lax
_s=12a9a06f-1806-4724-b5dd-0f33ed1d7e34; Expires=Mon, 06-Feb-23 07:50:46 GMT; Domain=bibendum.com.au; Path=/; SameSite=Lax
_shopify_y=153bba0a-0183-43b7-b929-a0abf68f9a32; Expires=Tue, 06-Feb-24 07:20:46 GMT; Domain=bibendum.com.au; Path=/; SameSite=Lax
_shopify_s=12a9a06f-1806-4724-b5dd-0f33ed1d7e34; Expires=Mon, 06-Feb-23 07:50:46 GMT; Domain=bibendum.com.au; Path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLIUej7CIL8afSPHJ6KboiaIrvLys1FLeO91QybhPgm%2FKhxt5IcvyfgUSAQ%2B2NZ5AMCDOmiUzwOzh65cIC6KjJ8FCa6ty%2B%2BgGtv4j3aIuU%2BqbhFqvEa8QdQ1E8if%2FArKhyErrns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=400, db;dur=117, parse;dur=22, render;dur=253, asn;desc="50304", edge;desc="OSL", country;desc="NO", cfRequestDuration;dur=786.999941
server: cloudflare
cf-ray: 79522009fde2b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ohsobeautifulpaper.com/wp-content/uploads/2010/11/Rock-n-Roll-Music-Inspired-Wedding-Invitations-Purple.jpg
188.114.96.1200 OK 380 kB URL HTTP/2 ohsobeautifulpaper.com/wp-content/uploads/2010/11/Rock-n-Roll-Music-Inspired-Wedding-Invitations-Purple.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, manufacturer=NIKON CORPORATION, model=NIKON D40, orientation=upper-left, xresolution=162, yresolution=170, resolutionunit=2, software=Adobe Photoshop CS3 Macintosh, datetime=2010:10:27 16:04:55], baseline, precision 8, 1800x1197, components 3\012- data
Size 380 kB (379678 bytes)
Hash f6efb9b497ce975b1e9c57ac838947f5
6e95fb5d2334633228f9e177a4df8ba20a7f5aa1
4d739c6017bd920befd4a8c25e1003776db3903a8d0fcd3898f594eb8d6ea565
GET /wp-content/uploads/2010/11/Rock-n-Roll-Music-Inspired-Wedding-Invitations-Purple.jpg HTTP/1.1
Host: ohsobeautifulpaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:47 GMT
content-type: image/jpeg
content-length: 379678
last-modified: Tue, 27 Sep 2016 19:17:23 GMT
etag: "57eac5c3-5cb1e"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp%2FqG35IK9LNsLp8up%2B41YzOq2iHdeHPaWxrqLT1Fum%2FZk43g%2FlKqdPvGyTrNkx3GOuzZ6szHxSt0NB8EJAYCgCOYZwh23wXOOxb04b7tw%2FH9T4pstADCGR2Wr2GTWMLQjIIQc88kRyv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795220096f7fb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.weddinggirl.ca/blog/wp-content/uploads/2011/06/Le-Jardin-Toronto-Pink-White-wedding-DJ-Emporium-Pink-LED-wall-washing-uplighting-reception-lightning-2.jpg
70.32.23.65301 Moved Permanently 0 B URL HTTP/1.1 www.weddinggirl.ca/blog/wp-content/uploads/2011/06/Le-Jardin-Toronto-Pink-White-wedding-DJ-Emporium-Pink-LED-wall-washing-uplighting-reception-lightning-2.jpg
IP 70.32.23.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /blog/wp-content/uploads/2011/06/Le-Jardin-Toronto-Pink-White-wedding-DJ-Emporium-Pink-LED-wall-washing-uplighting-reception-lightning-2.jpg HTTP/1.1
Host: www.weddinggirl.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 07:20:46 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Mon, 06 Feb 2023 08:20:47 GMT
Cache-Control: max-age=3600
X-Redirect-By: redirection
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: /
Content-Length: 0
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
sidewayssidle2112.blogspot.com/favicon.ico
142.250.74.1200 OK 412 B URL HTTP/1.1 sidewayssidle2112.blogspot.com/favicon.ico
IP 142.250.74.1:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: sidewayssidle2112.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/2011
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Mon, 06 Feb 2023 07:20:47 GMT
Date: Mon, 06 Feb 2023 07:20:47 GMT
Cache-Control: private, max-age=86400
Last-Modified: Fri, 11 Nov 2022 08:03:08 GMT
ETag: W/"f2a0ae4a988c0456058f9604498a2bb7f5020964384d180f9c01654e84e9503e"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8d4457a2881b0685b7a9990865eeab49
240d7f0ce0f35e48891f070e1f6216c00036c7c0
3f70c8b6021184962b01dea2d0336b13f680de0b1d24e0d07b0aff2fe20d473e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=156479
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:47 GMT
Etag: "63e06a8e-117"
Expires: Wed, 08 Feb 2023 02:48:46 GMT
Last-Modified: Mon, 06 Feb 2023 02:48:46 GMT
Server: nginx
Content-Length: 279
26.media.tumblr.com/tumblr_lth91mdHAo1qcpptho1_500.jpg
74.114.154.18301 Moved Permanently 166 B URL HTTP/1.1 26.media.tumblr.com/tumblr_lth91mdHAo1qcpptho1_500.jpg
IP 74.114.154.18:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /tumblr_lth91mdHAo1qcpptho1_500.jpg HTTP/1.1
Host: 26.media.tumblr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Mon, 06 Feb 2023 07:20:47 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://64.media.tumblr.com/tumblr_lth91mdHAo1qcpptho1_500.jpg
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 830903b7af220f39f103dfc48974013b
4e7759cc6a86ad95c5b37c3236fd777c0f65a603
96adfbe85634c749d46724b3e53d3b5f3454a0d9be9053fb7eec9f9b926d6462
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1270
Cache-Control: max-age=97657
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:47 GMT
Etag: "63df7fd2-117"
Expires: Tue, 07 Feb 2023 10:28:25 GMT
Last-Modified: Sun, 05 Feb 2023 10:07:14 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
www.weddinggirl.ca/
70.32.23.65301 Moved Permanently 0 B IP 70.32.23.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.weddinggirl.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 07:20:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Mon, 06 Feb 2023 08:20:47 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://www.weddinggirl.ca/
Content-Length: 0
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
104.18.21.91200 OK 16 kB URL HTTP/2 rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
IP 104.18.21.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8400)
Hash e5f8134f7ca6c31eac0ae52458da3932
ee1d8af118a5078a28906a262f7fc72e6addc077
43495ae3370c648f526d30acc153779aa05feef2cb478ae95c88eb3378a7c899
GET /no/casino/kampanjer/casino/welcome-bonus/18644 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
set-cookie: PHPSESSID=og8atpb8ip0gtvdamjtqd4aq2q; path=/; secure; HttpOnly
Referer=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F; expires=Wed, 08-Mar-2023 07:20:48 GMT; Max-Age=2592001; path=/; secure; httponly
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7952201359b50b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
104.18.21.91200 OK 125 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 125 kB (125078 bytes)
Hash 72f2e83e609637b33061f935cea88b62
bc74db10f461af183eeae38ff48ebfb4ea4a0f87
09cad8ab2b9365e3412d2877a35b31167b68bf8a2f28ab33fd3218661cd581a6
GET /no/wp-content/uploads/sites/5/2020/10/2020-10-29-LIVE-CASINO-BLOG-POST-Craps-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 125078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=128279, status=webp_bigger
etag: "5f855e98-1f517"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Tue, 13 Oct 2020 08:00:24 GMT
cf-cache-status: HIT
age: 3159193
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220148a920b59-OSL
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-no-tm.svg
104.18.21.91200 OK 94 kB URL HTTP/2 rizk.com/assets/img/rizk-logo-no-tm.svg
IP 104.18.21.91:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1498)
Hash ba59e9f644cecc2b6fe86bbbb159f608
ca399313927f387cbe4625d8b969b6a9d6e38f8c
3603eea3ebc4a0794fd0c226f12b84c77f3a1d532e4b94754c0374acb0c52bd2
GET /assets/img/rizk-logo-no-tm.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 10:35:50 GMT
etag: W/"63b6a806-5db"
expires: Mon, 13 Mar 2023 03:43:36 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 378270
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220144a530b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
104.18.21.91200 OK 130 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1031x580, components 3\012- data
Size 130 kB (130425 bytes)
Hash 794572b9bff04e9c10cd69d8edbd3355
c9dbef9c4e0eabb549c756b63f711c866ba08995
230a06f7ebfa76f4c7b52f4ec0e3e42dacf8ae62362b632f4d88c4715f22f8cc
GET /no/wp-content/uploads/sites/5/2018/06/06-05-2019-Casino-Rizk-Norway-Welcome-Offer-Changes-2019-Insider-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 130425
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=138146, status=webp_bigger
etag: "5ce50804-21ba2"
expires: Sat, 18 Feb 2023 20:35:22 GMT
last-modified: Wed, 22 May 2019 08:27:48 GMT
cf-cache-status: HIT
age: 3159152
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220148a8e0b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
104.18.21.91200 OK 211 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1031x580, components 3\012- data
Size 211 kB (210675 bytes)
Hash 0275594aa0da61a963b34c14cba7cda2
90ba5e1fc41183812108f7cdee35057e7d8d73ff
9a3c6eaedf96f97bf55bec6950624f26e9e07d49158f24f3e221a400f60ac8db
GET /no/wp-content/uploads/sites/5/2020/06/2020-06-10-LIVE-CASINO-BLOG-POST-CRAZY-TIME-Insider-1-1031x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 210675
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=219775, status=webp_bigger
etag: "5ee086d3-35a7f"
expires: Mon, 13 Mar 2023 13:06:43 GMT
last-modified: Wed, 10 Jun 2020 07:08:03 GMT
cf-cache-status: HIT
age: 1563190
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220148a940b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
104.18.21.91200 OK 224 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 224 kB (223961 bytes)
Hash 06de96686a021bd5896038a67d8aa373
b6b2e5765cf5696bcd397e1b30fdc195011a40ba
684097549048af5e181aa8d430f60828a9dfb9067444dfa038a5555f1a1e991f
GET /no/wp-content/uploads/sites/5/2018/05/Insider-1080x450.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 223961
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=233162, status=webp_bigger
etag: "5aeaee7e-38eca"
expires: Mon, 27 Feb 2023 05:37:28 GMT
last-modified: Thu, 03 May 2018 11:11:58 GMT
cf-cache-status: HIT
age: 1724038
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220148a990b59-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9fcb4e4ec5e9da8220ef4140716292b7
1dbae68951363707110e992ebdcc1001a7763c6d
afbe48e22d880a5d21f03a60b069b7ea3711deee95211f5b6a2de61a0e8ed5f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6387
Cache-Control: max-age=89098
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:48 GMT
Etag: "63df4a67-118"
Expires: Tue, 07 Feb 2023 08:05:46 GMT
Last-Modified: Sun, 05 Feb 2023 06:19:19 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
104.18.21.91200 OK 3.2 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d40515720b33d1eb7e5bae188a21575
d1503716353b57bb6d1e1ed256021b76e120b439
a33e4475fd94d712ffe38ffc48833281324421808415b90f004ae138a85745b4
