danasamross.blogspot.com/2022/08/kerja-kosong-parit-raja.html
142.250.74.65301 Moved Permanently 206 B URL HTTP/1.1 danasamross.blogspot.com/2022/08/kerja-kosong-parit-raja.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash de27f87f7f7075366c86670b55d9d180
f49f522b5d474ce53be20c821bd8bf5d84d7c6a5
ff6f9d1e06859c56a05f2c294c85d2cee1e1a207aa5d9952583d6e2b1652d25a
GET /2022/08/kerja-kosong-parit-raja.html HTTP/1.1
Host: danasamross.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://danasamross.blogspot.com/2022/08/kerja-kosong-parit-raja.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 11:16:33 GMT
Expires: Fri, 09 Dec 2022 11:16:33 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 206
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Fri, 09 Dec 2022 13:19:12 GMT
Date: Fri, 09 Dec 2022 11:16:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13881
Expires: Fri, 09 Dec 2022 15:07:54 GMT
Date: Fri, 09 Dec 2022 11:16:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17192
Expires: Fri, 09 Dec 2022 16:03:05 GMT
Date: Fri, 09 Dec 2022 11:16:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 11:08:18 GMT
content-type: application/json
age: 495
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 42pjzk7kOcBScdXMbv6gLpjqu83Q7KeUJhQobFcsrmJQNY+30D9iTL/QT6xPpvM0chQELgwFQYvVKH0gmXNHTw==
x-amz-request-id: BJRTJEJYDV7N3GBW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 10:48:18 GMT
age: 1695
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 11:16:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 11:07:45 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 529
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
danasamross.blogspot.com/2022/08/kerja-kosong-parit-raja.html
142.250.74.65200 OK 26 kB URL HTTP/2 danasamross.blogspot.com/2022/08/kerja-kosong-parit-raja.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (13818)
Hash 31a67ca93be5869eeace2da63dd44a25
165081992aa7a488f9550d1aad997240de4ec491
3759016705aa9cbcdf63c50896adc4a62fedbae299a189dd1577254187c3c79f
GET /2022/08/kerja-kosong-parit-raja.html HTTP/1.1
Host: danasamross.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 09 Dec 2022 11:16:34 GMT
date: Fri, 09 Dec 2022 11:16:34 GMT
cache-control: private, max-age=0
last-modified: Wed, 21 Sep 2022 12:07:09 GMT
etag: W/"5ec0bf235f4bd067f5b10fef29908a671fae4331078a53ed2938ccab1452bf7a"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 25454
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3854
Cache-Control: max-age=168875
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:11:09 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 25c1a71b438dd3628ebe491222f1b414
651ec6be6391f31b7ea8f89441ffc9f58d3572f2
a9671ecd9fe7a56f470b4c16799360e71c39b48ed82ae1f7c7ba92f680da3ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3501
Cache-Control: max-age=161004
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Etag: "6392dd51-117"
Expires: Sun, 11 Dec 2022 07:59:58 GMT
Last-Modified: Fri, 09 Dec 2022 07:01:37 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 18:51:00 GMT
expires: Thu, 07 Dec 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 145534
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e3b686761d00190a2deabd88c32a7cdb
f291095dbf705b7688f3e24a74908fb313e73a16
852c7197413870e281ce4c7b336630abbc4a6c62318625097bfeb65fd32001eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116755
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Etag: "63923e25-117"
Expires: Sat, 10 Dec 2022 19:42:29 GMT
Last-Modified: Thu, 08 Dec 2022 19:42:29 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 624c5dd7a5a227aa063185cc1ac29d3c
d0d5cae93fdf68e84816638d533453b9d3c42b27
9659ccea75eb24251c1c4b48342ad78af99d596f3261522b09e4ca87c9fea404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 25c1a71b438dd3628ebe491222f1b414
651ec6be6391f31b7ea8f89441ffc9f58d3572f2
a9671ecd9fe7a56f470b4c16799360e71c39b48ed82ae1f7c7ba92f680da3ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3499
Cache-Control: max-age=161002
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Etag: "6392dd51-117"
Expires: Sun, 11 Dec 2022 07:59:56 GMT
Last-Modified: Fri, 09 Dec 2022 07:01:37 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 09 Dec 2022 11:16:34 GMT
expires: Fri, 09 Dec 2022 11:16:34 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 7.4 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 369db73415f4332e654146831ecbf0d4
9a3fe8ea2843f36c6a2cf90b9c823fb21b3acf04
ecf131347cd0b464ad6dcd25e4c1a5ea8b253f2e4fb4858f4f51244926457228
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:34 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 16031348
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776d54533b730b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2092647672-widgets.js
142.250.74.73200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 142.250.74.73:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 119149
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e3b686761d00190a2deabd88c32a7cdb
f291095dbf705b7688f3e24a74908fb313e73a16
852c7197413870e281ce4c7b336630abbc4a6c62318625097bfeb65fd32001eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116755
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Etag: "63923e25-117"
Expires: Sat, 10 Dec 2022 19:42:29 GMT
Last-Modified: Thu, 08 Dec 2022 19:42:29 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e3b686761d00190a2deabd88c32a7cdb
f291095dbf705b7688f3e24a74908fb313e73a16
852c7197413870e281ce4c7b336630abbc4a6c62318625097bfeb65fd32001eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Server: ECS (amb/6B81)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
142.250.74.106200 OK 46 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
IP 142.250.74.106:0
Hash e6f0a4e862a3303873282269c85a215c
9a9584518f2a10ac181cabf80d06751d1f7bcc76
7666a8b271bc0711c5c1127f9c635f33b3b0dae3850412222388e23d5ceffb9c
GET /css?family=Open+Sans:400,400i,600,600i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 11:16:34 GMT
date: Fri, 09 Dec 2022 11:16:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Llkkx5oKWhHlc1g_RnSpjsI72WJZL3YfGB4mLVm5eEV74B97goz7Ds8bgQf2B8LFeuhx2T1cNRsO0zhvAG2bKJUa1I1RRQ6S3up_iDsvdN-w14HCJ0A=w72-h72-pd
216.58.207.193200 OK 2.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Llkkx5oKWhHlc1g_RnSpjsI72WJZL3YfGB4mLVm5eEV74B97goz7Ds8bgQf2B8LFeuhx2T1cNRsO0zhvAG2bKJUa1I1RRQ6S3up_iDsvdN-w14HCJ0A=w72-h72-pd
IP 216.58.207.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 11a07b89a9e1e33f1db111c180070343
ca74c2350fd6f3445a7836bb69c6466abb00485f
3bc4af83fdb76725a921183da4eef9d760ca94f253fbb6355fb6522c42210aa1
GET /blogger_img_proxy/ANbyha0Llkkx5oKWhHlc1g_RnSpjsI72WJZL3YfGB4mLVm5eEV74B97goz7Ds8bgQf2B8LFeuhx2T1cNRsO0zhvAG2bKJUa1I1RRQ6S3up_iDsvdN-w14HCJ0A=w72-h72-pd HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sat, 10 Dec 2022 11:16:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 11:16:34 GMT
server: fife
content-length: 2855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.11.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.11.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://danasamross.blogspot.com
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:34 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4b1f12297928504bbf378ee6e9cd9a1b
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776d54546a3db4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e3b686761d00190a2deabd88c32a7cdb
f291095dbf705b7688f3e24a74908fb313e73a16
852c7197413870e281ce4c7b336630abbc4a6c62318625097bfeb65fd32001eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=116755
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Etag: "63923e25-117"
Expires: Sat, 10 Dec 2022 19:42:29 GMT
Last-Modified: Thu, 08 Dec 2022 19:42:29 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.35200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://danasamross.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 11:07:46 GMT
expires: Sat, 09 Dec 2023 11:07:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
age: 528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=8554077986512653449&zx=4c160e39-f870-4b81-b7b7-b9ce56adcc4e
142.250.74.73200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8554077986512653449&zx=4c160e39-f870-4b81-b7b7-b9ce56adcc4e
IP 142.250.74.73:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8554077986512653449&zx=4c160e39-f870-4b81-b7b7-b9ce56adcc4e HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 11:16:34 GMT
last-modified: Fri, 09 Dec 2022 11:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha31gMbMDN4iDlv75tiCoy3u3_qBssBrDkTk3jJCuIDQAs5CFqJiHXAkWBqFAk1-Ffw7HHOrgztep3RyaN18iBshqIur5LQnZsMjiCtUSfinNNH2fxKi9oe1uq3UxVbRvKPq5GN9yxeUo70LVPcTAH6p65U3bLms852OmvqU-9anN_E03IW3LZjQQLPXd0B92iTa=w72-h72-p-k-no-nu
216.58.207.193200 OK 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha31gMbMDN4iDlv75tiCoy3u3_qBssBrDkTk3jJCuIDQAs5CFqJiHXAkWBqFAk1-Ffw7HHOrgztep3RyaN18iBshqIur5LQnZsMjiCtUSfinNNH2fxKi9oe1uq3UxVbRvKPq5GN9yxeUo70LVPcTAH6p65U3bLms852OmvqU-9anN_E03IW3LZjQQLPXd0B92iTa=w72-h72-p-k-no-nu
IP 216.58.207.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash a175fadcd203a6f45d3788362d3a0366
de48784e390b2256e5e1fb82d2489a5b57ebcad5
fde76ff9945932e241ccfb8f73d20aeae07724f6e2f716b0719f24e923a1b231
GET /blogger_img_proxy/ANbyha31gMbMDN4iDlv75tiCoy3u3_qBssBrDkTk3jJCuIDQAs5CFqJiHXAkWBqFAk1-Ffw7HHOrgztep3RyaN18iBshqIur5LQnZsMjiCtUSfinNNH2fxKi9oe1uq3UxVbRvKPq5GN9yxeUo70LVPcTAH6p65U3bLms852OmvqU-9anN_E03IW3LZjQQLPXd0B92iTa=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sat, 10 Dec 2022 11:16:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 11:16:34 GMT
server: fife
content-length: 1835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kerjakosongterkiniuntukanda.files.wordpress.com/2019/11/img_7541.jpg?w=640
192.0.72.22200 OK 24 kB URL HTTP/2 kerjakosongterkiniuntukanda.files.wordpress.com/2019/11/img_7541.jpg?w=640
IP 192.0.72.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x420, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2a990a7b2ccff0f7505cefccd5452429
dfae659c68519ae939663f243ef469db22de0d0b
8442d3316f789417db69e11054cbcf5f01cc8bba8c27aaab8109743290c49af9
GET /2019/11/img_7541.jpg?w=640 HTTP/1.1
Host: kerjakosongterkiniuntukanda.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 11:16:34 GMT
content-type: image/webp
content-length: 24070
last-modified: Sat, 23 Nov 2019 11:52:55 GMT
expires: Sun, 08 Jan 2023 03:08:42 GMT
x-orig-src: 0_imageresize
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://kerjakosongterkiniuntukanda.wordpress.com
vary: Accept, Origin
x-nc: MISS arn 22 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3U50MBrBwtAaYzfXaVLcc3Z1NVwSAvL4djAodX1UJ6B7fK-PdYgwj0qFkQ7MZwifKg3FzDXL6gTrAFp8m07T81kjQEMqbSD5bb9ZM8dORxYUSNufQuZjDZOIftTwxlg31x1bnAcKEF6n9Vwko=w72-h72-p-k-no-nu
216.58.207.193200 OK 2.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3U50MBrBwtAaYzfXaVLcc3Z1NVwSAvL4djAodX1UJ6B7fK-PdYgwj0qFkQ7MZwifKg3FzDXL6gTrAFp8m07T81kjQEMqbSD5bb9ZM8dORxYUSNufQuZjDZOIftTwxlg31x1bnAcKEF6n9Vwko=w72-h72-p-k-no-nu