GET /no/wp-content/uploads/sites/5/2016/01/insider_power_bar.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/webp
content-length: 3190
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=10475
content-disposition: inline; filename="insider_power_bar.webp"
etag: "568c79c7-28eb"
expires: Mon, 27 Feb 2023 05:37:30 GMT
last-modified: Wed, 06 Jan 2016 02:19:51 GMT
vary: Accept
cf-cache-status: HIT
age: 3072999
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014dad60b59-OSL
X-Firefox-Spdy: h2
farm3.static.flickr.com/2672/3885299098_361f94ffe0.jpg
143.204.48.75200 OK 277 kB URL HTTP/2 farm3.static.flickr.com/2672/3885299098_361f94ffe0.jpg
IP 143.204.48.75:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 335x500, components 3\012- data
Size 277 kB (276670 bytes)
Hash ee38af9bcb954b8ac1a7173ff0d20802
2964515afbf8507474e88a5ded0c9141370dc7d5
49e14fcdd919ee96b747e3ee893e4c143c0368d61338ec0ed1f0a5bf343acdde
GET /2672/3885299098_361f94ffe0.jpg HTTP/1.1
Host: farm3.static.flickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
date: Mon, 06 Feb 2023 07:20:47 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 07:20:48 GMT
imagewidth: 335
imageheight: 500
last-modified: Thu, 25 Apr 2019 02:27:21 GMT
etag: "4f2a48822267a6ec95a0c411b99eae2e.1"
streaming: false
origintype: X
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Dare (#4 of 5)
x-request-id: e62b84a2
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=77f4af62, e=b1cfc1fdb4a90fbd7ed7449176940c7c057c6af1
x-ttfb: 0.1907
x-ttdb-l: 34800
mib: 2
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WuTBfSfoPlolvUkpThLEvXr748aenwS_4TLf2jFe1IgJQ2_BlAZ0wA==
X-Firefox-Spdy: h2
record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w5hilkr28ujln7em2hhc2o3q
104.18.190.136301 Moved Permanently 279 kB URL HTTP/2 record.rizk.com/_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w5hilkr28ujln7em2hhc2o3q
IP 104.18.190.136:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 279 kB (278858 bytes)
Hash e9e7535c065a438e4407b2d809511c54
c2c73ee585d77fa4e7e98072073c82e6a3a8199e
f5d32d6e179b67997a72382818a95893217a5d8414679cac7e57f5976c568691
GET /_U3s_hG6hFM9IXyBFOGojY2Nd7ZgqdRLk/2/?payload=w5hilkr28ujln7em2hhc2o3q HTTP/1.1
Host: record.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 06 Feb 2023 07:20:47 GMT
content-type: text/html; charset=utf-8
location: https://rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KiwzQFEtI2BQLVMkWC1AYGAKYAo%3D; expires=Tue, 06-Feb-2024 07:20:47 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk; expires=Tue, 06-Feb-2024 07:20:47 GMT; Max-Age=31536000; path=/; domain=.rizk.com; secure; HttpOnly; SameSite=None
PartnerId=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk; expires=Wed, 08-Mar-2023 07:20:47 GMT; Max-Age=2592000; path=/; SameSite=Lax
marketingproduct=Casino; expires=Wed, 08-Mar-2023 07:20:47 GMT; Max-Age=2592000; path=/; domain=.rizk.com; SameSite=Lax
vary: Accept-Encoding
server: cloudflare
cf-ray: 79522011fe23b521-OSL
X-Firefox-Spdy: h2
farm8.staticflickr.com/7153/6469953681_55c8889c94.jpg
143.204.48.75200 OK 162 kB URL HTTP/2 farm8.staticflickr.com/7153/6469953681_55c8889c94.jpg
IP 143.204.48.75:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 333x500, components 3\012- data
Size 162 kB (162068 bytes)
Hash 1465d71f533dacc83096bcfe85e71be1
2be864d09c387df5f01dfbb0a81e039bfa3edbba
c0e82dd671bb34bc685d848ac60a5f8df8508f950fe5c84a0fde3ab749c240f7
GET /7153/6469953681_55c8889c94.jpg HTTP/1.1
Host: farm8.staticflickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
date: Mon, 06 Feb 2023 07:20:47 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 07:20:48 GMT
imagewidth: 333
imageheight: 500
last-modified: Sat, 09 Mar 2019 04:42:00 GMT
etag: "8f1ac4b4cf24f22da40dfa7e233e6097.1"
streaming: false
origintype: X
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Dare (#4 of 5)
x-request-id: 2c894311
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=4cf206a9, e=b1cfc1fdb4a90fbd7ed7449176940c7c057c6af1
x-ttfb: 0.2488
x-ttdb-l: 85656
mib: 2
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kKJ0pzdlKqYZrVCTUTw-6DL-liEiCXcp2j9aLqZ3XIJjS8oCzGghiQ==
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
104.18.21.91200 OK 174 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 174 kB (174360 bytes)
Hash 723b5a7e7cec506c95f571606f1b6de2
3444eeb2f4b3fea6d959b6a3eea42ee8e783862f
ecbfd5956d791f388ac85fe3411f9cb3ef982bbb3d4b1ad305928b194fc55ece
GET /no/wp-content/uploads/sites/5/2016/08/rizk_progressive_jackpot_no.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/webp
content-length: 174360
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=384172
content-disposition: inline; filename="rizk_progressive_jackpot_no.webp"
etag: "579ef777-5dcac"
expires: Sat, 31 Dec 2022 16:27:47 GMT
last-modified: Mon, 01 Aug 2016 07:17:11 GMT
vary: Accept
cf-cache-status: HIT
age: 4535618
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014cad00b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
104.18.21.91200 OK 163 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 163 kB (163416 bytes)
Hash fd99cab71c6ba9ffe54779befae48d7c
1c84255a3770befc78081b4ed050a29061517bb8
c950567cfa088b0934dc2462b23334ba5be74a3c75a388b7d03c6262c831a6b7
GET /no/wp-content/uploads/sites/5/2016/07/rizk_captains_cashback_insider.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/webp
content-length: 163416
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=411655
content-disposition: inline; filename="rizk_captains_cashback_insider.webp"
etag: "578ddbe4-64807"
expires: Tue, 21 Mar 2023 16:13:53 GMT
last-modified: Tue, 19 Jul 2016 07:51:00 GMT
vary: Accept
cf-cache-status: HIT
age: 237748
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014dad50b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
104.18.21.91200 OK 104 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 104 kB (104549 bytes)
Hash 034cc3ec5138ace96420bf5f92da763a
9a6a6cd46ed8c2855eced3a29bac948a96197d8c
4326a495eaf2973adf16b37976efe685ba6818c07f0e041b12a9ed2f81a7a687
GET /no/wp-content/uploads/sites/5/2022/06/ZEP-2165-Live-Casino-Welcome-Offer-Change_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 104549
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=110109, status=webp_bigger
etag: "62b46fa1-1ae1d"
expires: Mon, 13 Feb 2023 21:05:53 GMT
last-modified: Thu, 23 Jun 2022 13:50:25 GMT
cf-cache-status: HIT
age: 4122790
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014dadf0b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg
104.18.21.91200 OK 88 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Hash 7ad5073d85b44689d4dcee7727ea1068
220eb3a3343a292350c9bbb38b400a935e789e01
c225333d3bc84993b30bc4904d292d68480055851b826222ae69cbbf14fb6dec
GET /no/wp-content/uploads/sites/5/2022/01/ZG-3665-CASINO-Spin-Mania-Level-up-Get-FS-Promo-CA-1-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 88280
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=90386, status=webp_bigger
etag: "61db0b02-16112"
expires: Tue, 04 Apr 2023 15:45:31 GMT
last-modified: Sun, 09 Jan 2022 16:19:14 GMT
cf-cache-status: HIT
age: 228917
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014eae70b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
104.18.21.91200 OK 117 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 117 kB (116891 bytes)
Hash 57d4e12acdf47787731bc06c9fd6112e
1cc607aba15378b7709324e209159b2057ae2066
530c063437bc59d01e044f2cbbd0ccf9e3ae47598818e1be7b8affa1cfa03577
GET /no/wp-content/uploads/sites/5/2022/09/ZEP-5996-New-Payment-Method-Norway_Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 116891
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=118194, status=webp_bigger
etag: "6318b35c-1cdb2"
expires: Mon, 20 Feb 2023 20:17:59 GMT
last-modified: Wed, 07 Sep 2022 15:06:04 GMT
cf-cache-status: HIT
age: 1593038
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014eae80b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
104.18.21.91200 OK 105 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 105 kB (104910 bytes)
Hash 68ef88c9f828a10d55a04133fe5658f3
1aac5886a146873fb39bacf53f76fd55c448bcae
8493ade7db211441aa7cee1689b27b1e5c084ec1a22898ce0443229d186d60e3
GET /no/wp-content/uploads/sites/5/2016/01/rizk_insider_purge.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 104910
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=109099, status=webp_bigger
etag: "56a8a1f4-1aa2b"
expires: Mon, 13 Feb 2023 21:05:54 GMT
last-modified: Wed, 27 Jan 2016 10:54:44 GMT
cf-cache-status: HIT
age: 1724035
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014faf50b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
104.18.21.91200 OK 236 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 236 kB (236534 bytes)
Hash fe1f908a1ea3ad74d7580a4bb10732cc
e563c2ad2593b1fd0ab914c6c06686efc9bd4a72
16e4a3f6178cbac41c7010999daf2c62184fa06a7c02605cdaa75ea6cbfd74f0
GET /no/wp-content/uploads/sites/5/2017/10/Insider-1080x450-3.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 236534
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=247916, status=webp_bigger
etag: "59e9e8f9-3c86c"
expires: Mon, 27 Feb 2023 05:37:29 GMT
last-modified: Fri, 20 Oct 2017 12:15:53 GMT
cf-cache-status: HIT
age: 3159193
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220149a9f0b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg
104.18.21.91200 OK 178 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 178 kB (178130 bytes)
Hash ea632bbffee05d4ab2c11c1bd0cf156c
1b9b16716f21ed62d448bb5fabdcfe6870510654
8df9b085cc67bb8a10e9de2a1c2cc2dcee36f2c6539a4b2a0b401de9160c7f04
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2203-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 178130
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=186454, status=webp_bigger
etag: "63cead1e-2d856"
expires: Sat, 25 Mar 2023 15:27:38 GMT
last-modified: Mon, 23 Jan 2023 15:51:58 GMT
cf-cache-status: HIT
age: 1093990
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014dae00b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
104.18.21.91200 OK 200 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Size 200 kB (199509 bytes)
Hash b57e8271b267921cf7faa4db4d13c313
2f72cbdc71ad2376390a369a7459c2af19cdd3ab
1a2a86f45d3128fcc9b11912f20bf92ce49b2c502dfa996e2133120360678090
GET /no/wp-content/uploads/sites/5/2016/05/rizk_spin_exchange_email.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 199509
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=209043, status=webp_bigger
etag: "5742ff10-33093"
expires: Mon, 13 Mar 2023 04:37:11 GMT
last-modified: Mon, 23 May 2016 13:01:04 GMT
cf-cache-status: HIT
age: 1724035
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014dad10b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
104.18.21.91200 OK 194 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 194 kB (194157 bytes)
Hash 1cca37417fe863df82c0319381e01e1f
f8b0a8aab239568c0db450be1d6d7b445529e436
694d7c5a7ba696111b5c0db984c9f9121b97c2a1a4f37520bcd6a597252dacd7
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1482-RZ-PRAGMATIC-DROPSWINS-Promo-NO-1-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 194157
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=203250, status=webp_bigger
etag: "6202912a-319f2"
expires: Thu, 16 Feb 2023 17:29:48 GMT
last-modified: Tue, 08 Feb 2022 15:50:02 GMT
cf-cache-status: HIT
age: 3159200
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014faf30b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
104.18.21.91200 OK 150 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 150 kB (149799 bytes)
Hash 9ebb7e0f0f489d3d8a3745f8febb5b15
ea1c8f36a0edf023eb6d39817b7df092f9f54763
dd1b3a8795857591e492cd5510da49c929e3e0e3ae5168b391a00628867f7cff
GET /no/wp-content/uploads/sites/5/2022/02/ZEP-1444-Pragmatic-Drops-Wins-Live-Casino-_Promo-CA-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 149799
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=155887, status=webp_bigger
etag: "620227ed-260ef"
expires: Sat, 18 Feb 2023 20:35:22 GMT
last-modified: Tue, 08 Feb 2022 08:21:01 GMT
cf-cache-status: HIT
age: 1724035
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014eae90b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
104.18.21.91200 OK 202 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg
IP 104.18.21.91:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1030x580, components 3\012- data
Size 202 kB (201797 bytes)
Hash 6b236304b4d875c745e572e9fbda254e
c584e908e55b7caa2135ebf25022804e7d1ef0db
e9dbf688fabc7b3452affa6d60690e2ac75536299300fbf5cdd5944e55bf16cb
GET /no/wp-content/uploads/sites/5/2023/01/ZC-2338-Promo-NO-1030x580.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 201797
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=211099, status=webp_bigger
etag: "63c80b0e-3389b"
expires: Fri, 24 Mar 2023 09:03:35 GMT
last-modified: Wed, 18 Jan 2023 15:06:54 GMT
cf-cache-status: HIT
age: 1203433
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522014dae10b59-OSL
X-Firefox-Spdy: h2
rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
104.18.21.91301 Moved Permanently 80 kB URL HTTP/2 rizk.com/no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784
IP 104.18.21.91:0
Hash 7823573cfbe78b11613a7f035388538a
421bff31a93174ff9fe88d8d5d6b979f928f0d6e
27eb7544015b3febdb39e7abc2f8d0b3b656ca7cf52713dbf4bb29b00807dc2f
GET /no/casino/kampanjer/rizk-velkomstbonus/5682?affcode=noiahrzkno&btag=a_10689784b_c_ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk-bm9pYWhyemtubw==&utm_medium=MA_Affiliates&utm_source=10689784 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 06 Feb 2023 07:20:47 GMT
content-type: text/html; charset=UTF-8
location: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
x-powered-by: PHP/7.1.33
set-cookie: PHPSESSID=4bc41e07raoa3gf9mu7udgne3m; path=/; secure; HttpOnly
btag=a_10689784b_c_ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk-bm9pYWhyemtubw%3D%3D; expires=Mon, 20-Feb-2023 07:20:47 GMT; Max-Age=1209600; path=/; secure
Referer=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F; expires=Wed, 08-Mar-2023 07:20:47 GMT; Max-Age=2592000; path=/; secure; httponly
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522012e94f0b59-OSL
X-Firefox-Spdy: h2
insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
104.18.21.91200 OK 99 kB URL HTTP/2 insider.rizk.com/no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg
IP 104.18.21.91:0
File type JPEG image data, progressive, precision 8, 1080x450, components 3\012- data
Hash fc9c3d854084e790e9ceba940b916906
bbe5ab038437a76672dc65c87fcfd4d4a8f1033d
fe129e245e6ef9f8258b84ce83141faa532e5a2e81ed96065aaf7dbdfeee2db9
GET /no/wp-content/uploads/sites/5/2015/12/rizk_captains_blog.jpg HTTP/1.1
Host: insider.rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/jpeg
content-length: 99225
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=103824, status=webp_bigger
etag: "56795660-19590"
expires: Fri, 03 Mar 2023 11:43:20 GMT
last-modified: Tue, 22 Dec 2015 13:55:44 GMT
cf-cache-status: HIT
age: 367809
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522016bc670b59-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.16.148.64200 OK 8.4 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (25592)
Hash e248bb3ed9070ee48f0b5bc674e6a49d
46a6ac373399405df390e910c580cf850dce9886
74fd866eaf62b63cec2b85eadf2245e9302107f4c8fabc25f9c3e5cd49f40a6b
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/javascript
content-length: 8384
content-encoding: gzip
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
last-modified: Thu, 02 Feb 2023 13:33:36 GMT
etag: 0x8DB05221689032C
x-ms-request-id: 3a8b6a68-201e-0101-2064-379f4e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 45735
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79522016cccdb4fa-OSL
X-Firefox-Spdy: h2
use.typekit.net/jdw0csx.js
23.36.76.122200 OK 7.2 kB URL HTTP/2 use.typekit.net/jdw0csx.js
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6501)
Hash 28429e05f83935c1fb93424ad783e8bb
36b7dd84e6948af59b101520baf8bf2838f6eb3c
6751313549b4090109dfebcaaf8c6512e50fb67c49bafb7542e7e5ebd752e75b
GET /jdw0csx.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7248
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32025)
Hash 38a76bd9db7bcd61655d35a37046ad1d
b8aef4bba84d71000810736dd76f643a872ee15c
d4e1d1ccb31338384004beeef249ac102cbd298136b26dfe158ecb7bf4f62937
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 26646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1499c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1513263
expires: Sat, 27 Jan 2024 07:20:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1Kjo49mC%2F1bjbWDnqfPOhSo3hvlkXvvJjK7tvC%2BwzHStfaAOGqavwD%2FNJIFeEpcQI95TFm5gK3m%2BFUmempy5yb3oS5UqbfLawlywU8svxjTbuMQ5YeUcYCw%2ByFV5cSPjw8QsCwB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79522017483cb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json
104.16.148.64200 OK 3.2 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11675), with no line terminators
Hash 3b79a686818167922dfc6b001661b55a
94ea66c1b67195bb514427755595d985ad7319e8
985adf2ba0d8757e25ee00eb414c5809e7a3b8e1a802524f0ec182f245712c8c
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/3c8f4585-e221-4b13-9563-e2283f98b4ed.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/x-javascript
content-length: 3159
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: O3mmhoGBZ5It/GsAFmG1Wg==
last-modified: Thu, 11 Aug 2022 10:39:48 GMT
etag: 0x8DA7B85D034938C
x-ms-request-id: 0a85c945-401e-0138-387c-addfea000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 31191
expires: Tue, 07 Feb 2023 07:20:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79522017895c0b39-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5828
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:48 GMT
Last-Modified: Mon, 06 Feb 2023 05:43:40 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
rizk.com/assets/img/footer/ecogra.png
104.18.21.91200 OK 28 kB URL HTTP/2 rizk.com/assets/img/footer/ecogra.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 30ffda9881d8c1c2ccb46ff7b2ea50af
e19a29ba3abddb9beff5b09ef264ca81e9b41290
a972cf53714ef5e43e6bda7b67348f3680f9d3810841ac63a061a91ae2430b8d
GET /assets/img/footer/ecogra.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675668047
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/webp
content-length: 27890
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=80752
content-disposition: inline; filename="ecogra.webp"
etag: "63bfd1ff-13b70"
expires: Mon, 13 Mar 2023 17:26:51 GMT
last-modified: Thu, 12 Jan 2023 09:25:19 GMT
vary: Accept
cf-cache-status: HIT
age: 2123220
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522017fd410b59-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.122200 OK 16 kB URL HTTP/2 use.typekit.net/af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16488, version 1.0\012- data
Hash 77ee853d54976f653eae7f9bf3756b81
14479919cb6c4795e9681b0116d9b45878e59a27
a3824d6f1e6f3aaa29342418aa60106500897804becaa0305d29e6328c4fe999
GET /af/65a1f5/000000000000000000014689/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16488
etag: "4d3b0c26b9e19a72e0c7ed499882c33f6eb1f980"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: sOQQtBZBGW4grpdJZkhuDA==, MvskAWoTx95/w9xlk4ja1w==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/locale-flags-small.png
104.18.21.91200 OK 6.9 kB URL HTTP/2 rizk.com/assets/img/flags/locale-flags-small.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cbf69efd1161ae68af7c62a9ed5aedda
e52470c459f19223c367a6b8f0139b6869babb97
027c3e30e700f7cadb699b50f16e55638f0c5b8e80a6bcd47b4f44924d808868
GET /assets/img/flags/locale-flags-small.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675668047
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/webp
content-length: 6942
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=16785
content-disposition: inline; filename="locale-flags-small.webp"
etag: "63dd1634-4191"
expires: Tue, 04 Apr 2023 21:28:40 GMT
last-modified: Fri, 03 Feb 2023 14:12:04 GMT
vary: Accept
cf-cache-status: HIT
age: 53127
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522017fd3b0b59-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.122200 OK 24 kB URL HTTP/2 use.typekit.net/af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23908, version 1.0\012- data
Hash 081509e2766b8e53d3e9629517a5094c
81b9e67814e563e491f3b7ca83129910191d7429
e5212f6b941b7ec75f72829b00476a94f76ad97bd3cbd41000fafff883d93922
GET /af/0d8f4c/00000000000000003b9b3882/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23908
etag: "f071080bfe4e46008015da21150516f906ef2d5b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
rizk.com/assets/css/base.css?1675668047
104.18.21.91200 OK 131 kB URL HTTP/2 rizk.com/assets/css/base.css?1675668047
IP 104.18.21.91:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 131 kB (131338 bytes)
Hash b62a7d8a365324282b952d13c8179c8b
ca365eeec4ace3395dce47781ecc8aed2d106ca6
b31c85058df0137668d25ef6fde7f2664f505ec4b24c8bfbfb608f471746a53a