IP 216.58.207.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 1a80b6451c0a7143ffaba488c881d30b
e7149e1704cc5cb39a8c12d354cebf24201515b2
53d7d00c2f112d1df39b7b20a0508ac74852092afd8788ea831ff2322d5af2b6
GET /blogger_img_proxy/ANbyha3U50MBrBwtAaYzfXaVLcc3Z1NVwSAvL4djAodX1UJ6B7fK-PdYgwj0qFkQ7MZwifKg3FzDXL6gTrAFp8m07T81kjQEMqbSD5bb9ZM8dORxYUSNufQuZjDZOIftTwxlg31x1bnAcKEF6n9Vwko=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sat, 10 Dec 2022 11:16:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 11:16:34 GMT
server: fife
content-length: 2289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0-P3kkjlH3u7X1AjjEqY49a-OCZ7P3633LDUZcIswkwy6e-x8R85zhDamkWRvB2DmOqmPZUUJPI1hI5Ga2gt4VA37BJJl3O-isCHHBXmAmBrGb4KHxJVvOqJvciZ-ky1-R7S6LiZnaiOPbc27U-_FD=w1600
216.58.207.193404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0-P3kkjlH3u7X1AjjEqY49a-OCZ7P3633LDUZcIswkwy6e-x8R85zhDamkWRvB2DmOqmPZUUJPI1hI5Ga2gt4VA37BJJl3O-isCHHBXmAmBrGb4KHxJVvOqJvciZ-ky1-R7S6LiZnaiOPbc27U-_FD=w1600
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash d6fcf62b140092f1b53ab295d4c37c7b
448493ee1bced7b656fd90da80481eeebb07c0db
84e6e8a22b5f97045d72fcf7e276d197e0b3a89ceb6222d92c55e68aa63948f8
GET /blogger_img_proxy/ANbyha0-P3kkjlH3u7X1AjjEqY49a-OCZ7P3633LDUZcIswkwy6e-x8R85zhDamkWRvB2DmOqmPZUUJPI1hI5Ga2gt4VA37BJJl3O-isCHHBXmAmBrGb4KHxJVvOqJvciZ-ky1-R7S6LiZnaiOPbc27U-_FD=w1600 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 11:16:35 GMT
server: fife
content-length: 1741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 006bb7af9cce5ffa46fe4003d989feef
f181161ab2d5d9f3b8d98f99722f4e51f0e57298
135e0c26dbf779b926d5a64633dbb98c0e04c0152aacbdbaf8e33a923b5cfef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "135E0C26DBF779B926D5A64633DBB98C0E04C0152AACBDBAF8E33A923B5CFEF2"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 17:16:35 GMT
Date: Fri, 09 Dec 2022 11:16:35 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0g6gfeDDCHnTVWdM_d3tIfQZNdvBPayX2dYyE7FIaEqtxdSAydF-VGahQA4RqSJefWeB3YLcOY1RLHpikbLAeuuZhDG_h1nVQBBv5tviKR4CYqGWS1Uo3N0dPm3vzH1pwOspm63pfT0cJ64e6cakL4wsu5pgbnjXoiXNp9WamCLdre4DSehrEJnSVtZ846B_3Y5aqYIJlQyiLAQ34W8wQn3UoD_2McCPqvGolwd9rmAUaHr7pqN1k=w72-h72-p-k-no-nu
216.58.207.193200 OK 2.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0g6gfeDDCHnTVWdM_d3tIfQZNdvBPayX2dYyE7FIaEqtxdSAydF-VGahQA4RqSJefWeB3YLcOY1RLHpikbLAeuuZhDG_h1nVQBBv5tviKR4CYqGWS1Uo3N0dPm3vzH1pwOspm63pfT0cJ64e6cakL4wsu5pgbnjXoiXNp9WamCLdre4DSehrEJnSVtZ846B_3Y5aqYIJlQyiLAQ34W8wQn3UoD_2McCPqvGolwd9rmAUaHr7pqN1k=w72-h72-p-k-no-nu
IP 216.58.207.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash cbbffef3b7399975414de3ec6930817a
c03656c6e41f789e0bc7c5bdf72f468410f2cb74
fece40afcd07d7e56549d7e02bbb606e0166a45cf98b3bf317c3d6f0bf7b156e
GET /blogger_img_proxy/ANbyha0g6gfeDDCHnTVWdM_d3tIfQZNdvBPayX2dYyE7FIaEqtxdSAydF-VGahQA4RqSJefWeB3YLcOY1RLHpikbLAeuuZhDG_h1nVQBBv5tviKR4CYqGWS1Uo3N0dPm3vzH1pwOspm63pfT0cJ64e6cakL4wsu5pgbnjXoiXNp9WamCLdre4DSehrEJnSVtZ846B_3Y5aqYIJlQyiLAQ34W8wQn3UoD_2McCPqvGolwd9rmAUaHr7pqN1k=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sat, 10 Dec 2022 11:16:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 11:16:35 GMT
server: fife
content-length: 2351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dispatchoffenderbleat.com/431475e49e1926d143ad1caad2092d6e/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 dispatchoffenderbleat.com/431475e49e1926d143ad1caad2092d6e/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash e7308a632d17cb5df22bf6da90cb069a
e64abba38effb34d7486dd31e681355e019087b4
02d28edd89ed2a493140797d3e8bbb3ce1ed4ff92ba6bde914056c02001565ff
Analyzer Verdict Alert fortinet Malware
GET /431475e49e1926d143ad1caad2092d6e/invoke.js HTTP/1.1
Host: dispatchoffenderbleat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f300a25c9bba9498706f16068bfeeaef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jawatankosongku.net/wp-content/uploads/2016/11/Kerja-Kosong-Majlis-Perbandaran-Johor-Bahru-Tengah-300x210.png
104.161.20.212302 Found 683 B URL HTTP/2 jawatankosongku.net/wp-content/uploads/2016/11/Kerja-Kosong-Majlis-Perbandaran-Johor-Bahru-Tengah-300x210.png
IP 104.161.20.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77
GET /wp-content/uploads/2016/11/Kerja-Kosong-Majlis-Perbandaran-Johor-Bahru-Tengah-300x210.png HTTP/1.1
Host: jawatankosongku.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html
content-length: 683
date: Fri, 09 Dec 2022 11:16:35 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://jawatankosongku.net/cgi-sys/suspendedpage.cgi
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
dispatchoffenderbleat.com/768320f2a9b589040780a7f24f18f88e/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 dispatchoffenderbleat.com/768320f2a9b589040780a7f24f18f88e/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26970), with no line terminators
Hash e477c9a02590a1e574ffaa1244196ac7
d33a64314e1710059c56ce8cfa4557e47e568c32
530ea9025892d1ab206761a30a8b9af1401bb2db9327d04abf26e7ea9b74fd54
Analyzer Verdict Alert fortinet Malware
GET /768320f2a9b589040780a7f24f18f88e/invoke.js HTTP/1.1
Host: dispatchoffenderbleat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 838353f0d6b334079e66c710e210f76d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7c9c260994be6fdf4350a40bb4391067
869680337416c11c54a3ee10c9a6e601c5ec7e11
948585d009f8f8398946c69a91a0de04131aee950e89e535b4f10ab44a82885a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96801
Date: Fri, 09 Dec 2022 11:16:35 GMT
Etag: "6391e720-1d7"
Expires: Sat, 10 Dec 2022 14:09:56 GMT
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8IPcaFb7OPnWci4iDcuk7Yo_yrs3mxy-zjl5mkKotkb4fJ_XY5aTww==
Age: 2325
dispatchoffenderbleat.com/97264edc4c73fd2d5b41ac5081114f10/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 dispatchoffenderbleat.com/97264edc4c73fd2d5b41ac5081114f10/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26996), with no line terminators
Hash 52e86d19d4b4c0a63fa15123abf64b34
de4a8a931e2be5b8028ec38f55997d935ecebfe7
af52d7cf2df4ee6d4e1278477c63218c894ee09e07a1e33f013e15fcb0fcc70b
Analyzer Verdict Alert fortinet Malware
GET /97264edc4c73fd2d5b41ac5081114f10/invoke.js HTTP/1.1
Host: dispatchoffenderbleat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea084600f1132643570d403d6824c7cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 58bbd9eea02334cb9384832edc8dd663
ae1bc6939ac502489b1335440323c74e750ab3d6
7a205a3f281539a9fd5dcf16e36b2a2473296439a10512af8d0108857d1ff332
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danasamross.blogspot.com
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://danasamross.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=e17d4051-020d-429a-9101-d8f7c43d39d2:1:1; expires=Mon, 06 Dec 2032 11:16:35 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Fri, 09 Dec 2022 13:59:41 GMT
Date: Fri, 09 Dec 2022 11:16:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Fri, 09 Dec 2022 13:59:41 GMT
Date: Fri, 09 Dec 2022 11:16:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Fri, 09 Dec 2022 13:59:41 GMT
Date: Fri, 09 Dec 2022 11:16:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 65731
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 27289
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 38576
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 25667
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 27728
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 08:30:07 GMT
age: 9988
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 58bbd9eea02334cb9384832edc8dd663
ae1bc6939ac502489b1335440323c74e750ab3d6
7a205a3f281539a9fd5dcf16e36b2a2473296439a10512af8d0108857d1ff332
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danasamross.blogspot.com
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Cookie: uid_id2=e17d4051-020d-429a-9101-d8f7c43d39d2:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://danasamross.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7c9c260994be6fdf4350a40bb4391067
869680337416c11c54a3ee10c9a6e601c5ec7e11
948585d009f8f8398946c69a91a0de04131aee950e89e535b4f10ab44a82885a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96801
Date: Fri, 09 Dec 2022 11:16:35 GMT
Etag: "6391e720-1d7"
Expires: Sat, 10 Dec 2022 14:09:56 GMT
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zC3pfe8iogrO_8vfagabvhpNrpiy9YeEuc4iT8XWDDMhKf0x3RgrEQ==
Age: 2325
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 1df53a4f0064035b4e58d7c3b712ba92
462245c359bbd42def1f9fdba4ef56ab8e19dc7d
cd707c04509432634cf84277548c9359eee00a1c4e01abccd22a4b4343d017e4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danasamross.blogspot.com
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://danasamross.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=5f6ed434-b58f-42cb-90a9-df5eb29a7e40:1:1; expires=Mon, 06 Dec 2032 11:16:35 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.162200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.162:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Fri, 09 Dec 2022 10:13:44 GMT
expires: Fri, 23 Dec 2022 10:13:44 GMT
cache-control: public, max-age=1209600
age: 3771
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d30b612e98def8b24ab00662b65c676
c1bfec897d87ad7144d278d8fe39daf6b7001866
456b42bab2452c8156c29f647ea2c47339c76aebecffbd2752151e9898d37d78
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "456B42BAB2452C8156C29F647EA2C47339C76AEBECFFBD2752151E9898D37D78"
Last-Modified: Fri, 09 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4860
Expires: Fri, 09 Dec 2022 12:37:36 GMT
Date: Fri, 09 Dec 2022 11:16:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT
142.250.74.142200 OK 2.3 kB URL HTTP/2 encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT
IP 142.250.74.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 276x183, components 3\012- data
Hash 9bef96c7479adb40f793c7b0f4f2c33d
aff2b02e9af3e14faa9d22677eda1e2e6bd481cc
fcf9fdd5ab81da78cbca3ca589d8ff4c608a00f3d90665f2dc1aa8b9636998d9
GET /images?q=tbn:ANd9GcQh_l3eQ5xwiPy07kGEXjmjgmBKBRB7H2mRxCGhv1tFWg5c_mWT HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 2347
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 09:38:25 GMT
expires: Sat, 09 Dec 2023 09:38:25 GMT
cache-control: public, max-age=31536000
age: 5891
last-modified: Tue, 22 Dec 2015 19:19:47 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c9208747f2926b414bae65ed0e18fac5
3b25f459b1fe1a63689880699450305a8aee8b77
2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65d41e0d815ba213d67bcb90881d1881
637ed0104280c97b7740d0bed830033e1c3f1fff
f15832f9bb5999536e086f5de45e19737cf83e67f99de9e79c86a79f938c01ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F15832F9BB5999536E086F5DE45E19737CF83E67F99DE9E79C86A79F938C01EC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7777
Expires: Fri, 09 Dec 2022 13:26:13 GMT
Date: Fri, 09 Dec 2022 11:16:36 GMT
Connection: keep-alive