GET /assets/css/base.css?1675668047 HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: text/css
last-modified: Fri, 03 Feb 2023 14:12:04 GMT
etag: W/"63dd1634-51daa"
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220144a4c0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.122200 OK 28 kB URL HTTP/2 use.typekit.net/af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 28236, version 1.0\012- data
Hash 4b65d6cda48fa321ba802818f81ba7e5
fe1c677b815b4cb9eeb861916acc1c7155aa5760
5ba8e72d5af3c0cc39c4e804d2ed9478399ff2af3697707c30bd929613c2c2b5
GET /af/0618db/00000000000000003b9b3883/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28236
etag: "0e16f9f570445a3af398ac3254132299060fa940"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/Hjelpelinjen.png
104.18.21.91200 OK 26 kB URL HTTP/2 rizk.com/assets/img/footer/Hjelpelinjen.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2600acad4fa18b407caa42d12eceef0f
809b9de6ef5c469787ca4a199f737ec0e8d73db5
b5e78ae78e39f47d3acae58ce941aa17ec4620957654948039793460256d03f2
GET /assets/img/footer/Hjelpelinjen.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675668047
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/webp
content-length: 25908
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=61976
content-disposition: inline; filename="Hjelpelinjen.webp"
etag: "63d27455-f218"
expires: Wed, 29 Mar 2023 07:10:58 GMT
last-modified: Thu, 26 Jan 2023 12:38:45 GMT
vary: Accept
cf-cache-status: HIT
age: 565393
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522017fd400b59-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 26936, version 1.0\012- data
Hash f12d00a94108d5711ea7d06f09e5c68d
ea0d3da174d13daa20a5a874dd9e2f505a407f9e
cc2543e733021a267b439eb74704905ef328ce55a7ca95aed93e7193b930fe01
GET /af/b67c91/00000000000000003b9b387d/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26936
etag: "fe7fdcb6d53c12b4d0552a6bc637b554f3517dd0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: 8gqwq4IzJl07NBWNV5EMWA==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
farm5.static.flickr.com/4102/4880086532_cf0d454a95.jpg
143.204.48.75200 OK 87 kB URL HTTP/2 farm5.static.flickr.com/4102/4880086532_cf0d454a95.jpg
IP 143.204.48.75:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 333x499, components 3\012- data
Hash de55b9c8f9b3be2e701211269b490ac2
296cd742ac382da9f439aded4e94775fa25a402a
996047b03decffcf3951494d061689746d761ddb839cb793f2a1d64cbb02303f
GET /4102/4880086532_cf0d454a95.jpg HTTP/1.1
Host: farm5.static.flickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
date: Mon, 06 Feb 2023 07:20:47 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 07:20:48 GMT
imagewidth: 333
imageheight: 500
last-modified: Mon, 04 Mar 2019 01:25:44 GMT
etag: "8df36a4436a86cb4835dd37ebb173e6d.1"
streaming: false
origintype: X
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Thrill Our Customers (#2 of 5)
x-request-id: f684f608
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=4cf206a9, e=b1cfc1fdb4a90fbd7ed7449176940c7c057c6af1
x-ttfb: 0.1628
x-ttdb-l: 59544
mib: 2
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pIXlFKl4fw0ETrxV3oDoZO-RHii1aCU39i1qZsfN4n7_kS-GayU8uw==
X-Firefox-Spdy: h2
rizk.com/assets/img/flags/flag-is.png
104.18.21.91200 OK 142 B URL HTTP/2 rizk.com/assets/img/flags/flag-is.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6d73273e182c35e4f0afd10e5409b46e
0d5a7ec0c80536576e3cfb14092dc96804771aef
d972ebf138951eb06a75652b04a37d1e00e588a620b215af0073ee258b360f8b
GET /assets/img/flags/flag-is.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675668047
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/webp
content-length: 142
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=776
content-disposition: inline; filename="flag-is.webp"
etag: "63b6a805-308"
expires: Tue, 07 Mar 2023 21:06:33 GMT
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
vary: Accept
cf-cache-status: HIT
age: 2301063
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522017fd3d0b59-OSL
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
54.230.111.16200 OK 80 kB URL HTTP/2 www.clickcease.com/monitor/stat.js
IP 54.230.111.16:0
Hash e4d9b24a7f45e75ccf4cbd1e1e035d9e
af2527bc16f147e6ab121e0cc1ed8f393ef8a65a
67a08b6157c477b2765ebc0982d4235549cfe5fb556c95a7c9a2dbf31eb60a75
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
server: AmazonS3
content-encoding: gzip
date: Mon, 06 Feb 2023 07:20:48 GMT
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9sxoVPZfV4iVLHljCCNaO9qfs6RTkLpQQcQXEt3wbzbxxLBeLRPPIQ==
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: microphone 'none'; camera 'none';
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logos3.png
104.18.21.91200 OK 30 kB URL HTTP/2 rizk.com/assets/img/footer/footer-logos3.png
IP 104.18.21.91:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 91f88b0da0473fbd507dcd1a759533af
36133c385d1c171958c5a5fc60ef1f5d12237e30
b75061abacce30de1bddabb464f7ca044dba230382cd1323f59079c8d0cdc260
GET /assets/img/footer/footer-logos3.png HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675668047
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/webp
content-length: 30078
cache-control: max-age=5184000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=63052
content-disposition: inline; filename="footer-logos3.webp"
etag: "639b02c9-f64c"
expires: Mon, 13 Feb 2023 19:41:30 GMT
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
vary: Accept
cf-cache-status: HIT
age: 4283339
accept-ranges: bytes
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522017fd460b59-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
23.36.76.122200 OK 24 kB URL HTTP/2 use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 23872, version 1.0\012- data
Hash a27b9659dc0abd423cf8ef68b3b5f090
c6e53b9fa38a64f79de589330ada752e508e1d79
8856e4523739253fa932474ea1297a4bde5154aba949eb0bf526e33a416f80ef
GET /af/7557c8/00000000000000003b9b3878/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n2&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 23872
etag: "3e9f0bc1bba61dac43bde99f04314859477ffd8d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
23.36.76.122200 OK 24 kB URL HTTP/2 use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 24416, version 1.0\012- data
Hash 942518d5490873c5b04873d49668920d
567714dda462382b7f8744a2ef5fed11e095ff8d
1e7e73097a1cb1eb21133807422bbecd3f09a91d8f3fc4e6dbe9a654496b64ea
GET /af/403911/00000000000000003b9b3880/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 24416
etag: "362038376e4edfd49eadab55e78eb8c8fad75576"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27328, version 1.0\012- data
Hash fe70ae94ddc6f65b13db6a45e89352ae
8d413902aaba44dd5ce275bd78ad959e8de5ece1
007a6041b879f4840186d37bf62cb24354dc0257b1ce663d315c8778e9746fc4
GET /af/28537c/00000000000000003b9b3881/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27328
etag: "1f5ee00caffae153bc4e97ee7fc744982328dae1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.122200 OK 120 kB URL HTTP/2 use.typekit.net/af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 119904, version 1.0\012- data
Size 120 kB (119904 bytes)
Hash 28a88f4e70f45eb49c96d18da7f44869
3c707b6df2c0d8fdb324bb1883e1890a38644622
a998f1a4c9e921275caf71058390cf6cc33268c25c12ce3d9ccab137bb67f591
GET /af/ea8d85/0000000000000000000151d1/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 119904
etag: "9cf7b880c940e69005d99d254f5c957320db9920"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: MvskAWoTx95/w9xlk4ja1w==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
rizk.com/assets/fonts/rizk-icons-font.ttf
104.18.21.91200 OK 7.3 kB URL HTTP/2 rizk.com/assets/fonts/rizk-icons-font.ttf
IP 104.18.21.91:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash e430bba6922f67c139ea3cc3da148146
1403eafe8c68c8822be1253dda00fe96c368d628
0b0beeeb28012258a5016cb95f982a34d443ecd1fae612d579ea5a37d2f085ad
GET /assets/fonts/rizk-icons-font.ttf HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675668047
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/octet-stream
content-length: 7264
last-modified: Thu, 05 Jan 2023 10:35:48 GMT
etag: "63b6a804-1c60"
expires: Mon, 13 Mar 2023 04:01:09 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 377884
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220186d900b59-OSL
X-Firefox-Spdy: h2
use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.122200 OK 121 kB URL HTTP/2 use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 121276, version 1.0\012- data
Size 121 kB (121276 bytes)
Hash 93a15a2450f801f4a3fe29b883366d36
3b1b4a1e3b64de56da974d3b2d40c1072d33d746
980203ee1e65591546aa6e163eea6f6e0bffdf15a4a8c442ac5ea6b4bbdd1be5
GET /af/1286c7/0000000000000000000151d6/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 121276
etag: "db81c212189c4bd156df357725724066ea88d6f4"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.122200 OK 141 kB URL HTTP/2 use.typekit.net/af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 140860, version 1.0\012- data
Size 141 kB (140860 bytes)
Hash 6bfaf65a2c550ba5bfe4af17a108b036
f580547cca47791a9bc16d97d3b1a6d9ba7ff1ee
d872a3dcfd2d278eee0ed07ce8ceecff0c5ee30cef33aa92a1224bda28888dec
GET /af/bc1d75/0000000000000000000151d2/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 140860
etag: "bf19a0104a0de96dfd0edb2276eadec4d02bf248"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
farm5.static.flickr.com/4151/4843252595_37873de94b.jpg
143.204.48.75200 OK 204 kB URL HTTP/2 farm5.static.flickr.com/4151/4843252595_37873de94b.jpg
IP 143.204.48.75:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 499x333, components 3\012- data
Size 204 kB (204189 bytes)
Hash 0028e37d6ad26ab180d21a1f585bf854
4ee010a8e037c2d4cb5d040754f2a47fc83d34bb
eb51de160c888c57b3229ba569a8fb424331e7617ae90ed04f6c8a513c706e20
GET /4151/4843252595_37873de94b.jpg HTTP/1.1
Host: farm5.static.flickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
date: Mon, 06 Feb 2023 07:20:47 GMT
edge-control: public, max-age=31536000
surrogate-control: public, max-age=31536000
cache-control: public, max-age=31536000
expires: Tue, 06 Feb 2024 07:20:48 GMT
imagewidth: 500
imageheight: 333
last-modified: Tue, 19 Feb 2019 11:12:01 GMT
etag: "5dcfa4a63501df0cca1ddcb371fde947.1"
streaming: false
origintype: X
server: Jubilee
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
powered-by: Mutation/1.0
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
ourvalues: Dare (#4 of 5)
x-request-id: 14a7c065
x-frame-options: DENY
p3p: CP="This is not a P3P policy. We respect your privacy."
x-env: a=live, b=jubilee, c=21738c41, e=b1cfc1fdb4a90fbd7ed7449176940c7c057c6af1
x-ttfb: 0.1528
x-ttdb-l: 62969
mib: 2
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O2Uom6qS6nypNRxcR6nXAu0oigToMvasnTjIvog93K1rJvdo3GRbVQ==
X-Firefox-Spdy: h2
use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.122200 OK 16 kB URL HTTP/2 use.typekit.net/af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 16028, version 1.0\012- data
Hash 0dd4d271ed7ee5c0273e79583ddf8d3e
796801d9390b8253bc98890f8ed5430f58967874
dda79dbffad3c2454d4b8f1560f357ecd9879ec9400a8d732cd6943b28572d66
GET /af/73907f/00000000000000000001468a/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 16028
etag: "09f0318a3a474a88e125155447b116ce923c5e58"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26656, version 1.0\012- data
Hash 843379cf54b236ae4934db29570421f7
1ecfe53a9b021d8cfbdedd77b995a7f6f13f32b6
46f2ac0d9703243c85b6ad1b9f8ce05ce5a2a9d7adaf550fbfa061ecbf093e53
GET /af/fec4eb/0000000000000000000131bd/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26656
etag: "de5daa0372d6be1d2b0ba0e28b1c2c00515f2fce"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
23.36.76.122200 OK 28 kB URL HTTP/2 use.typekit.net/af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27684, version 1.0\012- data
Hash 962b0ccdf6555a8b81741bb83f696949
deed4a3bd9835c6fa5fdf47f511874a5f4116b9d
9cfaeffef650a761e27f14dec12810366a0bd679027c13015f95dccf9611e463
GET /af/3741dd/0000000000000000000131be/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27684
etag: "e2094b44e42b94d755331c3ee7b8c732b4c5882e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: U6oI91awt9ulKzLKmO5zLQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
23.36.76.122200 OK 28 kB URL HTTP/2 use.typekit.net/af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27716, version 1.0\012- data
Hash aae09c973c0e8c1a2ece8d4922e4c72b
d35720d96434aeb1ce0be89a1e817bdd94774a09
07919fde0a59ac04f7fafd0e4a2c510822688affe0e011c996aff25025c7bc7f
GET /af/d0381a/0000000000000000000131bc/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27716
etag: "8c57889473eaf8566c3bde8fd1b284dadb35fe4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: AmL6MUifti0NNF1d4tnrQw==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26668, version 1.0\012- data
Hash f3c582e5ca61298fe63dd09a8c9323f0
8561b44c4a4bc035cbf0c533d9bcfb83edc5a8b5
abb1e2fb045dd6b00673ffa1bc1a51b754e05691c69aa54d9b712b3ccbb7fc96
GET /af/8143dd/0000000000000000000131bb/27/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26668
etag: "116e12f7283140ad38d72901d816fba7ce41690e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
x-akamai-ssl-client-sid: PuT1oxgzAM/a8Zag57qtsg==, dTBCDP/QVui/B5B2nLZuZQ==
x-serial: 1988
x-check-cacheable: YES
x-akamai-pragma-client-ip: 10.36.76.118, 10.36.76.118
date: Mon, 06 Feb 2023 07:20:48 GMT
X-Firefox-Spdy: h2
rizk.com/no/translations/selection
104.18.21.91200 OK 30 kB URL HTTP/2 rizk.com/no/translations/selection
IP 104.18.21.91:0
File type JSON data\012- , ASCII text, with very long lines (8870), with no line terminators
Hash 6cf67458ef9dbad557e17a843d8bb10d
c495c441589c3fd9d5d10fcfb7055eb5feb6ca3b
834fafabb160131828121ba70d39e759e6f89e2b491614b82abb888938ae6b32
POST /no/translations/selection HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 3608
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
set-cookie: PHPSESSID=f6ajk90gvrsbia82kh9ri4msog; path=/; secure; HttpOnly
Referer=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644; expires=Wed, 08-Mar-2023 07:20:48 GMT; Max-Age=2592000; path=/; secure; httponly
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220191e010b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0a9831a3638a6e965f9f493ec373250b
3d345056120064927b051d81740f1787309022ad
7355f87b092cdb090b9aee59c62a4e25ff673488f5c8e0979ac0fd1c40c5ca44
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5037
Cache-Control: max-age=168361
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:49 GMT
Etag: "63e0854d-117"
Expires: Wed, 08 Feb 2023 06:06:50 GMT
Last-Modified: Mon, 06 Feb 2023 04:42:53 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1675668092873
23.36.76.122200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1675668092873
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=jdw0csx&ht=tk&h=rizk.com&f=1344.17457.18109.18110.18111.18112.6812.6813.6814.6817.24349.24350.24351.24352.24353.24354.24355.24356&a=39840982&js=1.21.0&app=typekit&e=js&_=1675668092873 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Mon, 06 Feb 2023 07:20:49 GMT
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
104.16.148.64200 OK 90 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (65455)
Hash 669fc272b6662bb850d92e9cfedf53a7
e573ee887b0ca01445457cc338f510c559a092f4
e77f0bfe908a1ee2181992bad85721333d192528c2a00aac42077549f7d377ba
GET /scripttemplates/6.39.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: application/javascript
content-length: 90454
content-encoding: gzip
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
etag: 0x8DA87805EB35DE2
x-ms-request-id: 41a1e322-301e-0173-6402-efee70000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 38628
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7952201a9940b4fa-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
104.16.148.64200 OK 18 kB URL HTTP/2 cdn.cookielaw.org/consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json
IP 104.16.148.64:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65222), with no line terminators
Hash 52edc17dd959eec04919e5f8f7366ebd
b0afc9516325109205e3b7a7656c990ac3ce23f7
f101a7d16badd7407e56c6ecdb70a97147abd8e652d9ec80164cb449f225f8d8
GET /consent/3c8f4585-e221-4b13-9563-e2283f98b4ed/c15e6223-6008-45c0-bd61-d5fb7c5b4f73/no.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: application/x-javascript
content-length: 17666
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: Uu3BfdlZ7sBJGeX49zZuvQ==
last-modified: Thu, 11 Aug 2022 10:56:24 GMT
etag: 0x8DA7B8822255DC0
x-ms-request-id: a06e6807-601e-0142-288a-adb5a7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 17013
expires: Tue, 07 Feb 2023 07:20:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7952201b1c9a0b39-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
104.16.148.64200 OK 14 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (51738)
Hash 3e961eb7fdc3f94310047addd52478f7
e653b0a0929096e9aaf34772f5839c6fc3f4da49
221064afa3bffb58aff4d7a036a9f5196c60ff0077e23453ca2aa7a1019be47a
GET /scripttemplates/6.39.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: application/json
content-length: 13981
content-encoding: gzip
content-md5: PpYet/3D+UMQBHrd1SR49w==
last-modified: Fri, 26 Aug 2022 16:30:58 GMT
etag: 0x8DA87805B3CBC97
x-ms-request-id: 8ef1e9a6-d01e-0150-2d8a-b981bb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 8553
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7952201b4cd60b39-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
104.16.148.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (11118)
Hash 5f1f3dee54d56068cc422c2e182af30c
307e86761b9ecbc0262af0358acfc0e0b95e7ea5
482ea2a9ca60ee6292211fcbfb5ea4b28ef501cd7be34899a43384c8f9a113e8
GET /scripttemplates/6.39.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: application/json
content-length: 3007
content-encoding: gzip
content-md5: Xx897lTVYGjMQiwuGCrzDA==
last-modified: Fri, 26 Aug 2022 16:30:55 GMT
etag: 0x8DA87805972EF22
x-ms-request-id: 77d93883-701e-0112-6b8a-b9aaaf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 17863
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7952201b4cd50b39-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
104.16.148.64200 OK 8.5 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
IP 104.16.148.64:0
Hash bb66b9270c6fc13a8d9581fcdf875dcd
7e8a7e4b68a062184f1cb9dffdff44b063051da0
2a8a12c2dbdabc2ceef8d03ae3918dd967dfe5d51a553505ef39d464ec1393db
GET /scripttemplates/6.39.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Origin: https://rizk.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: text/css
content-md5: B55i3ZY9miZIaUrwjufy0w==
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
x-ms-request-id: b3ac1c65-001e-0030-378a-b982cc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 16710
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7952201b5cd70b39-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rizk.com/assets/js/mustache.c8a057fd.js
104.18.21.91200 OK 104 kB URL HTTP/2 rizk.com/assets/js/mustache.c8a057fd.js
IP 104.18.21.91:0
File type ASCII text, with very long lines (6027)
Size 104 kB (103518 bytes)
Hash a8fe9199df6b423b38d22d4907215c20
fd25d6fde5d88389f11b5c0dd598803e314f4e62
18cc0504803dacaac0d4ac8ce18d50d5a74ebb8e34f9c5020cb9a6f6eed1b613
GET /assets/js/mustache.c8a057fd.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:12:06 GMT
etag: W/"63dd1636-186c"
cf-cache-status: HIT
age: 4162
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7952201b8fe10b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 05:44:08 GMT
expires: Mon, 06 Feb 2023 07:44:08 GMT
cache-control: public, max-age=7200
age: 5801
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 68851ca46b34e108e2780e3a6ba57319
8eb5e76c621ecc5b587b47c65f2a562fc7b7d78a
68cebe0d935553b59bb78a54a828ff2cc6ffdb240cd002b51a4fef31388d6200
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3069
Cache-Control: max-age=110950
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:49 GMT
Etag: "63dfacba-118"
Expires: Tue, 07 Feb 2023 14:09:59 GMT
Last-Modified: Sun, 05 Feb 2023 13:18:50 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Mon, 06 Feb 2023 07:20:49 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Tue, 07 Feb 2023 06:17:09 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: GeneratedResponse from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IWGbX0cVHDPj9Fu8Q1Srty-ppEzKu1nXQS5UtZuR7YoXwLBDLIgaGQ==
X-Firefox-Spdy: h2
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
23.36.79.43200 OK 37 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAKR
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (62459)
Hash d2e8fadea66d50de6764cc8815911655
5219f9385a355cddd3cf5893794e2e3c554ead1c
621097f07e85bf9c2eb4b75eea6664762dfc8e3bc3a7f464aa5055295b7cb80d
GET /dist/tag-manager.js?id=STM-AAAAKR HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: f57ZChFfDoEEPjQ=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37261
x-check-cacheable: YES
x-serial: 1128
x-akamai-ssl-client-sid: cJCW7kFkND/oua5EDXoMTw==
x-akamai-pragma-client-ip: 23.36.79.39, 146.247.142.2
date: Mon, 06 Feb 2023 07:20:49 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
104.16.148.64200 OK 471 B URL HTTP/2 cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
IP 104.16.148.64:0
Hash ec70adbf86edcdb7953acf2b3c9c799b
ddf8cdf338dda95eeb462f7fa9ca83aa2dce0689
28ff30299d6a9fddd4bf1bb20fa78e7a0ef9ff3ab5ebd9f174e92d691a08a9fa
GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Thu, 02 Feb 2023 13:33:38 GMT
x-ms-request-id: 37e5f1ab-101e-00ca-7f5b-374b2b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 33125
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7952201bbab6b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f98f07dcc44fab455fd5840810d48146
9af36ef9d32d7745105d308df63e49b442afccbc
17a703b33e5960787f842a0e4b48cee49f763210691c070559284dc6ce013324
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2161
Cache-Control: max-age=166190
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:49 GMT
Etag: "63e0880e-116"
Expires: Wed, 08 Feb 2023 05:30:39 GMT