newsbeunity.com/21/33/10/2133103783e240e0c49a3aab167a223c.js
192.243.61.225200 OK 29 kB URL HTTP/1.1 newsbeunity.com/21/33/10/2133103783e240e0c49a3aab167a223c.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash cd065b439c99fcde4fd034aff2f729c5
b1b0cf8079831b20151165fb03533210ea7dbdf6
b6bce27fc3c221fe0e937238efc0939f9c8d8c1df17a2823902fbb0f1fc0b969
Analyzer Verdict Alert quad9 Sinkholed
GET /21/33/10/2133103783e240e0c49a3aab167a223c.js HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 619209ea098571246c457a99f408fa76
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 619dee188966b603bb83d2de5aef10e5
095600b474992467bc71289b87c8e01f1098a4e0
73f57d3945c2fb2a93e0a9bf558eb37efc5a2926eec94423d5d36500861b0932
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73F57D3945C2FB2A93E0A9BF558EB37EFC5A2926EEC94423D5D36500861B0932"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Fri, 09 Dec 2022 11:57:30 GMT
Date: Fri, 09 Dec 2022 11:16:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 619dee188966b603bb83d2de5aef10e5
095600b474992467bc71289b87c8e01f1098a4e0
73f57d3945c2fb2a93e0a9bf558eb37efc5a2926eec94423d5d36500861b0932
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73F57D3945C2FB2A93E0A9BF558EB37EFC5A2926EEC94423D5D36500861B0932"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2454
Expires: Fri, 09 Dec 2022 11:57:30 GMT
Date: Fri, 09 Dec 2022 11:16:36 GMT
Connection: keep-alive
hygieneretorted.com/watch.283295674122.js?key=431475e49e1926d143ad1caad2092d6e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 hygieneretorted.com/watch.283295674122.js?key=431475e49e1926d143ad1caad2092d6e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.283295674122.js?key=431475e49e1926d143ad1caad2092d6e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1 HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danasamross.blogspot.com
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://danasamross.blogspot.com
Access-Control-Allow-Origin: https://danasamross.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://hygieneretorted.com/watch.283295674122.js?key=431475e49e1926d143ad1caad2092d6e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1&shu=5f5ed12a7c9aacbe4213bf279cd9359d53abfe99039ab02fe6cf3c7f7c5271348b9905d4db95d5d0dd1ee2f8e83f2853c7697975794bf12d5bfc45abddc0d57352a3e6c478c6b45356ecfac509cf8264a0168e&pst=1670584656&rmtc=t
Set-Cookie: u_pl=16989730; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTczMCwiayI6IjQzMTQ3NWU0OWUxOTI2ZDE0M2FkMWNhYWQyMDkyZDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoicW0xcGh2eXYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9kYW5hc2Ftcm9zcy5ibG9nc3BvdC5jb20vMjAyMi8wOC9rZXJqYS1rb3NvbmctcGFyaXQtcmFqYS5odG1sIn19.S2CE99VtKkc6laXipAq3IGq1bkyRo-_UeMv3ZnQG9ME; expires=Fri, 09 Dec 2022 11:17:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ae59a87ca26ee85c1aad7a1b1fee103
Strict-Transport-Security: max-age=0; includeSubdomains
newsbeunity.com/watch.1507707711040.js?key=768320f2a9b589040780a7f24f18f88e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 newsbeunity.com/watch.1507707711040.js?key=768320f2a9b589040780a7f24f18f88e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1507707711040.js?key=768320f2a9b589040780a7f24f18f88e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danasamross.blogspot.com
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://danasamross.blogspot.com
Access-Control-Allow-Origin: https://danasamross.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://newsbeunity.com/watch.1507707711040.js?key=768320f2a9b589040780a7f24f18f88e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1&shu=ffd04c306974a035c4fae57ab54d3177c28fbaaacbc0e09d56bf937454db8c50945db5781c7660554933e4543873f8ade8d05e1588940d3ceca6abb7477aa929103ed86f288ab39efb98e78a81042557152a2e85&pst=1670584656&rmtc=t
Set-Cookie: u_pl=16989701; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTcwMSwiayI6Ijc2ODMyMGYyYTliNTg5MDQwNzgwYTdmMjRmMThmODhlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJlYXZjZTExaHZmIiwiY3BrcyI6eyAiMjgiOiIyMTMzMTAzNzgzZTI0MGUwYzQ5YTNhYWIxNjdhMjIzYyJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9kYW5hc2Ftcm9zcy5ibG9nc3BvdC5jb20vMjAyMi8wOC9rZXJqYS1rb3NvbmctcGFyaXQtcmFqYS5odG1sIn19.6H08861acwPQYBkEwKahCCS7hUsruxiz1bDAciOM3fs; expires=Fri, 09 Dec 2022 11:17:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eecb4c9f665764e82e12422b15eb2d54
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 182cd2e0c49ecb11b10f471755e0e1a1
f16559f5fe6f3ad5d4e414a9dbea27aa53187d97
c94c6172d375bc174b0dea4f1c0a4471b5934af2acb1b3b033037a364cfe7880
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C94C6172D375BC174B0DEA4F1C0A4471B5934AF2ACB1B3B033037A364CFE7880"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20534
Expires: Fri, 09 Dec 2022 16:58:50 GMT
Date: Fri, 09 Dec 2022 11:16:36 GMT
Connection: keep-alive
fairfaxgeorgianayourself.com/watch.681775286645.js?key=97264edc4c73fd2d5b41ac5081114f10&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.681775286645.js?key=97264edc4c73fd2d5b41ac5081114f10&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.681775286645.js?key=97264edc4c73fd2d5b41ac5081114f10&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danasamross.blogspot.com
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://danasamross.blogspot.com
Access-Control-Allow-Origin: https://danasamross.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://fairfaxgeorgianayourself.com/watch.681775286645.js?key=97264edc4c73fd2d5b41ac5081114f10&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1&shu=4d5500d0273254cb361f88670cebf43aa6ce55149cc7ddd200cd68037174547bbb6ab71910065d0428b019808603ff584ee72c957c37566dc52a7436f07ba6b0ad8dc37318eb20300ce09892644e5c68f2c4e6baad21da172b96ba1f924aa2c425&pst=1670584656&rmtc=t
Set-Cookie: u_pl=16989719; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTcxOSwiayI6Ijk3MjY0ZWRjNGM3M2ZkMmQ1YjQxYWM1MDgxMTE0ZjEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiZjdibmJ3MGoiLCJjcGtzIjp7ICIyOSI6IjJmODY2MDUxN2Q2Y2VhZjM3ZTNhODk3MGNlYzBlYTU5In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RhbmFzYW1yb3NzLmJsb2dzcG90LmNvbS8yMDIyLzA4L2tlcmphLWtvc29uZy1wYXJpdC1yYWphLmh0bWwifX0.M12Pyz7OzOGWDXUSsHWKqLrM1tIAoKaUQz6HsHPXrC0; expires=Fri, 09 Dec 2022 11:17:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd098b7cd77d528a0840c71a4dcf39f2
Strict-Transport-Security: max-age=0; includeSubdomains
fairfaxgeorgianayourself.com/2f/86/60/2f8660517d6ceaf37e3a8970cec0ea59.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/2f/86/60/2f8660517d6ceaf37e3a8970cec0ea59.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37129), with no line terminators
Hash 472a8917653b8159b38235db6e88d005
156230b09d54e69ba8eafcbc73c36b9648087d26
d8d071a29373f28dad13e515af0639753e137ec34b5970eeab9fa9c759ec566b
Analyzer Verdict Alert quad9 Sinkholed
GET /2f/86/60/2f8660517d6ceaf37e3a8970cec0ea59.js HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bed438463c85358523d5b5bba4e04343
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdns.klimg.com/kapanlagi.com/p/headline/476x238/apa-arti-mood-moody-dan-bad-mood-ketahu-9bc9ca.jpg
23.36.76.115403 Forbidden 403 B URL HTTP/2 cdns.klimg.com/kapanlagi.com/p/headline/476x238/apa-arti-mood-moody-dan-bad-mood-ketahu-9bc9ca.jpg
IP 23.36.76.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 287650174677a9d4f06c09cb20b482fb
389bd13ea23cfc17a6e61bfe51db1a4649978543
da39e93a78a06242abb7763d06a2f9562fc3f7aa1b0ece4774260181cfdf9a40
GET /kapanlagi.com/p/headline/476x238/apa-arti-mood-moody-dan-bad-mood-ketahu-9bc9ca.jpg HTTP/1.1
Host: cdns.klimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 403
expires: Fri, 09 Dec 2022 11:16:36 GMT
date: Fri, 09 Dec 2022 11:16:36 GMT
cache-control: max-age=31536000
X-Firefox-Spdy: h2
jawatankosongku.net/cgi-sys/suspendedpage.cgi
104.161.20.212200 OK 4.2 kB URL HTTP/2 jawatankosongku.net/cgi-sys/suspendedpage.cgi
IP 104.161.20.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4070)
Hash 1b3bded5941a2f87226eac9b771847ea
2bcf67b82260a0b35380961d90e315de7cce3d1b
0c1ea3d64d1615f82f03cc17d0be01b0694ca765cddcfe34a0f0ea8777fb9546
GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: jawatankosongku.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://danasamross.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 11:16:35 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
hygieneretorted.com/watch.283295674122.js?key=431475e49e1926d143ad1caad2092d6e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1&shu=5f5ed12a7c9aacbe4213bf279cd9359d53abfe99039ab02fe6cf3c7f7c5271348b9905d4db95d5d0dd1ee2f8e83f2853c7697975794bf12d5bfc45abddc0d57352a3e6c478c6b45356ecfac509cf8264a0168e&pst=1670584656&rmtc=t
192.243.61.227200 OK 643 B URL HTTP/1.1 hygieneretorted.com/watch.283295674122.js?key=431475e49e1926d143ad1caad2092d6e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1&shu=5f5ed12a7c9aacbe4213bf279cd9359d53abfe99039ab02fe6cf3c7f7c5271348b9905d4db95d5d0dd1ee2f8e83f2853c7697975794bf12d5bfc45abddc0d57352a3e6c478c6b45356ecfac509cf8264a0168e&pst=1670584656&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (603)
Hash bd3342c47065e2f2301a46e320391a39
9f7b501ef04c3f5bcbb83f1a61226b9ca6c33bc6
346d9901065137c3695636e58ccd68a2581d43928bef064e9ee8f60414fdb551
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.283295674122.js?key=431475e49e1926d143ad1caad2092d6e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=e17d4051-020d-429a-9101-d8f7c43d39d2%3A1%3A1&shu=5f5ed12a7c9aacbe4213bf279cd9359d53abfe99039ab02fe6cf3c7f7c5271348b9905d4db95d5d0dd1ee2f8e83f2853c7697975794bf12d5bfc45abddc0d57352a3e6c478c6b45356ecfac509cf8264a0168e&pst=1670584656&rmtc=t HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danasamross.blogspot.com
Referer: https://danasamross.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16989730; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTczMCwiayI6IjQzMTQ3NWU0OWUxOTI2ZDE0M2FkMWNhYWQyMDkyZDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoicW0xcGh2eXYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9kYW5hc2Ftcm9zcy5ibG9nc3BvdC5jb20vMjAyMi8wOC9rZXJqYS1rb3NvbmctcGFyaXQtcmFqYS5odG1sIn19.S2CE99VtKkc6laXipAq3IGq1bkyRo-_UeMv3ZnQG9ME
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://danasamross.blogspot.com
Access-Control-Allow-Origin: https://danasamross.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=e17d4051-020d-429a-9101-d8f7c43d39d2:1:1; expires=Fri, 16 Dec 2022 11:16:36 GMT; secure; SameSite=None
iprc3d81c427242e2cb840e2f7681ee4214b=2717291; expires=Sat, 10 Dec 2022 13:16:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6efa956f0bf6d3b7725fce921684802
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0f1cc9adc41cd1cf8a6754e9a1f01ea0
63b221495c643c9047bc61d72cd4a221831aa66f
12ad5aa0be16eb22d0b0bbc19e893505b0674f8a400cc3f37efb7ed4c458d6f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107786
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:36 GMT
Etag: "63921b1e-117"
Expires: Sat, 10 Dec 2022 17:13:02 GMT
Last-Modified: Thu, 08 Dec 2022 17:13:02 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8f21c17888d7f5a5835c538180f6dd74
e2c56e91eb325ccba51e59b92729a715d46e4b53
453a410dca43f7ab84c4606cb4853b989c229de7c843935cd2d9fa31167bc2d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:36 GMT
Etag: "63909f78-116"
Server: ECS (amb/6BC0)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f3cd38c15a57cffe1aa99f795d0f30ef
445bfed37b8e3f388b8b4019399a4c58fd0057c7
266a622b46c973d3fc4f4c29fb6805c2c3df5400aaddc5f19b6e7b9ed98a30b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107068
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:36 GMT
Etag: "63921850-117"
Expires: Sat, 10 Dec 2022 17:01:04 GMT
Last-Modified: Thu, 08 Dec 2022 17:01:04 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ff6c57ab672571984515581be2da206b
d90790e054c4fa308b1b53b319836958e25a5c43
b946e9da0adf9537adff159cae7b2c322b8805ae7c9ce0c5e850f1b7c3f32012
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90859
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:36 GMT
Etag: "6391d8ff-118"
Expires: Sat, 10 Dec 2022 12:30:55 GMT
Last-Modified: Thu, 08 Dec 2022 12:30:55 GMT
Server: nginx
Content-Length: 280
fairfaxgeorgianayourself.com/watch.681775286645?key=97264edc4c73fd2d5b41ac5081114f10&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1
173.233.137.44200 OK 1.2 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.681775286645?key=97264edc4c73fd2d5b41ac5081114f10&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (542)
Hash 23f8f5aaae2206d87ceec3cac9b777b4
c511872ba1ba598b2fc9afc7642a5c397f711c3f
1a5d67c1c6bba8b88e23d1884810a2396e58c22ab408aa242e1b99aacb8e0061
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.681775286645?key=97264edc4c73fd2d5b41ac5081114f10&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Cookie: u_pl=16989719; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTcxOSwiayI6Ijk3MjY0ZWRjNGM3M2ZkMmQ1YjQxYWM1MDgxMTE0ZjEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiZjdibmJ3MGoiLCJjcGtzIjp7ICIyOSI6IjJmODY2MDUxN2Q2Y2VhZjM3ZTNhODk3MGNlYzBlYTU5In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2RhbmFzYW1yb3NzLmJsb2dzcG90LmNvbS8yMDIyLzA4L2tlcmphLWtvc29uZy1wYXJpdC1yYWphLmh0bWwifX0.M12Pyz7OzOGWDXUSsHWKqLrM1tIAoKaUQz6HsHPXrC0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTcxOSwiayI6Ijk3MjY0ZWRjNGM3M2ZkMmQ1YjQxYWM1MDgxMTE0ZjEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiZjdibmJ3MGoiLCJjcGtzIjp7ICIyOSI6IjJmODY2MDUxN2Q2Y2VhZjM3ZTNhODk3MGNlYzBlYTU5In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9kYW5hc2Ftcm9zcy5ibG9nc3BvdC5jb20vMjAyMi8wOC9rZXJqYS1rb3NvbmctcGFyaXQtcmFqYS5odG1sIn19.MP5yclj0yQipZKGKs_w32PwQ-UND_CYEcWslgTeQigI; expires=Fri, 09 Dec 2022 11:17:36 GMT; secure; SameSite=None
uid_id2=5f6ed434-b58f-42cb-90a9-df5eb29a7e40:1:1; expires=Fri, 16 Dec 2022 11:16:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 47d63c933bc2caee08452102e3df6142
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
newsbeunity.com/watch.1507707711040?key=768320f2a9b589040780a7f24f18f88e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1
192.243.61.225200 OK 1.2 kB URL HTTP/1.1 newsbeunity.com/watch.1507707711040?key=768320f2a9b589040780a7f24f18f88e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (542)
Hash 60197c342e9f289e44c4e905bccfbdf1
afacdb13d91ade8eaf974c3b3e3cac8ca3a67e2e
0e29d138accd87362a248033b115bd68702900ce9fe59192d704c1cb052bb4ea
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1507707711040?key=768320f2a9b589040780a7f24f18f88e&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Cookie: u_pl=16989701; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTcwMSwiayI6Ijc2ODMyMGYyYTliNTg5MDQwNzgwYTdmMjRmMThmODhlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJlYXZjZTExaHZmIiwiY3BrcyI6eyAiMjgiOiIyMTMzMTAzNzgzZTI0MGUwYzQ5YTNhYWIxNjdhMjIzYyJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9kYW5hc2Ftcm9zcy5ibG9nc3BvdC5jb20vMjAyMi8wOC9rZXJqYS1rb3NvbmctcGFyaXQtcmFqYS5odG1sIn19.6H08861acwPQYBkEwKahCCS7hUsruxiz1bDAciOM3fs
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTcwMSwiayI6Ijc2ODMyMGYyYTliNTg5MDQwNzgwYTdmMjRmMThmODhlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJlYXZjZTExaHZmIiwiY3BrcyI6eyAiMjgiOiIyMTMzMTAzNzgzZTI0MGUwYzQ5YTNhYWIxNjdhMjIzYyJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vZGFuYXNhbXJvc3MuYmxvZ3Nwb3QuY29tLzIwMjIvMDgva2VyamEta29zb25nLXBhcml0LXJhamEuaHRtbCJ9fQ.5WWHZlA83ioeGIp7563g_GDVN1ZXTFGni0fzPTFcar8; expires=Fri, 09 Dec 2022 11:17:36 GMT; secure; SameSite=None
uid_id2=5f6ed434-b58f-42cb-90a9-df5eb29a7e40:1:1; expires=Fri, 16 Dec 2022 11:16:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 02b30567087f39d0352303cd443e95aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fairfaxgeorgianayourself.com/watch.681775286645?shu=3f6d15fc862bcb89e6a361177ca75f631a1d6cb7411241cdf85a0aa6395185b332725093323534cfba72e6aacf8b1500b9f01b730cdc9f624f34c0a63a065cf92fa1d41041f527099df0b2cf55405c21c9ad40ac47a3fd53f9a849c1b2a3da3b62&pst=1670584656&rmtc=t&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1&pii=&in=false&key=97264edc4c73fd2d5b41ac5081114f10&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&tz=0&dev=e&res=12.1055
173.233.137.44200 OK 781 B URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.681775286645?shu=3f6d15fc862bcb89e6a361177ca75f631a1d6cb7411241cdf85a0aa6395185b332725093323534cfba72e6aacf8b1500b9f01b730cdc9f624f34c0a63a065cf92fa1d41041f527099df0b2cf55405c21c9ad40ac47a3fd53f9a849c1b2a3da3b62&pst=1670584656&rmtc=t&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1&pii=&in=false&key=97264edc4c73fd2d5b41ac5081114f10&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (567)
Hash 5d47ef8a5aee28106d31a22e2ba8e2ff
a9120c944a7e20dce7bc924d5a18ff92ccdee600
276f9b2459c709011913ef3777bb71f487bdacbe99ec168ec2e87898f20823ce
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.681775286645?shu=3f6d15fc862bcb89e6a361177ca75f631a1d6cb7411241cdf85a0aa6395185b332725093323534cfba72e6aacf8b1500b9f01b730cdc9f624f34c0a63a065cf92fa1d41041f527099df0b2cf55405c21c9ad40ac47a3fd53f9a849c1b2a3da3b62&pst=1670584656&rmtc=t&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1&pii=&in=false&key=97264edc4c73fd2d5b41ac5081114f10&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fairfaxgeorgianayourself.com/watch.681775286645?key=97264edc4c73fd2d5b41ac5081114f10&kw=%5B%22kerja%22%2C%22kosong%22%2C%22parit%22%2C%22raja%22%2C%22-%22%2C%22sam%22%2C%22ross%22%5D&refer=https%3A%2F%2Fdanasamross.blogspot.com%2F2022%2F08%2Fkerja-kosong-parit-raja.html&tz=0&dev=e&res=12.1055&uuid=5f6ed434-b58f-42cb-90a9-df5eb29a7e40%3A1%3A1
Cookie: u_pl=16989719; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk4OTcxOSwiayI6Ijk3MjY0ZWRjNGM3M2ZkMmQ1YjQxYWM1MDgxMTE0ZjEwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzgyOTI5LCJwaWQiOjIzODgxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiZjdibmJ3MGoiLCJjcGtzIjp7ICIyOSI6IjJmODY2MDUxN2Q2Y2VhZjM3ZTNhODk3MGNlYzBlYTU5In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9kYW5hc2Ftcm9zcy5ibG9nc3BvdC5jb20vMjAyMi8wOC9rZXJqYS1rb3NvbmctcGFyaXQtcmFqYS5odG1sIn19.MP5yclj0yQipZKGKs_w32PwQ-UND_CYEcWslgTeQigI; uid_id2=5f6ed434-b58f-42cb-90a9-df5eb29a7e40:1:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:36 GMT
Content-Type: text/html
Content-Length: 781
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://danasamross.blogspot.com/2022/08/kerja-kosong-parit-raja.html
Access-Control-Allow-Origin: https://danasamross.blogspot.com/2022/08/kerja-kosong-parit-raja.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5f6ed434-b58f-42cb-90a9-df5eb29a7e40:1:1; expires=Fri, 16 Dec 2022 11:16:36 GMT; secure; SameSite=None
iprcb8eba1f5fe62a7808624feedeb9239be=2717341; expires=Sat, 10 Dec 2022 13:16:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 10 Dec 2022 11:16:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc92ffe950246d109edb9751f12407df
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a8d3d852f27d7635283bf0df750f2fe
b7aa203f82272b83809a4789bcbda0c16566ef97
fcf240a4ca086341ab65066afc0674c72d8f1467f3798da9e214d6b730077301
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCF240A4CA086341AB65066AFC0674C72D8F1467F3798DA9E214D6B730077301"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11464
Expires: Fri, 09 Dec 2022 14:27:41 GMT
Date: Fri, 09 Dec 2022 11:16:37 GMT
Connection: keep-alive
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16989719
173.233.137.36200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16989719
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7fd318c3613bc3df6dacbba9223de00b
b6b60964c3c42ebe2123ae042ea882e835bda29c
f2e0459a477d2d72c55e6cdf72cf1f44df4011003a392449b7e9eef5f0b895c3
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16989719 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fairfaxgeorgianayourself.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 10 Dec 2022 11:16:37 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY5ODk3MTkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9mYWlyZmF4Z2VvcmdpYW5heW91cnNlbGYuY29tLyJ9fQ.iyP08OR4vp6FwxzkBlrjVwBdV0L0YvQgpp7PRBupDgM; expires=Fri, 09 Dec 2022 11:17:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51f2236d976c85ce149cb78d1d5a71af
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=0213fbc0d11a8fb3531f45abafaeee9298be73dff3485aa4aae5f609f2e7b6d3ef785dc2a8d48e297709825841a9bdded47f0450b95f2c4aa2dab90ae9cd70d8f4ad8588819791c45a4e20f54040ebf034ab3d1686ae85f005b0ab4f3c236fd4b8&pst=1670584657&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ffairfaxgeorgianayourself.com%2F&psid=16989719
173.233.137.36302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=0213fbc0d11a8fb3531f45abafaeee9298be73dff3485aa4aae5f609f2e7b6d3ef785dc2a8d48e297709825841a9bdded47f0450b95f2c4aa2dab90ae9cd70d8f4ad8588819791c45a4e20f54040ebf034ab3d1686ae85f005b0ab4f3c236fd4b8&pst=1670584657&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ffairfaxgeorgianayourself.com%2F&psid=16989719
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=0213fbc0d11a8fb3531f45abafaeee9298be73dff3485aa4aae5f609f2e7b6d3ef785dc2a8d48e297709825841a9bdded47f0450b95f2c4aa2dab90ae9cd70d8f4ad8588819791c45a4e20f54040ebf034ab3d1686ae85f005b0ab4f3c236fd4b8&pst=1670584657&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ffairfaxgeorgianayourself.com%2F&psid=16989719 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY5ODk3MTkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9mYWlyZmF4Z2VvcmdpYW5heW91cnNlbGYuY29tLyJ9fQ.iyP08OR4vp6FwxzkBlrjVwBdV0L0YvQgpp7PRBupDgM; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:16:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://xml.mobipromote.com/click?i=L3AHRcuxKE0_0
Set-Cookie: pdhtkv=true; expires=Sat, 10 Dec 2022 11:16:37 GMT
uncs=1; expires=Sat, 10 Dec 2022 11:16:37 GMT
pdhtkv28=true; expires=Sat, 10 Dec 2022 11:16:37 GMT
uncs28=1; expires=Sat, 10 Dec 2022 11:16:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: daa8e02f91c7333fe10912e33dbf094a
Strict-Transport-Security: max-age=0; includeSubdomains
xml.mobipromote.com/click?i=L3AHRcuxKE0_0