Last-Modified: Mon, 06 Feb 2023 04:54:38 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e9ec07b8906fd25def7973d5bcfc73b
f2fb10be7ddc5bd3ca3f3aee7a23d369cd4d9877
f9f2dd8530b003a7444b0e846503889a30ba5409d1354d83fe447967c1990fb7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F9F2DD8530B003A7444B0E846503889A30BA5409D1354D83FE447967C1990FB7"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18135
Expires: Mon, 06 Feb 2023 12:23:04 GMT
Date: Mon, 06 Feb 2023 07:20:49 GMT
Connection: keep-alive
tracker.ads.sportradar.com/dist/tracker.js
23.36.79.43200 OK 12 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: EeWcXnw5b_WQBVyQkN3hrtHVebmMaThQpW2F37a44gAqhmPt6qbVZA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Mon, 06 Feb 2023 07:20:49 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/MGA.svg
104.18.21.91200 OK 7.7 kB URL HTTP/2 rizk.com/assets/img/footer/MGA.svg
IP 104.18.21.91:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4188)
Hash 3ec2bd7897f7a360ecb802700e2ce2c5
e601d7892ad90a4a82d840e9e62e7b6e459ab553
94d61f80345fcf727c031fe606f7c198ffa806c84c7ae124f205c145bb29ff36
GET /assets/img/footer/MGA.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675668047
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/svg+xml
last-modified: Thu, 05 Jan 2023 10:35:49 GMT
etag: W/"63b6a805-49ef"
expires: Mon, 13 Mar 2023 05:08:21 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 1564326
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220186d8f0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cab74b16f32ef036779d3538e1e83483
920922d8a80e40ae350224b2e281089ac4423812
cd63a85682322688cc3ba198669ef1ecb578d36b4a0dceb3dd1bdded4aece525
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5382
Cache-Control: max-age=89882
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:49 GMT
Etag: "63df5165-1d7"
Expires: Tue, 07 Feb 2023 08:18:51 GMT
Last-Modified: Sun, 05 Feb 2023 06:49:09 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cab74b16f32ef036779d3538e1e83483
920922d8a80e40ae350224b2e281089ac4423812
cd63a85682322688cc3ba198669ef1ecb578d36b4a0dceb3dd1bdded4aece525
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5382
Cache-Control: max-age=89882
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:49 GMT
Etag: "63df5165-1d7"
Expires: Tue, 07 Feb 2023 08:18:51 GMT
Last-Modified: Sun, 05 Feb 2023 06:49:09 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
unpkg.com/yett@0.2.3/dist/yett.min.modern.js
104.16.126.175200 OK 5.5 kB URL HTTP/2 unpkg.com/yett@0.2.3/dist/yett.min.modern.js
IP 104.16.126.175:0
File type ASCII text, with very long lines (4157)
Hash a5a333bc2e78bc77ec6059513f3c35f9
1f630fa01213bf48453a7d10066bbf60a5da3e07
5440dc9ed583f3962ca9c60ce17df0106b74cd9d3871bde0d6ca82b84944e884
GET /yett@0.2.3/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106a-F1kN/vqWtSduU82KJoxqMaLlX70"
via: 1.1 fly.io
fly-request-id: 01G53T04M04VGHTCMPW9JKYWMZ-fra
cf-cache-status: HIT
age: 20903963
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 79522015c954b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
monitor.clickcease.com/monitor/api/statsV2?type=object
20.234.104.33200 OK 42 B URL HTTP/2 monitor.clickcease.com/monitor/api/statsV2?type=object
IP 20.234.104.33:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash bece06f094b8474383a8c77da5e3c54a
c7b0c9ce4b65287792382e2e999d9b22dc0cd190
988739ac8e8c4439bef9e64f8724d72fd2c04966a8fecef524e376520a89f53e
POST /monitor/api/statsV2?type=object HTTP/1.1
Host: monitor.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 178
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache
pragma: no-cache
content-length: 42
content-type: application/json; charset=utf-8
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
vm: 10.1.0.11
date: Mon, 06 Feb 2023 07:20:49 GMT
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist//sp-2.14.0.js
23.36.79.43200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rwLFuH76gyBuOOKfMU6fioIQYlVlN4USMSMuK47JehscNYA176w4qg==
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 06 Feb 2023 07:20:49 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e9ec07b8906fd25def7973d5bcfc73b
f2fb10be7ddc5bd3ca3f3aee7a23d369cd4d9877
f9f2dd8530b003a7444b0e846503889a30ba5409d1354d83fe447967c1990fb7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "F9F2DD8530B003A7444B0E846503889A30BA5409D1354D83FE447967C1990FB7"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18135
Expires: Mon, 06 Feb 2023 12:23:04 GMT
Date: Mon, 06 Feb 2023 07:20:49 GMT
Connection: keep-alive
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 485
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
access-control-allow-origin: https://rizk.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgREAIQgDsIm4U6CVH8fXbsHwJhT8QG4bnJa4sl3hpht5HEt/VPfkAlkjvx4PB0M3sjIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 10
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=72c2a8be-0f45-4d2e-904d-c27a0259eac7&u_sclid=400ee64f-cdcb-411f-a147-684b4803d528
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=72c2a8be-0f45-4d2e-904d-c27a0259eac7&u_sclid=400ee64f-cdcb-411f-a147-684b4803d528
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=b07823ad-e115-456a-8e89-cc6b0b76459e&u_scsid=72c2a8be-0f45-4d2e-904d-c27a0259eac7&u_sclid=400ee64f-cdcb-411f-a147-684b4803d528 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 5
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cab74b16f32ef036779d3538e1e83483
920922d8a80e40ae350224b2e281089ac4423812
cd63a85682322688cc3ba198669ef1ecb578d36b4a0dceb3dd1bdded4aece525
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:49 GMT
Last-Modified: Mon, 06 Feb 2023 05:40:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
matomo.rizk-dev.com/matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=427645&h=7&m=21&s=33&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&urlref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&_id=&_idn=1&_refts=1675668094&_ref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&send_image=0&cookie=0&res=1280x1024&pv_id=mTo4Kv&pf_net=0&pf_srv=126&pf_tfr=27&pf_dm1=827&pf_dm2=173&pf_onl=1
104.18.14.144204 No Content 0 B URL HTTP/2 matomo.rizk-dev.com/matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=427645&h=7&m=21&s=33&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&urlref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&_id=&_idn=1&_refts=1675668094&_ref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&send_image=0&cookie=0&res=1280x1024&pv_id=mTo4Kv&pf_net=0&pf_srv=126&pf_tfr=27&pf_dm1=827&pf_dm2=173&pf_onl=1
IP 104.18.14.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=rizk.com%2FVelkomstbonuser%20Casino%20-%20Sett%20inn%20200%20-%20spill%20med%201000kr%20-%20Rizk%20Online%20Casino&idsite=1&rec=1&r=427645&h=7&m=21&s=33&url=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&urlref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&_id=&_idn=1&_refts=1675668094&_ref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&send_image=0&cookie=0&res=1280x1024&pv_id=mTo4Kv&pf_net=0&pf_srv=126&pf_tfr=27&pf_dm1=827&pf_dm2=173&pf_onl=1 HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 07:20:50 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.19
access-control-allow-origin: https://rizk.com
access-control-allow-credentials: true
referrer-policy: origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
x-robots-tag: noindex
server: cloudflare
cf-ray: 7952201f9ffab4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rizk.com/assets/img/rizk-logo-footer.svg
104.18.21.91200 OK 4.4 kB URL HTTP/2 rizk.com/assets/img/rizk-logo-footer.svg
IP 104.18.21.91:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1929), with no line terminators
Hash 80275a6a8ad714f1d49830b2a8f81d51
2b564d161c3d5ce087334dd39c44bb9372eabb64
04bd3d4d455deb0a81e6ee69d63b831d808b02bc78957554338e17def05cba1b
GET /assets/img/rizk-logo-footer.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/svg+xml
last-modified: Thu, 01 Dec 2022 10:34:20 GMT
etag: W/"6388832c-789"
expires: Sat, 04 Feb 2023 01:44:34 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 372851
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522016bc680b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 7a942df038e18997eb83c77533333fcb
75b4b06074dfbd059731f87c7a8ddbb012e393b1
4d1229f61a50bceb2b05f2d8da12d541c6175657e13e873ff1237e5643cc1a9f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4D1229F61A50BCEB2B05F2D8DA12D541C6175657E13E873FF1237E5643CC1A9F"
Last-Modified: Sun, 05 Feb 2023 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1569
Expires: Mon, 06 Feb 2023 07:46:59 GMT
Date: Mon, 06 Feb 2023 07:20:50 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 7a942df038e18997eb83c77533333fcb
75b4b06074dfbd059731f87c7a8ddbb012e393b1
4d1229f61a50bceb2b05f2d8da12d541c6175657e13e873ff1237e5643cc1a9f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4D1229F61A50BCEB2B05F2D8DA12D541C6175657E13E873FF1237E5643CC1A9F"
Last-Modified: Sun, 05 Feb 2023 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1569
Expires: Mon, 06 Feb 2023 07:46:59 GMT
Date: Mon, 06 Feb 2023 07:20:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3955
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:50 GMT
Last-Modified: Mon, 06 Feb 2023 06:14:55 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a4c9aec1fbb347e37394d01baf52fa49
2de722d77d4154504aa98e9ef46b8cb21a1be780
069169ac204505b2880ce68b15dd222b84f5923a8d6da6a1119e183f626c6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4598
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:50 GMT
Last-Modified: Mon, 06 Feb 2023 06:04:12 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1195dd6a2166c4b6c4f45510e64cbd2c
1600d859c9c6e74468bbd3d30b86a666ff307116
d0603547733c0617e521f5f0c1766800d3541f1afc470b8f8c94ca58d34df1c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6439
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:50 GMT
Last-Modified: Mon, 06 Feb 2023 05:33:31 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
3.124.85.119302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1263&id=3422
IP 3.124.85.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 06 Feb 2023 07:20:50 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
Set-Cookie: zuuid=c9ad933e-3b6f-4c53-9992-3fed1ae75763; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
3.124.85.119302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 3.124.85.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 06 Feb 2023 07:20:50 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=e4d95719-db8b-4fb6-93a9-46bf053270e2; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: evAR8n1e0/oOXmNPa2cZte+QG5v1dHmOJw+XYFRlEQL8ReQT6SZlbuolFC03kXdieMzkWoW1Z7biXEPBJ0uoYQ==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Mon, 06 Feb 2023 07:20:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xGnxEeEn2_JkDjuPo8_kSDbot8sE6uwqpeC-_DdgFZtrbfYQs8Jlsw==
age: 238244
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3955
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 07:20:50 GMT
Last-Modified: Mon, 06 Feb 2023 06:14:55 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
3.124.85.119200 OK 1.5 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1263&id=3422
IP 3.124.85.119:0
File type ASCII text, with very long lines (1527), with no line terminators
Hash e0668b6f9ececfe45c22a5de4d1fadf6
db7f8935b0484999dbaff9bb686713ed63c89e7c
cecf0ecdd0e9fefe86c991d3b14d48ead831ed395c7b720ec9aee086fb72c052
GET /ul_cb/pixel?type=js&aid=1263&id=3422 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=e4d95719-db8b-4fb6-93a9-46bf053270e2; c=1675668050; zuuid_lu=1675668050