173.239.53.21302 Found 0 B URL HTTP/1.1 xml.mobipromote.com/click?i=L3AHRcuxKE0_0
IP 173.239.53.21:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=L3AHRcuxKE0_0 HTTP/1.1
Host: xml.mobipromote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://ciar-kep.com/zcvisitor/f297c4b3-77b2-11ed-a322-0ad90c05d68f/22c0e840-21f3-11ec-aaa4-12beee04f19b?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
Pragma: no-cache
ciar-kep.com/zcvisitor/f297c4b3-77b2-11ed-a322-0ad90c05d68f/22c0e840-21f3-11ec-aaa4-12beee04f19b?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
3.208.247.235302 0 B URL HTTP/1.1 ciar-kep.com/zcvisitor/f297c4b3-77b2-11ed-a322-0ad90c05d68f/22c0e840-21f3-11ec-aaa4-12beee04f19b?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
IP 3.208.247.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /zcvisitor/f297c4b3-77b2-11ed-a322-0ad90c05d68f/22c0e840-21f3-11ec-aaa4-12beee04f19b?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51 HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Fri, 09 Dec 2022 11:16:38 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://shopde.pricedeals.shop/go.php?market=no&zrf297c4b377b211eda3220ad90c05d68f6e89207a6d2f407caa8b29376bfb5ccf069587d2769521eb60
Server: BTnzOqhA
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49a088a72b6be3f2acf7fcddbac5b73b
59d366286d8177ca8348f69d49a61ce7a2247718
21d0162700374e1f673d94dc1b8132f2be190b725cd08b7a4ca4e6cb9e0f40cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21D0162700374E1F673D94DC1B8132F2BE190B725CD08B7A4CA4E6CB9E0F40CC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3785
Expires: Fri, 09 Dec 2022 12:19:43 GMT
Date: Fri, 09 Dec 2022 11:16:38 GMT
Connection: keep-alive
shopde.pricedeals.shop/go.php?market=no&zrf297c4b377b211eda3220ad90c05d68f6e89207a6d2f407caa8b29376bfb5ccf069587d2769521eb60
135.181.6.240200 OK 570 B URL HTTP/1.1 shopde.pricedeals.shop/go.php?market=no&zrf297c4b377b211eda3220ad90c05d68f6e89207a6d2f407caa8b29376bfb5ccf069587d2769521eb60
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (450)
Hash 95b428166ae78715342862d326103af5
d9a910cf4d6ce4548f2f2a355847e4bb16cffb7d
d1beaf679d99cbcea046bc9cd4066c465ca0ae1b4ef0f81954dca1c003966f17
GET /go.php?market=no&zrf297c4b377b211eda3220ad90c05d68f6e89207a6d2f407caa8b29376bfb5ccf069587d2769521eb60 HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:16:38 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 570
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
shopde.pricedeals.shop/favicon.ico
135.181.6.240404 Not Found 285 B URL HTTP/1.1 shopde.pricedeals.shop/favicon.ico
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cd85cf7b8f9a014ae145681b1f5e73d
a574403ec64b443a802d0980e3bd368bafebe2d9
cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b
GET /favicon.ico HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zrf297c4b377b211eda3220ad90c05d68f6e89207a6d2f407caa8b29376bfb5ccf069587d2769521eb60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 11:16:38 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzA1NjA0OTMyOTImLnNpZz1DOTJyRzZYOVIwN1pIN25rXzd5bXprZGVsMTAtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNTIyMTE4JmNvdW50cnk9bm8mb2ZmZXJJZD0wMzJjM2NjMDlmZjFkMmNiYTFiMjRjNWZiY2E2MWY2YyZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTQm
135.181.6.240200 OK 463 B URL HTTP/1.1 shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzA1NjA0OTMyOTImLnNpZz1DOTJyRzZYOVIwN1pIN25rXzd5bXprZGVsMTAtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNTIyMTE4JmNvdW50cnk9bm8mb2ZmZXJJZD0wMzJjM2NjMDlmZjFkMmNiYTFiMjRjNWZiY2E2MWY2YyZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTQm
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash 2ad21d3c28aa044cf7a726c7fb550eb8
1649224b3f3829a57d5884f0f3e7e0940201da92
3a53b6ebfe0facdd9b4bc8e1e37796390a36e77992bb56f2e7a2a38d0c0749a5
GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzA1NjA0OTMyOTImLnNpZz1DOTJyRzZYOVIwN1pIN25rXzd5bXprZGVsMTAtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNTIyMTE4JmNvdW50cnk9bm8mb2ZmZXJJZD0wMzJjM2NjMDlmZjFkMmNiYTFiMjRjNWZiY2E2MWY2YyZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTQm HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zrf297c4b377b211eda3220ad90c05d68f6e89207a6d2f407caa8b29376bfb5ccf069587d2769521eb60
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:16:39 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 463
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3e11173752e4960ef12783f1f9677bbd
6c4c9d064b55b13e727ccb747024b3bf684980d0
cfd8975f30724dd659b4a58ab749fdb6c1223d1825ba5f17c1f55a2242b5a3f2
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5603
Cache-Control: max-age=114444
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:41 GMT
Etag: "63921f43-1d7"
Expires: Sat, 10 Dec 2022 19:04:05 GMT
Last-Modified: Thu, 08 Dec 2022 17:30:43 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670560493292&.sig=C92rG6X9R07ZH7nk_7ymzkdel10-&affiliationId=96979714&comId=100522118&country=no&offerId=032c3cc09ff1d2cba1b24c5fbca61f6c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
95.211.116.27200 OK 28 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670560493292&.sig=C92rG6X9R07ZH7nk_7ymzkdel10-&affiliationId=96979714&comId=100522118&country=no&offerId=032c3cc09ff1d2cba1b24c5fbca61f6c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 41c50dd5b8b29419a1b7ed2fd7db75aa
585808c3b57ebad03e57082f8424c11c494eb324
145ab3be6c7f6674a29dce4337854dfc22628e4f45a72182c809e17f264d2f76
GET /ctl/go/offersearchGo?.ts=1670560493292&.sig=C92rG6X9R07ZH7nk_7ymzkdel10-&affiliationId=96979714&comId=100522118&country=no&offerId=032c3cc09ff1d2cba1b24c5fbca61f6c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54& HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:16:41 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570
clickId: 107698154_1670584601027_1930513
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.020721S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 27783
Set-Cookie: datadome=0gxI5UUWQDkGN-IOTVT8XS0FG~R2XbfalyL36X2zrzaLy45qEx3FiW4nYDZbarpGyMIgxl3qh7Ojet2ZSaOrK~rgvVJpUOW23NwR7u0HDHk9DyaISwITMGXq--gZ191U; Max-Age=31536000; Expires=Sat, 09 Dec 2023 11:16:41 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c629a-184f69a09c3-a128b; Max-Age=31536000; Expires=Sat, 09 Dec 2023 11:16:41 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=95
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670560493292&.sig=C92rG6X9R07ZH7nk_7ymzkdel10-&affiliationId=96979714&comId=100522118&country=no&offerId=032c3cc09ff1d2cba1b24c5fbca61f6c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
Connection: keep-alive
Cookie: datadome=0gxI5UUWQDkGN-IOTVT8XS0FG~R2XbfalyL36X2zrzaLy45qEx3FiW4nYDZbarpGyMIgxl3qh7Ojet2ZSaOrK~rgvVJpUOW23NwR7u0HDHk9DyaISwITMGXq--gZ191U; kelkooID=a4c629a-184f69a09c3-a128b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:16:41 GMT
Request-Time: PT0.001344S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=43
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670560493292&.sig=C92rG6X9R07ZH7nk_7ymzkdel10-&affiliationId=96979714&comId=100522118&country=no&offerId=032c3cc09ff1d2cba1b24c5fbca61f6c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
Content-Type: text/plain;charset=utf-8
Content-Length: 548
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=0gxI5UUWQDkGN-IOTVT8XS0FG~R2XbfalyL36X2zrzaLy45qEx3FiW4nYDZbarpGyMIgxl3qh7Ojet2ZSaOrK~rgvVJpUOW23NwR7u0HDHk9DyaISwITMGXq--gZ191U; kelkooID=a4c629a-184f69a09c3-a128b; _ga=GA1.2.1884446203.1670584600; _gid=GA1.2.1226509311.1670584600
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:16:41 GMT
Request-Time: PT0.003187S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=86
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513&url=https%3A%2F%2Fwww.awin1.com%2Fcread.php%3Fawinmid%3D19717%26clickref%3Ddc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570%26awinaffid%3D369759%26platform%3Dtp%26networkref1%3Dgclid_%26ued%3Dhttps%253A%252F%252Fblivakker.no%252Fproduct%252F3233115&initiator=timeout
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513&url=https%3A%2F%2Fwww.awin1.com%2Fcread.php%3Fawinmid%3D19717%26clickref%3Ddc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570%26awinaffid%3D369759%26platform%3Dtp%26networkref1%3Dgclid_%26ued%3Dhttps%253A%252F%252Fblivakker.no%252Fproduct%252F3233115&initiator=timeout
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae2eebe94e343f36ac59b59165f5160a0e584adac0f836afabe362bdfa5e3c8ddf37a2f732ca10698ee48ac5cf34bdf6cfd985941265a66b80db709150839374de7d6fbdddaf9bc3a04d8b41473cb3280b159e81283b796af74a52d3c98cc81329603a6915491c750157139026efc4c3c5e8b362b833d078ee1c11f26e0b36626eb4fd354595d8e7a3c8489260744d7f8b46aa7f11b63d54c96b3398aba55c040ec&leadId=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&clickId=107698154_1670584601027_1930513&url=https%3A%2F%2Fwww.awin1.com%2Fcread.php%3Fawinmid%3D19717%26clickref%3Ddc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570%26awinaffid%3D369759%26platform%3Dtp%26networkref1%3Dgclid_%26ued%3Dhttps%253A%252F%252Fblivakker.no%252Fproduct%252F3233115&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670560493292&.sig=C92rG6X9R07ZH7nk_7ymzkdel10-&affiliationId=96979714&comId=100522118&country=no&offerId=032c3cc09ff1d2cba1b24c5fbca61f6c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=54&
Connection: keep-alive
Cookie: datadome=0gxI5UUWQDkGN-IOTVT8XS0FG~R2XbfalyL36X2zrzaLy45qEx3FiW4nYDZbarpGyMIgxl3qh7Ojet2ZSaOrK~rgvVJpUOW23NwR7u0HDHk9DyaISwITMGXq--gZ191U; kelkooID=a4c629a-184f69a09c3-a128b; _ga=GA1.2.1884446203.1670584600; _gid=GA1.2.1226509311.1670584600
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Fri, 09 Dec 2022 11:16:41 GMT
leadId: dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570
clickId: 107698154_1670584601027_1930513
country: no
Location: https://www.awin1.com/cread.php?awinmid=19717&clickref=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&awinaffid=369759&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fblivakker.no%2Fproduct%2F3233115
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.015317S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=17~-9RKYY-KEB0r_anWZQw8lzmk-qoD_cvDVeUuOL_AmINo--sLA0ke4kjV6qrs8rTrFzmoU42D_37YO05fctZBBTmF1qagR-HrVvewp08ROqa6ygYKcRKSmLU6jo-qr; Max-Age=31536000; Expires=Sat, 09 Dec 2023 11:16:41 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=42
Connection: Keep-Alive
Content-Type: text/plain
www.awin1.com/cread.php?awinmid=19717&clickref=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&awinaffid=369759&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fblivakker.no%2Fproduct%2F3233115
2.21.192.211302 Moved Temporarily 0 B URL HTTP/1.1 www.awin1.com/cread.php?awinmid=19717&clickref=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&awinaffid=369759&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fblivakker.no%2Fproduct%2F3233115