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Mon, 06 Feb 2023 07:20:50 GMT
Set-Cookie: zuuid=e4d95719-db8b-4fb6-93a9-46bf053270e2; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,444925250; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,444997250; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1527
Connection: keep-alive
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
3.124.85.119302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 3.124.85.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Cookie: zuuid=e4d95719-db8b-4fb6-93a9-46bf053270e2; c=1675668050; zuuid_lu=1675668050
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 06 Feb 2023 07:20:50 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De4d95719-db8b-4fb6-93a9-46bf053270e2
Set-Cookie: zuuid=e4d95719-db8b-4fb6-93a9-46bf053270e2; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
matomo.rizk-dev.com/matomo.js
104.18.14.144200 OK 89 kB URL HTTP/2 matomo.rizk-dev.com/matomo.js
IP 104.18.14.144:0
File type ASCII text, with very long lines (1601)
Hash f7b1154133ee0e891a5618cfcabfa17a
8451cd1fdf225b4a2294af3a6c65b67a6b9d2bb1
4f5526e97d35743f49ac77b9835f97bea6eda5b25e4cd7b9ec81cc0c6bdcdac5
GET /matomo.js HTTP/1.1
Host: matomo.rizk-dev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: application/javascript
last-modified: Thu, 19 May 2022 08:56:29 GMT
etag: W/"6286063d-faed"
expires: Mon, 06 Feb 2023 11:20:49 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 1071
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-robots-tag: noindex
server: cloudflare
cf-ray: 7952201f2f78b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
54.230.111.4200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-qX80KJDWUUAcD.js
IP 54.230.111.4:0
Hash 40537b1abe9505bb799edac2255a8470
3b26d888b1d5f92da2d20c58863690c5587fa9c7
7f99464c6925fc098677d29ef278b73b2c0160dea8cce855eac94ab703477e78
GET /rules-p-qX80KJDWUUAcD.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 22:18:39 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Mon, 06 Feb 2023 06:32:38 GMT
cache-control: max-age=3600
etag: "40537b1abe9505bb799edac2255a8470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zwsa4AmBnEfk3-XL_TlQh2p_upwwr69OHXZ182sDMnkyrHu32So3Jg==
age: 2904
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675668094122&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&st=1675668094122&et=1675668094122&if=1
37.252.171.21200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675668094122&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&st=1675668094122&et=1675668094122&if=1
IP 37.252.171.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=10dee212-6ba2-4421-98d8-7ee7e322e388&it=1675668094122&v=0.0.20&u=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&r=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&st=1675668094122&et=1675668094122&if=1 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 07:20:50 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.18.21.91200 OK 11 kB URL HTTP/2 rizk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.18.21.91:0
Hash 057f60d4abe75f3f4d92514c841aa9a1
1e48fc1ecca15a1d57d4edf3ca101880f1c20db2
56a00b533920b7de1a38f126d93c51a7590433eedc7e74a16fc1653f67b4f774
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:56:26 GMT
etag: W/"63dd3cba-4d7"
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522016bc690b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 08 Feb 2023 07:20:48 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=236816286831&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
37.157.5.142200 OK 565 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=236816286831&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 37.157.5.142:0
File type ASCII text, with very long lines (428), with CRLF line terminators
Hash 4fddbd2329376ecc7e96f6d9291bf378
3cc8d159bc2fb1cbe369543092047464fa1c1432
ae36529615ec75078e950d660e0ac18fae21279b76fded169e9b43ca517be041
GET /Serving/TrackPoint/?pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=236816286831&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:20:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 565
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Mon, 06-Mar-2023 07:20:50 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=236816286831&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=0
37.157.5.142200 OK 201 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=236816286831&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=0
IP 37.157.5.142:0
File type ASCII text, with CRLF line terminators
Hash 58843f6e7478fcbc58ce3f06ebc8a766
38be284fc6f347414e9c4e62966c738f1303a06a
00d40fbf21940008fde10ef8f27648b7a840b379ea469d72008afa81501c74da
GET /Serving/TrackPoint/?CC=1&pm=2750050&ADFPageName=AJ_Adform%20-%20Rizk%20NO%20-%20REM%20-%20ALL&ADFdivider=%7C&ord=236816286831&ADFtpmode=2&itm=eyJzdjIiOiJMb2dnZWQgT3V0In0&loc=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&CPref=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24&frpid=0 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:20:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 201
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&if=true&ts=1675668094432&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675668094207&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&if=true&ts=1675668094432&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675668094207&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1268401316549097&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&if=true&ts=1675668094432&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675668094207&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 06 Feb 2023 07:20:50 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=125966753077306&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&if=true&ts=1675668094554&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675668094207&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=125966753077306&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&if=true&ts=1675668094554&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675668094207&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=125966753077306&ev=PageView&dl=https%3A%2F%2Frizk.com%2Fno%2Fcasino%2Fkampanjer%2Fcasino%2Fwelcome-bonus%2F18644&rl=http%3A%2F%2Fsidewayssidle2112.blogspot.com%2F&if=true&ts=1675668094554&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&it=1675668094207&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 06 Feb 2023 07:20:50 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=411957,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795220248809b523-OSL
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=900c5e8c-68ed-4a8d-9056-69e6d1cdfb60
35.156.231.131302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=900c5e8c-68ed-4a8d-9056-69e6d1cdfb60
IP 35.156.231.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=900c5e8c-68ed-4a8d-9056-69e6d1cdfb60 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:20:50 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=900c5e8c-68ed-4a8d-9056-69e6d1cdfb60
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=dce34229-f975-4ec7-b868-3949410bc7fa; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=411957,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795220248b36b517-OSL
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=f023518f-cca3-4df5-96c9-481cd922939a
35.156.231.131302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=f023518f-cca3-4df5-96c9-481cd922939a
IP 35.156.231.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=f023518f-cca3-4df5-96c9-481cd922939a HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:20:50 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=f023518f-cca3-4df5-96c9-481cd922939a
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=f6b89a4e-3e1b-4060-9e1b-c832cf0f305f; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=900c5e8c-68ed-4a8d-9056-69e6d1cdfb60
35.156.231.131302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=900c5e8c-68ed-4a8d-9056-69e6d1cdfb60
IP 35.156.231.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=900c5e8c-68ed-4a8d-9056-69e6d1cdfb60 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:20:50 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=f023518f-cca3-4df5-96c9-481cd922939a
35.156.231.131302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=f023518f-cca3-4df5-96c9-481cd922939a
IP 35.156.231.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=f023518f-cca3-4df5-96c9-481cd922939a HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:20:50 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=411957,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7952202489441bfa-OSL
x.bidswitch.net/syncd?dsp_id=409&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
35.156.231.131302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 35.156.231.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:20:50 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=26001404-fa35-4a9f-8341-7579454cdb85; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
35.156.231.131200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 35.156.231.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:50 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=411957,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795220248d38b51d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=411957,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795220248c10fac0-OSL
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De4d95719-db8b-4fb6-93a9-46bf053270e2
35.156.231.131302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De4d95719-db8b-4fb6-93a9-46bf053270e2
IP 35.156.231.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=1&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De4d95719-db8b-4fb6-93a9-46bf053270e2 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:20:50 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De4d95719-db8b-4fb6-93a9-46bf053270e2
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=cb25ecae-d137-4e6a-83d4-9914e09a14d9; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675668050; path=/; expires=Tue, 06-Feb-2024 07:20:50 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 58ad40d9176ba3b796d151df2768cacd
7896b8ccb85d6fc11766777e3ace37b9781b0ed7
ddb8531adb33613f8f5e6b64ad6d462a1dbae75bde9c06ac2a121b2c645fe2ee
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169035
Date: Mon, 06 Feb 2023 07:20:50 GMT
Etag: "63e0897b-1d7"
Expires: Wed, 08 Feb 2023 06:18:05 GMT
Last-Modified: Mon, 06 Feb 2023 05:00:43 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2wRg12gM8IrE4UeqwvKEWkhBC_bRAhdy4aapBZhwRBz8EX0oS0-nkA==
Age: 4642
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 58ad40d9176ba3b796d151df2768cacd
7896b8ccb85d6fc11766777e3ace37b9781b0ed7
ddb8531adb33613f8f5e6b64ad6d462a1dbae75bde9c06ac2a121b2c645fe2ee
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169029
Date: Mon, 06 Feb 2023 07:20:50 GMT
Etag: "63e0897b-1d7"
Expires: Wed, 08 Feb 2023 06:17:59 GMT
Last-Modified: Mon, 06 Feb 2023 05:00:43 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h5TFxFI1KJ0miB999QX4YfKn1rzY-BOeB_2eRgYyyhVzR0gcI3SFGw==
Age: 4637
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=a15beac5-196f-4c9d-a9b5-02bc9d84b810
35.156.231.131302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=a15beac5-196f-4c9d-a9b5-02bc9d84b810
IP 35.156.231.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&cb=a15beac5-196f-4c9d-a9b5-02bc9d84b810 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:20:51 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