IP 2.21.192.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cread.php?awinmid=19717&clickref=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&awinaffid=369759&platform=tp&networkref1=gclid_&ued=https%3A%2F%2Fblivakker.no%2Fproduct%2F3233115 HTTP/1.1
Host: www.awin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Cookie: bId=HLEX_628f00ae0f3690.47151114
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Allow: GET
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Fri, 09 Dec 2022 11:16:41 GMT
Connection: keep-alive
Set-Cookie: aw19717=369759|0|0|1670584601|dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570|tp|0;domain=.awin1.com;path=/;expires=Sunday, 08-Jan-2023 11:16:41 UTC;Secure;SameSite=None
bId=HLEX_628f00ae0f3690.47151114;domain=.awin1.com;path=/;expires=Saturday, 09-Dec-2023 11:16:41 UTC;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ce3c61b86e2c62d17a0e09a2f551f4d7
c675f08d8773834f6c0721a8af5e4c17bd0417a0
5d65a4371c375f9f39158a81e0c6c951ca2ddd68acc5a3f33ff19560448f5d36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161444
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:41 GMT
Etag: "6392ecbd-116"
Expires: Sun, 11 Dec 2022 08:07:25 GMT
Last-Modified: Fri, 09 Dec 2022 08:07:25 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670560493292%26.sig%3DC92rG6X9R07ZH7nk_7ymzkdel10-%26affiliationId%3D96979714%26comId%3D100522118%26country%3Dno%26offerId%3D032c3cc09ff1d2cba1b24c5fbca61f6c%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D54%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C100522118%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20BliVakker.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1884446203.1670584600&tid=UA-168544891-6&_gid=1226509311.1670584600&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&cd3=100522118&cd4=a4c629a-184f69a09c3-a128b&cd5=&cd6=96979714%7C100522118%7C&z=1457237661
142.250.74.46200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670560493292%26.sig%3DC92rG6X9R07ZH7nk_7ymzkdel10-%26affiliationId%3D96979714%26comId%3D100522118%26country%3Dno%26offerId%3D032c3cc09ff1d2cba1b24c5fbca61f6c%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D54%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C100522118%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20BliVakker.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1884446203.1670584600&tid=UA-168544891-6&_gid=1226509311.1670584600&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&cd3=100522118&cd4=a4c629a-184f69a09c3-a128b&cd5=&cd6=96979714%7C100522118%7C&z=1457237661
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FoffersearchGo%3F.ts%3D1670560493292%26.sig%3DC92rG6X9R07ZH7nk_7ymzkdel10-%26affiliationId%3D96979714%26comId%3D100522118%26country%3Dno%26offerId%3D032c3cc09ff1d2cba1b24c5fbca61f6c%26service%3D37%26tokenId%3D32f34312-f203-4070-8685-542fb127b110%26wait%3Dtrue%26addedParams%3Dtrue%26custom1%3D54%26&dr=https%3A%2F%2Fshopde.pricedeals.shop%2F&dp=%2F96979714%7C100522118%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20BliVakker.no&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=1884446203.1670584600&tid=UA-168544891-6&_gid=1226509311.1670584600&_r=1&cd1=96979714&cd2=dc1-kls-prod-ls-02.prod.dc1.kelkoo.net_1670584601037_746570&cd3=100522118&cd4=a4c629a-184f69a09c3-a128b&cd5=&cd6=96979714%7C100522118%7C&z=1457237661 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Fri, 09 Dec 2022 11:16:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:16:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blivakker.no/assets/images/icon/icon-ok.png
104.26.0.18200 OK 462 B URL HTTP/2 www.blivakker.no/assets/images/icon/icon-ok.png
IP 104.26.0.18:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3e1e51cc85b51cbe8ad85bdf642bc2bc
b11551827c3b1cc6d160efb79453e0e68b5641e6
6635e57db3fd93bb76cbcd6ca6fc37595d465eeb63bbf2d399483353617df4f6
GET /assets/images/icon/icon-ok.png HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: image/webp
content-length: 462
cache-control: max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1017
content-disposition: inline; filename="icon-ok.webp"
vary: Accept
etag: "01e4fa396d91:0"
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 66361
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18kZCnye4lxGPWtFsPcfqSKvd0TiSnhq1dOHbB6js8luGKzpxykW77Pv3ZPBp%2FdlI5NET98sVpQPh1tS0KGibZido%2BQ3Ncdc2vIRgAuaCdPvRxrzSgj6WT3KOeoipbM%2BB28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482595c0b59-OSL
X-Firefox-Spdy: h2
cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_1.jpeg
104.26.0.18200 OK 2.0 kB URL HTTP/2 cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_1.jpeg
IP 104.26.0.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 78f37e514c345911cdaa8e2a3d862a10
50e1f32b48f1916480cb4f57a22b2255b8c09540
1a902fefa37171eb271d5dae4277e0077ea8f9de5424bc92f3db5922431a86dd
GET /Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_1.jpeg HTTP/1.1
Host: cdn.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/jpeg
content-length: 1962
cache-control: max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2209, status=webp_bigger
etag: "c1c242c8fa62d81:0"
last-modified: Sun, 08 May 2022 16:43:44 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvaUOh6e3eYQEfhptyZdF5sUO1oPU7IoywsziCYw2PXkfxOCQe6BAwg0ahUtVyRh3%2FcVZEwtHfuIP7oOc8JMgWEyJ48LFddFZp0XxZ0aRx0o1JAf0xoz9zuO9m%2FWNwNkHV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d548279710b59-OSL
X-Firefox-Spdy: h2
cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_3.jpeg
104.26.0.18200 OK 1.0 kB URL HTTP/2 cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_3.jpeg
IP 104.26.0.18:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e9824d720cad7f898d7e23da9c42b4b
02881ffbfc17a7eaf8e90be37f9d7330dfdc11ec
09fe45e012a9cb9c92eedfb6ed627ddc381b0d887620e1212aecdb1024ebf63c
GET /Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_3.jpeg HTTP/1.1
Host: cdn.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/webp
content-length: 1042
cache-control: max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=1395
content-disposition: inline; filename="c02561e6-dd18-42d7-91ce-005f0e755e5e_3.webp"
vary: Accept
etag: "2a819ccfa62d81:0"
last-modified: Sun, 08 May 2022 16:43:51 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uP1voGp01r9xf%2BrpmqKQo7iXLYp9x%2F9MCm7CvfyDXB9qZhmTdFl0e5j0DjgBhfb0YpsmJf7BCvVyoxbmMmEWxk7DOw0RVnj0u9K737aHeEpjjUW43tmKEOIUzIHV4FlcN%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d548279760b59-OSL
X-Firefox-Spdy: h2
cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_7.jpeg
104.26.0.18200 OK 2.2 kB URL HTTP/2 cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_7.jpeg
IP 104.26.0.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 2fad826c635e74c8f601b1898b0d7120
72f48f315e45af2d3e8bb6713c85afbbd8436ec2
216a874b9e9f57084bfecb4249a7c820e29256734229d8d716ffc17c77a8b7d9
GET /Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_7.jpeg HTTP/1.1
Host: cdn.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/jpeg
content-length: 2178
cache-control: max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2425, status=webp_bigger
etag: "a6fa38d4fa62d81:0"
last-modified: Sun, 08 May 2022 16:44:04 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upMaKH5pNYPlChrc9%2F9a2Lybcc3s1IJJkrF3%2F5VBmE0BVfSdBfZ5sNHgOF6iUXrqPF8It5qrMRRAVw277XITgw1B1RD%2F0UxsM19g509swQSyEdMAoHKVtpHZiqvFtPkqymM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d548279700b59-OSL
X-Firefox-Spdy: h2
cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_2.jpeg
104.26.0.18200 OK 1.2 kB URL HTTP/2 cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_2.jpeg
IP 104.26.0.18:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 241da0d45dd99fd9b5783a829d4186c3
02f95070157725028a5c3c5d439a8aa9d7ce4e69
e44dd753bf41af985c1cffd08142ac64627dc9851957f2dfb0ca28654454e187
GET /Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_2.jpeg HTTP/1.1
Host: cdn.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/webp
content-length: 1240
cache-control: max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=1424
content-disposition: inline; filename="c02561e6-dd18-42d7-91ce-005f0e755e5e_2.webp"
vary: Accept
etag: "2c9c37cafa62d81:0"
last-modified: Sun, 08 May 2022 16:43:48 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy79wo%2FaOdJghdHXadiO2lYGXzAeYgLolzrStoxCqQMQZb24tDdg3a7KM4TyF9UqI9oqzvUbOixoNPRUlFo1yQ31LJ4uPo4y10NggQs5RqRru7tC7kOjQ9FZ%2FB2pVdno7aE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d548279740b59-OSL
X-Firefox-Spdy: h2
cdn.blivakker.no/Media/Product/Image/900/c02561e6-dd18-42d7-91ce-005f0e755e5e_7.jpeg
104.26.0.18200 OK 30 kB URL HTTP/2 cdn.blivakker.no/Media/Product/Image/900/c02561e6-dd18-42d7-91ce-005f0e755e5e_7.jpeg
IP 104.26.0.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x750, components 3\012- data
Hash 7d4559698e3fd0da71e9735ec66e621d
314943ed130d784bd75a3ed3cf173312b967abc7
c2b3a48e7642c4b726e66c6503aede007011cde8aa593c2fbae68f8e90754546
GET /Media/Product/Image/900/c02561e6-dd18-42d7-91ce-005f0e755e5e_7.jpeg HTTP/1.1
Host: cdn.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/jpeg
content-length: 30305
cache-control: max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=31424, status=webp_bigger
etag: "c62140d4fa62d81:0"
last-modified: Sun, 08 May 2022 16:44:04 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiYutDT0TgMMZFgoUksvF8p9O%2FBh%2FOdkvPtPEcUFUeKySkIy%2B22cjFZpR2OUEoAFlO%2BAoZ5Q%2BkujXvB0miNyTF56wiPHvFPat47GGc4ewSqEoZy5xl8fANmsTthjizMTCMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d5482796f0b59-OSL
X-Firefox-Spdy: h2
cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_5.jpeg
104.26.0.18200 OK 2.9 kB URL HTTP/2 cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_5.jpeg
IP 104.26.0.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 20x20, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 89b8b2a594ab65117c69173d514fe496
c0e5779847be623ddf233daef5a30fb7feb52fb5
871571fc037f9bd773d8212ceda959c73f6b7afbd87ef332aff7b2078b074274
GET /Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_5.jpeg HTTP/1.1
Host: cdn.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/jpeg
content-length: 2914
cache-control: max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=3053, status=webp_bigger
etag: "cec53ad0fa62d81:0"
last-modified: Sun, 08 May 2022 16:43:58 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKanT%2BGjCqOhlcE6i6UQmui8kO%2BRgmGfJR6EJhouT%2BSvxIyPbZ1EoWVgnJSI8HkB2q3hLfZmAMMKxRgmzdNhQt%2F24izufKnNLiSHheCgzmBo8c7bq%2FibSGCz4z7jmPIYJzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d548279780b59-OSL
X-Firefox-Spdy: h2
cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_4.jpeg
104.26.0.18200 OK 2.8 kB URL HTTP/2 cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_4.jpeg
IP 104.26.0.18:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 12c3569002ce8e76f4c85871937b8adf
cbaf84f863473f0439c00d1e4727e5a5f6d4f4d7
5f9c0d6aad8f3aa1fef8e5ec6ce8fbb7be6637ac749dbfc16f20dd5fd30bcf03
GET /Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_4.jpeg HTTP/1.1
Host: cdn.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/jpeg
content-length: 2760
cache-control: max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2802, status=webp_bigger
etag: "b04633cefa62d81:0"
last-modified: Sun, 08 May 2022 16:43:54 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrX2kqPNfuf11%2BdIzgF0%2Bf1%2BgpPpKaiFvZExelkAQui3OExLUWFAznTKTv1BY03bJ98Rq7OKATAYGyTH7KzPsH0EyrLmI1I8mFJkUTNMjVo8ff4AbAC4GYYY2SCcWX4VHtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d548279730b59-OSL
X-Firefox-Spdy: h2
cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_6.jpeg
104.26.0.18200 OK 2.6 kB URL HTTP/2 cdn.blivakker.no/Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_6.jpeg
IP 104.26.0.18:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 20x20, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 56be6c94bda11c5dda3650fa19cc8204
b8eaf45a60ddde7d5d8be04517559c28f8940cc3
be867331504949fb9369ac653d3cb03512cee12b7fa221835a0aaa856cd5bd84
GET /Media/Product/Image/100/c02561e6-dd18-42d7-91ce-005f0e755e5e_6.jpeg HTTP/1.1
Host: cdn.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/jpeg
content-length: 2649
cache-control: max-age=691200
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2680, status=webp_bigger
etag: "374039d2fa62d81:0"
last-modified: Sun, 08 May 2022 16:44:01 GMT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7QOtAy1Jd3w62C99jkr9B%2B4dOlVlj5s7u%2FdItFbHsR3wI1AGgmXxhiCD7kl6f9ydqgiQXdejJQ0q3qI52pwI8Ky5sH3EmIlAlPwzP%2FKVPT5nR8tYSCpSKvF0P1Qso7RgFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d5482797a0b59-OSL
X-Firefox-Spdy: h2
blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
104.26.0.18301 Moved Permanently 72 kB URL HTTP/2 blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
IP 104.26.0.18:0
Hash d658153b64d2af0c5a88822584959118
1dea983b5b6cb3c6f59bae03f6c84fa66e5db690
5038fedc0125ee6df290b9447ef7d84ed1e014cec5e9c783f572ac8a45aacadf
GET /product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26 HTTP/1.1
Host: blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 11:16:41 GMT
location: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
cache-control: max-age=3600
expires: Fri, 09 Dec 2022 12:16:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAVW12USXjoJbwivKT9S0LS7ZqAUNQzSa5ocDf%2ByhLQw4O5KSUAdJ5dUftUtTi3v%2BN99as%2FktPUqcIJio%2F3vVy165fncYg41VAH4KMpvDGb%2FltIYsUXkNRJVPVJcMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d54804f700b59-OSL
X-Firefox-Spdy: h2
www.blivakker.no/assets/fonts/fa-regular-400.woff2
104.26.0.18200 OK 4.5 kB URL HTTP/2 www.blivakker.no/assets/fonts/fa-regular-400.woff2
IP 104.26.0.18:0
File type Web Open Font Format (Version 2), TrueType, length 4488, version 331.-31196\012- data
Hash dfc6a6a99c7308813a2439bdb1e49274
3b4ddab8eb07167554e274a6363c39883bf072bc
d1a940babc21a116b3b1e7ca890abfcc29a1af0260c96ba65b7147be04894e09
GET /assets/fonts/fa-regular-400.woff2 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.blivakker.no/assets/stylesheets/base.css?v=XEzVxIorE3-pMOC4i3llmun7FvrRTBGzYHBz_Hj4fgY1
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: application/x-woff
content-length: 4488
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: "01e4fa396d91:0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BSwlR1CVXHkNzu0TR%2FzqmejgG0ka6DotJU%2FEh7Tr9Wa9mzPu4V9xY%2BsrrSOPWCQg32GfJzClg9RvSnJ7bp4pbvYV%2F0Rnx8t5wOpIGkrHZr1%2F0TblDxuVQv%2FHRG6e0s6yHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d54833a210b59-OSL
X-Firefox-Spdy: h2
www.blivakker.no/assets/fonts/fa-solid-900.woff2
104.26.0.18200 OK 3.8 kB URL HTTP/2 www.blivakker.no/assets/fonts/fa-solid-900.woff2
IP 104.26.0.18:0
File type Web Open Font Format (Version 2), TrueType, length 3816, version 331.-31196\012- data
Hash 7ad6abc6511d5077d40dca4397553b7d
24e63c52eb1f4cd46907765c9a668c6112a1c476
e33fafdbdbf0539369a2397e1d702ad6fefecbf591a1e42046498bc5735d2f13
GET /assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.blivakker.no/assets/stylesheets/base.css?v=XEzVxIorE3-pMOC4i3llmun7FvrRTBGzYHBz_Hj4fgY1
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: application/x-woff
content-length: 3816
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: "01e4fa396d91:0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLkjnvGgN2GK8kLyQ7brBmqkr7k5JZE9uiizuofSiLj0LwKsxq%2BXDq2m3wihnFdsL%2FS3jEFHqEZQmhXogXB3F4C%2FXx45p%2BkA9qmnU8bG2Rwxhh7NTnnr0LD%2F0Eq6x91J7jw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d54836a440b59-OSL
X-Firefox-Spdy: h2
www.blivakker.no/codesplit/topmenu/desktop?v=qbhr7leyTSTfPjj_t8_zEwUWZuwmSrpjbquIKQElnU01
104.26.0.18200 OK 2.9 kB URL HTTP/2 www.blivakker.no/codesplit/topmenu/desktop?v=qbhr7leyTSTfPjj_t8_zEwUWZuwmSrpjbquIKQElnU01
IP 104.26.0.18:0
File type ASCII text, with very long lines (2739), with CRLF line terminators
Hash 89f00ca5622d7f04472025477a311506
de43d5ade7aa01442b440965e517c749e97552c3
b0c0937600244b3d16e2159b7c23e0a3186327bbd1a4890cfea841bb46b11b1e
GET /codesplit/topmenu/desktop?v=qbhr7leyTSTfPjj_t8_zEwUWZuwmSrpjbquIKQElnU01 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al9L%2F76LXNuFNOeJUZ4Oouy%2BczVkgQ3TsEdsB4zEPwo1tXDyK5gSDix1cGEQgE5khpln6FvMbeWDOXZQgDGHPQX%2FDaqxuOW38mkhOfCrmOBlOSToznLiu35Gx%2BvXcb2OEeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548209090b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/_assets/js/language/global?v=95GeXFTCpOr-1Ft3hU2RZTI9g5zCgrl-LTTb-uOP80U1
104.26.0.18200 OK 98 kB URL HTTP/2 www.blivakker.no/_assets/js/language/global?v=95GeXFTCpOr-1Ft3hU2RZTI9g5zCgrl-LTTb-uOP80U1
IP 104.26.0.18:0
File type Unicode text, UTF-8 text, with very long lines (1710), with no line terminators
Hash 557677f564e3318911af5a56b63e5eb1
49eb28b57ad7094efcad16b72dc5ae93648a66d8
a30d35d5607e51b7bd8b3f291b556e685845a9012771c3ed55c125c80e27f3ee
GET /_assets/js/language/global?v=95GeXFTCpOr-1Ft3hU2RZTI9g5zCgrl-LTTb-uOP80U1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6HXuiX4XJGvCk6Czged5H6Wfml%2BQcLCO8ZGEfJ%2BhsuOGcWY2g9bVQ3L0%2FAWOhrYN%2BfW2UOImvm6Ygp7REplMrfzGrWp6AQsDNPyt3HCJc9T5gXtiHKybpnXYfH5VFYl%2Fg8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482292c0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/codesplit/mainlayout?v=J1vOWhYCehBXASZVBu9sDpw7jdl8OoWJWYR3hpZr2bM1
104.26.0.18200 OK 43 kB URL HTTP/2 www.blivakker.no/codesplit/mainlayout?v=J1vOWhYCehBXASZVBu9sDpw7jdl8OoWJWYR3hpZr2bM1
IP 104.26.0.18:0
File type ASCII text, with very long lines (5815), with CRLF line terminators
Hash f622249374c8092a866fd9ef6e793330
275ddc1932c2275c3dd4ddfc4ecfd6b8c54d9e4e
691fc3c4381fe1d35e21dd41d017ffe70b5a9f99d231492efbf3e8a22ff52064
GET /codesplit/mainlayout?v=J1vOWhYCehBXASZVBu9sDpw7jdl8OoWJWYR3hpZr2bM1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVgVdORmtbCqHryQ9Sv0fKj2gaKok86KzpqTH%2FDBGNyysWR7anjzFJZxz2C%2B1ytkVKClpkYgo1VEk%2FVjJtBX5So0LZFgBAZRsV%2FPngVjD%2BPWWo1eTFWOwNwH7v36LGzTqNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548209080b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/cdn-cgi/apps/head/wWFdRIGUgu1qPZM6mHNTEu2YWMI.js
104.26.0.18200 OK 45 kB URL HTTP/2 www.blivakker.no/cdn-cgi/apps/head/wWFdRIGUgu1qPZM6mHNTEu2YWMI.js
IP 104.26.0.18:0
File type ASCII text, with very long lines (364)
Hash 57212c75881f6a5df94efd9059ee264d
e5e195fee869c25d33a316688c5b90059a4d7523
e07a8d8c233188add4af312868bcb17b70f8e844d175bac77fcd6c62007d2d3f
GET /cdn-cgi/apps/head/wWFdRIGUgu1qPZM6mHNTEu2YWMI.js HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: qF9Khwm4Psy9qF7Ca+kPvBmJc/nzugv2XNSZoJZYIzUlhuCREJlMUJLEj1Hzp3I9yFLlo/hxuNQ=
x-amz-request-id: 96XVJFRM2HJG942R
cache-control: public, max-age=31536000
last-modified: Mon, 27 Sep 2021 07:27:55 GMT
x-amz-version-id: RaPaSqIGL5rOhgrytQrp4kD4wX3dFRYu
etag: W/"5792ca865c4b919ec180465936ed1844"
cf-cache-status: HIT
age: 186761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2pfS%2BsiIruspYE2qekK4Bcq6wzpmY8ZJ9LA%2BBsjVIrXaiuipxTU3JXQgnIt45853eUTqVo7oj4Fo9jyQgCrpef7sCSYVdnNAjNQacrCxLWfqMzmC9V54QVNLz%2FEjHCuzZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d548208fe0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/cdn-cgi/apps/body/iNasIGQzg4xcrwcWgMTldghCBYY.js
104.26.0.18200 OK 59 kB URL HTTP/2 www.blivakker.no/cdn-cgi/apps/body/iNasIGQzg4xcrwcWgMTldghCBYY.js
IP 104.26.0.18:0
File type Unicode text, UTF-8 text, with very long lines (3373)
Hash 7471e15bb56179262b66f01b523629e0
6f54c24d662d51c8b5d1bb96cfee4dd0eae4aef9
cc6e610f93c1effde7eec26654db1ba65ab184b3e79ef9f1e0d3c35c13b767e2
GET /cdn-cgi/apps/body/iNasIGQzg4xcrwcWgMTldghCBYY.js HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: XJlvl3wz7gXvr6Zfx0sInqk+Op8/JbGAnrrVx/wwjUpV6jH543A1+TYm7IfmHKwQ1IvtoDDpB1k=
x-amz-request-id: WBAPA6R6EZ34TYJJ
cache-control: public, max-age=31536000
last-modified: Mon, 27 Sep 2021 07:27:54 GMT
x-amz-version-id: 4fuJ0Cyeypdxq97mb.4qYApMCH1gZwku
etag: W/"ad8ecdd34348c31409988bbb4b5a09ce"
cf-cache-status: HIT
age: 186761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2F1tP0DvUa0vVJ6b9WWf%2Fe%2FqReK3NoYn95eKeScgGEVzwNes6zR6REN8pyRKxlO12zQqRxU3QhfuWG9kSbldPLwL3uyYzVXPjIQ%2Fdjh0CCRAx%2BsFfBIspeanmd2cvYho%2BKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776d5482c9c60b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/images/ajax-loader.gif
104.26.0.18200 OK 3.0 kB URL HTTP/2 www.blivakker.no/assets/images/ajax-loader.gif
IP 104.26.0.18:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 53b429b4ee1b7f0eae2659f02ff61590
400b774105bac5ffb6d6368b01442d67ef5a6016
6e6f09aff9cf0d29fda8803d4c4d6d75cc1da2c75cea6d6580da570563cf8302
GET /assets/images/ajax-loader.gif HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/assets/stylesheets/codesplit/lib/slick.css
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/webp
content-length: 2966
cache-control: max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=7274
content-disposition: inline; filename="ajax-loader.webp"
vary: Accept
etag: "01e4fa396d91:0"
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: .NET
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 66327
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8MJtLcyj34yRNasPmGpAGA4hpMV2KUe4gD4WzDA%2FqffNgZHD6CUcJdxz%2B7H6EUEzrM0P4JEqCncc3vWBsIvoiRf1GIdgEaoiDgjgK1Pr22hKIUUB5f0O9ENt1JdSujfqFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5484ab7b0b59-OSL
X-Firefox-Spdy: h2
www.blivakker.no/assets/stylesheets/codesplit/lib/slick.css
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/stylesheets/codesplit/lib/slick.css
IP 104.26.0.18:0
GET /assets/stylesheets/codesplit/lib/slick.css HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css
cache-control: max-age=3600
last-modified: Fri, 02 Dec 2022 10:37:22 GMT
etag: W/"09d60f3a6d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: .NET
cf-cache-status: HIT
age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ej31fBBWYRzek4w9hx3Y0dev5KT6rj46q%2F9dqXn0kjis%2BG8o2DCk2UO5HSIkz%2B1ci2QQZA3Sq3R8U06VxZbum%2FR7L1uVAAP%2F6RJXhW6z7WbaOKl9%2Bx3WB%2B%2FtxOzD4jwWRhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548219140b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/stylesheets/codesplit/lib/magiczoomplus.css