37.157.2.234302 Found 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?party=1279&cid=Logged%20Out
IP 37.157.2.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving/cookie/match?party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 06 Feb 2023 07:20:51 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
set-cookie: C=1; expires=Mon, 06 Mar 2023 07:20:51 GMT; domain=adform.net; path=/
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De4d95719-db8b-4fb6-93a9-46bf053270e2
35.156.231.131200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De4d95719-db8b-4fb6-93a9-46bf053270e2
IP 35.156.231.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De4d95719-db8b-4fb6-93a9-46bf053270e2 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:51 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.158.43.18204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.158.43.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 07:20:51 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.158.43.18204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.158.43.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 07:20:51 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
18.158.43.18204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 18.158.43.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e4d95719-db8b-4fb6-93a9-46bf053270e2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 07:20:51 GMT
X-Firefox-Spdy: h2
www.naturalbeautiesfloral.com/picture/weddings-flowers-chicago-9.jpg%3FpictureId%3D5663703%26asGalleryImage%3Dtrue
169.150.236.100404 Not Found 0 B URL HTTP/1.1 www.naturalbeautiesfloral.com/picture/weddings-flowers-chicago-9.jpg%3FpictureId%3D5663703%26asGalleryImage%3Dtrue
IP 169.150.236.100:0
GET /picture/weddings-flowers-chicago-9.jpg%3FpictureId%3D5663703%26asGalleryImage%3Dtrue HTTP/1.1
Host: www.naturalbeautiesfloral.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.1 404 Not Found
Date: Mon, 06 Feb 2023 07:20:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: BunnyCDN-IL1-1070
CDN-PullZone: 913532
CDN-Uid: 5394955d-1467-45fe-a539-7870a9314cdf
CDN-RequestCountryCode: NO
Cache-Control: public, max-age=0
Link: <http://www.naturalbeautiesfloral.com/wp-json/>; rel="https://api.w.org/"
CDN-ProxyVer: 1.03
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 404
CDN-CachedAt: 02/06/2023 07:20:46
CDN-EdgeStorageId: 871
CDN-Status: 404
CDN-RequestId: d112293ef892cb240a4ca0b29271e9cd
CDN-Cache: BYPASS
Content-Encoding: gzip
rizk.com/assets/js/base.3894cf79.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/base.3894cf79.js
IP 104.18.21.91:0
GET /assets/js/base.3894cf79.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:12:06 GMT
etag: W/"63dd1636-7d24a"
cf-cache-status: HIT
age: 283
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522016bc6b0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.170.188:0
GET /resources/tracker.html?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: text/html
content-md5: qRcQewUQpBCpHWX0csvwPQ==
last-modified: Thu, 10 Sep 2020 09:09:07 GMT
x-ms-request-id: ff32aea2-d01e-005f-750f-2aa63e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 92
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952201eb8cab4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
rizk.com/assets/img/jewel_reward.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/jewel_reward.svg
IP 104.18.21.91:0
GET /assets/img/jewel_reward.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Jan 2023 09:25:19 GMT
etag: W/"63bfd1ff-cdb"
expires: Sat, 18 Mar 2023 07:14:01 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 375988
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220144a550b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/yett/dist/yett.min.modern.js
104.16.126.175302 Found 0 B URL HTTP/2 unpkg.com/yett/dist/yett.min.modern.js
IP 104.16.126.175:0
GET /yett/dist/yett.min.modern.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /yett@0.2.3/dist/yett.min.modern.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GRJS28EMEYZGJSYMTV041KAM-fra
cf-cache-status: HIT
age: 535
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 795220148ff4b503-OSL
X-Firefox-Spdy: h2
tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js
IP 35.190.43.134:0
GET /config/com/b07823ad-e115-456a-8e89-cc6b0b76459e.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
access-control-allow-origin: https://rizk.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ohanaphotographers.com/
35.209.124.137200 OK 0 B IP 35.209.124.137:0
GET / HTTP/1.1
Host: ohanaphotographers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:20:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://ohanaphotographers.com/wp-json/>; rel="https://api.w.org/", <https://ohanaphotographers.com/wp-json/wp/v2/pages/535>; rel="alternate"; type="application/json", <https://ohanaphotographers.com/>; rel=shortlink
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
37.157.2.234200 OK 0 B URL HTTP/2 c1.adform.net/serving/cookie/match?CC=1&party=1279&cid=Logged%20Out
IP 37.157.2.234:0
GET /serving/cookie/match?CC=1&party=1279&cid=Logged%20Out HTTP/1.1
Host: c1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rizk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:20:51 GMT
content-type: image/gif
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
rizk.com/assets/img/footer/footer-logo-odr.svg
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/img/footer/footer-logo-odr.svg
IP 104.18.21.91:0
GET /assets/img/footer/footer-logo-odr.svg HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/assets/css/base.css?1675668047
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: image/svg+xml
last-modified: Thu, 15 Dec 2022 11:19:37 GMT
etag: W/"639b02c9-1c73"
expires: Sat, 18 Feb 2023 04:38:06 GMT
cache-control: max-age=5184000
cf-cache-status: HIT
age: 1571447
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 795220186d8e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacleprodj.com/wp-content/uploads/2011/10/2011-10-08_16-55-33_886.jpg
198.49.23.145404 Not Found 0 B URL HTTP/2 www.pinnacleprodj.com/wp-content/uploads/2011/10/2011-10-08_16-55-33_886.jpg
IP 198.49.23.145:0
GET /wp-content/uploads/2011/10/2011-10-08_16-55-33_886.jpg HTTP/1.1
Host: www.pinnacleprodj.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
age: 0
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 06 Feb 2023 07:20:46 GMT
etag: W/"2067bdcb43da9b63da1b8f445302fd25"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=Be23GuHJ0T9lYTQzMGU4NzA3NjFjM2IyYjQwNTZkODQwMGU1NGUx;Path=/
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: hKoUcnTn/9Qq6qhyd
content-length: 13883
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.2.248200 OK 0 B URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.2.248:0
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 07:20:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx0000062cf0e7d8446165f-006385e0d3-329354d9-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
rizk.com/assets/js/scripts.c92f3021.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/scripts.c92f3021.js
IP 104.18.21.91:0
GET /assets/js/scripts.c92f3021.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:12:06 GMT
etag: W/"63dd1636-65815"
cf-cache-status: HIT
age: 4167
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522016cc7a0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.27.85200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.27.85:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rizk.com
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7952201a6d60fac4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
weddingbells.ca/blogs/wp-content/uploads/2010/07/wbjuly_ritzcarlton_500x300.jpg
104.18.3.78404 Not Found 0 B URL HTTP/2 weddingbells.ca/blogs/wp-content/uploads/2010/07/wbjuly_ritzcarlton_500x300.jpg
IP 104.18.3.78:0
GET /blogs/wp-content/uploads/2010/07/wbjuly_ritzcarlton_500x300.jpg HTTP/1.1
Host: weddingbells.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 07:20:46 GMT
content-type: text/html; charset=utf-8
cf-ray: 795220093d25b517-OSL
cache-control: public, max-age=10
set-cookie: experiments=%7B%7D; Max-Age=7776000; Domain=.weddingbells.ca; Path=/; Secure; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
cf-cache-matched-rule: none
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'; object-src 'none'; manifest-src 'self'; report-uri https://vault.gostatera.com/collect/csp
content-security-policy-report-only: base-uri 'none'; report-uri https://vault.gostatera.com/collect/csp
nel: { "report_to": "nel", "max_age": 3600 }
permissions-policy: geolocation=(), microphone=()
referrer-policy: no-referrer-when-downgrade
report-to: { "group": "nel", "max_age": 3600, "endpoints": [{ "url": "https://vault.gostatera.com/collect/nel" }] }
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.weddinggirl.ca/
70.32.23.65200 OK 0 B IP 70.32.23.65:0
GET / HTTP/1.1
Host: www.weddinggirl.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sidewayssidle2112.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 07:20:48 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Link: <https://www.weddinggirl.ca/wp-json/>; rel="https://api.w.org/"
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29178
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.labellebride.com/wp-content/uploads/2011/08/snohomish_diy_wedding_94.jpg
54.161.222.85404 Not Found 0 B URL HTTP/1.0 www.labellebride.com/wp-content/uploads/2011/08/snohomish_diy_wedding_94.jpg
IP 54.161.222.85:0
GET /wp-content/uploads/2011/08/snohomish_diy_wedding_94.jpg HTTP/1.1
Host: www.labellebride.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sidewayssidle2112.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
rizk.com/assets/js/runtime.becd4b0d.js
104.18.21.91200 OK 0 B URL HTTP/2 rizk.com/assets/js/runtime.becd4b0d.js
IP 104.18.21.91:0
GET /assets/js/runtime.becd4b0d.js HTTP/1.1
Host: rizk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/no/casino/kampanjer/casino/welcome-bonus/18644
Cookie: ZBan=ctK4oAEcKNIab9aG6Lukv2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:48 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 14:12:06 GMT
etag: W/"63dd1636-8fc"
cf-cache-status: HIT
age: 4167
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79522016bc6a0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D
IP 104.16.170.188:0
GET /resources/tracker.js?d=%7B%22userAction%22%3A%22Default%22%2C%22userState%22%3A1%7D&s=%7B%22type%22%3A%22user-state%22%2C%22expiry%22%3A365%2C%22limit%22%3A1%2C%22account%22%3A%22gig-rizk%22%7D HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 07:20:49 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=3650
content-md5: 9U0JZZEfvIjj+rfzna0fNA==
etag: W/"0x8D7A4C7B64A6317"
last-modified: Wed, 29 Jan 2020 14:29:55 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 1b1234c4-701e-0091-595e-a55502000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 23
vary: Accept-Encoding
server: cloudflare
cf-ray: 7952201e481db4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-661774.js?sv=7
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-661774.js?sv=7
IP 143.204.55.84:0
GET /c/hotjar-661774.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rizk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 07:20:18 GMT
cache-control: max-age=60
etag: W/403261c6c11903c1c56c3e496089fbf7
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cljiFjVTvnZaLLxixL3PJyiDF-hGJqXunxz-BdDS9TY1laEBamcGdQ==
age: 32
X-Firefox-Spdy: h2