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/stylesheets/codesplit/lib/magiczoomplus.css
IP 104.26.0.18:0
GET /assets/stylesheets/codesplit/lib/magiczoomplus.css HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css
cache-control: max-age=3600
last-modified: Fri, 02 Dec 2022 10:37:18 GMT
etag: W/"043fec3a6d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: .NET
cf-cache-status: HIT
age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=627PT3aqvW5zrjtCAZ%2FIoqS%2FGhsnbWqXzcZqzJpYninffHnBcbaMe6y6imlBjrgaxAmAP53uR%2B5zIw0HRKyb%2FxVdMxsvGdjQPbYo25mTsyTXcloTek3PAUh16IkBg1VJOQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482191f0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/js/global?v=HsoY0jdW9A9Z6IahDZkqMNEcRcqMgL8sbFYebQ6MgcQ1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/js/global?v=HsoY0jdW9A9Z6IahDZkqMNEcRcqMgL8sbFYebQ6MgcQ1
IP 104.26.0.18:0
GET /assets/js/global?v=HsoY0jdW9A9Z6IahDZkqMNEcRcqMgL8sbFYebQ6MgcQ1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZgGnYZ9ia%2B%2BpcjR37Kagq4yzN0aS4Lmcmd3vrIglNbCN2%2FX396pnX2KSLVcdlm7x7GiZe7z3%2FyCJtz8E%2BseYIyKF7Je2EXfHbdwKZLToV94TSht%2BtRbPyVqRHN%2BvprFT%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482292f0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/images/nav-logo.svg
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/images/nav-logo.svg
IP 104.26.0.18:0
GET /assets/images/nav-logo.svg HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: image/svg+xml
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: W/"01e4fa396d91:0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13958
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TT%2FnLxpsekz54JHDIRvmW6VSakKnmCTmvfuyi8m0zuUfV4Rnz4IGh8%2BeiCCPixCZ%2B%2BEXYfzsotIxbK6GPYHLZl0QDKAamhw5kQvRWfcma95jfS2NQaAHAZrRJjX4sg9ds7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548249500b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/api/ratings/getratings?productId=3233115&ratingReviewsLimit=5&sortBy=1&reviewId=0&_=1670584601132
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/api/ratings/getratings?productId=3233115&ratingReviewsLimit=5&sortBy=1&reviewId=0&_=1670584601132
IP 104.26.0.18:0
GET /api/ratings/getratings?productId=3233115&ratingReviewsLimit=5&sortBy=1&reviewId=0&_=1670584601132 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
RequestVerificationToken: dbZK6SoIQXx8yMb5bT37Z0Yk06g0vuLpYLkB8TubGHWTokekLU8KDuNvuvS0X0QT4M_E9_WbM1lJJ7ykEyqmXZP00aI1
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIumU1SaI%2FBylIvnR4aXWv8tIfxdlE5OL1bItpMjgr7MTg3bv%2F1jGH%2FdgoGx2V1jGMDJ1%2BG6sjhqo2HFSf%2B4yqSRorO8x%2BpsLBjVV%2FnwW7zwDDD84wzBIDVQKrIOA2ALPe0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5484ab780b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
zaline.diraya.my.id/300-1.js
104.21.24.51200 OK 0 B URL HTTP/2 zaline.diraya.my.id/300-1.js
IP 104.21.24.51:0
GET /300-1.js HTTP/1.1
Host: zaline.diraya.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"c88ed40783b929cacc8b343570ac9c6f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hJKNq6Wf%2BN0UFe2FNGm64Rd2ZNibNahJM8wEyQ9LZLGk7fYPkVV3xG5vZvTEKgkD%2FVEIp%2FOLm0Rd4ecTVx0GRIWpwT%2FkcTygHR5sNdx2Qnt5ZKpNvaNyzJM%2FVWwI2p4pjIgd5ZA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 776d5454de5db51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blivakker.no/assets/stylesheets/lib/glider.min.css
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/stylesheets/lib/glider.min.css
IP 104.26.0.18:0
GET /assets/stylesheets/lib/glider.min.css HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css
cache-control: max-age=3600
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: W/"01e4fa396d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: .NET
cf-cache-status: HIT
age: 3072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGD%2FBhJhUD4fUM9Im6%2FAqvrxntqMP7mYWOQVvhjksEHJDQE8C7OCC7QE3bZpYi4yiEqDjXn3NKTt%2BtLGsf6eMjDBbo7MqE1YE3wu9iDGwdNNlCWiJDjzsXZUganM%2Bxn1twM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548219100b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/stylesheets/codesplit/views/shared/loyaltyprogram/loyaltyprograminviteribbon.css
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/stylesheets/codesplit/views/shared/loyaltyprogram/loyaltyprograminviteribbon.css
IP 104.26.0.18:0
GET /assets/stylesheets/codesplit/views/shared/loyaltyprogram/loyaltyprograminviteribbon.css HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css
cache-control: max-age=3600
last-modified: Fri, 02 Dec 2022 10:37:30 GMT
etag: W/"05125143a6d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3070
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzF4ESGY4YnNTsqiUrEwIyHaCZ11mH16K5jaRQpHhLWbFY%2FuRp3JsJKDqPBjRMdr6noXbDLHpyAPJ7fbkSUyBeG8voShby9NPKSt0LJHmJZFQvAyVcVXYnkop9y1308YjJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482090a0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/images/logo-bv.svg
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/images/logo-bv.svg
IP 104.26.0.18:0
GET /assets/images/logo-bv.svg HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:42 GMT
content-type: image/svg+xml
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: W/"01e4fa396d91:0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPEy4U0QNvENtJJzsFOCHG5hX2hgvx6aNyQpntU%2FpfPnrTSDcCMg%2BdFNYJ9rOK2ZQLC6y%2BPGbNCg%2F7BylxDlqHpHDfsEYzCv8NEML6TqbvBl%2B1mw5dhwJzzuzD1jR4Hg%2BjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d54844b040b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/js/productSearchAutoComplete?v=Dcoxw0cMJAoYbHgEmsQkCHLgDupThCUQzSYTrv2P15s1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/js/productSearchAutoComplete?v=Dcoxw0cMJAoYbHgEmsQkCHLgDupThCUQzSYTrv2P15s1
IP 104.26.0.18:0
GET /assets/js/productSearchAutoComplete?v=Dcoxw0cMJAoYbHgEmsQkCHLgDupThCUQzSYTrv2P15s1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbJQVtyHU69rY5a%2Fx8cTN%2BnCWqWosCZ%2B5A6tqMAyCj%2B9HBnaKxxux0vrrko94KonicwrCncZZtN4B4Ylivdy9MaP%2F1jnsNJqY%2Bt2oYSvr9agxHjZAaf9fwRK%2FsDf5TxDLfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482293a0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/_assets/js/language/productDetail?v=zZ76yeFXwW9eFLzzgKX3EgMjxiIDdZ02MZxXTTlIqoU1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/_assets/js/language/productDetail?v=zZ76yeFXwW9eFLzzgKX3EgMjxiIDdZ02MZxXTTlIqoU1
IP 104.26.0.18:0
GET /_assets/js/language/productDetail?v=zZ76yeFXwW9eFLzzgKX3EgMjxiIDdZ02MZxXTTlIqoU1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kvzA6uiBlTy7DGeW%2BDTw%2FvudjZXRdW8xGssKX3Bv3DQRd29pptJwOr0%2BZ89oxG3CbBRomavBu9uxaZzjAvVSdCHQNHPUhBbsr9aXM0gNzWW8FaP16nrDyaysZiHUFFumOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482393e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/js/util/recommendedproducts?v=HYDmsj-dVO2HLC0KDsEkBGm9FyDrSzejVTBwxegdF3M1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/js/util/recommendedproducts?v=HYDmsj-dVO2HLC0KDsEkBGm9FyDrSzejVTBwxegdF3M1
IP 104.26.0.18:0
GET /js/util/recommendedproducts?v=HYDmsj-dVO2HLC0KDsEkBGm9FyDrSzejVTBwxegdF3M1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wplutnNZCpo0u0CtgpducRYof5ze64LD3hYZ%2BnfO6LugBO2LcuOPb%2BTQaHc83vCRe3juuCmoZqIEY%2BOjL%2FkLZrtjZyQMvJW%2FSv7mXhO0EGhjhcZvahgM5SJ%2BHCTTm%2Bq5tgU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482394f0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
zaline.diraya.my.id/320-1.js
104.21.24.51200 OK 0 B URL HTTP/2 zaline.diraya.my.id/320-1.js
IP 104.21.24.51:0
GET /320-1.js HTTP/1.1
Host: zaline.diraya.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"40ac7da57bffb7e3b7950d609b4bdd57"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4J5GGNwmhFgMIxkRaEUCUicy1nbVsI3vzkav7RrkNUncGTubKAd3R8R4vPJJ2q3%2BZAm5%2BHNQqPWYNdVXiOQiMXVzEkWq%2FWhQzxlQ6q%2BrcyT93IVnjX9RR1Q225I4JzEImpi48G93"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 776d54541d64b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blivakker.no/assets/stylesheets/codesplit/lib/select2.css
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/stylesheets/codesplit/lib/select2.css
IP 104.26.0.18:0
GET /assets/stylesheets/codesplit/lib/select2.css HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css
cache-control: max-age=3600
last-modified: Fri, 02 Dec 2022 10:37:22 GMT
etag: W/"09d60f3a6d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: .NET
cf-cache-status: HIT
age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3g6QfhyK1884a0HuTp54I%2FunEQlFdt0%2BKYMTVqw7m4VH8aq7H%2BKjORmNdOywi%2F2G8RM%2FmPNk%2FH%2FucW0IPrR2xCbFnVU71nwjrTbrwCf5HXkkiuh4iOCzNA5fqEBlN%2BHsBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548219220b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/scripts/lib/glider.min.js
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/scripts/lib/glider.min.js
IP 104.26.0.18:0
GET /assets/scripts/lib/glider.min.js HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: application/javascript
cache-control: max-age=1800
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: W/"01e4fa396d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud1Ytbg3fCZ4pQ%2F4ciuPYvcD2oYW3PSUAfZNfeiwy2kFPlsgvhpRf8p90b5AaWULh6MDy4TkYTiWcQ81ujiNNpAS10zNPnKg%2FyjkTp97TLDhX%2FnIoofrc%2Be8mEr8NecciqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548239450b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/images/logo/mc_symbol.svg
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/images/logo/mc_symbol.svg
IP 104.26.0.18:0
GET /assets/images/logo/mc_symbol.svg HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: image/svg+xml
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: W/"01e4fa396d91:0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: .NET
cf-cache-status: HIT
age: 13959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl3%2FJucBtK4RWqruhG7s5%2BK%2FGc2Qq7jktCILk4RaqFcDw2tyYDypEgVaFZCgmD4kkalONgzHOU1X7Nv7OhCGTf4SCrTE92OPPwfmAXa64QFU3tI15v2iMkdJjSG%2FR3QFT9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482595e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/js/select2?v=ZPo7BImsXDwa7w3eoaHGOeq74VSNdkl4D8FWTuXEb9g1
0 B URL www.blivakker.no/assets/js/select2?v=ZPo7BImsXDwa7w3eoaHGOeq74VSNdkl4D8FWTuXEb9g1
IP :0
GET /assets/js/select2?v=ZPo7BImsXDwa7w3eoaHGOeq74VSNdkl4D8FWTuXEb9g1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
zaline.diraya.my.id/728.js
104.21.24.51200 OK 0 B URL HTTP/2 zaline.diraya.my.id/728.js
IP 104.21.24.51:0
GET /728.js HTTP/1.1
Host: zaline.diraya.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://danasamross.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"05a61fc0830f81ec7aff0677288562b8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dt2vWGvWwdCnIHd1OPLmfMKV58g8LfWzUSVcNWV2%2BE9RJe06zy1emE7i43w8qd3FeDP6YCcfkNXx2Dx4BMYVIH2J8TaHJS22kk8Kc%2BDSg5%2BN96mw0GUtKHSiJFW44K%2FxH0P2bv5Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 776d5454ce51b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blivakker.no/assets/stylesheets/bv.css?v=P6hVhgCSRxtYzq5gHbKqVbccKYrZ5dkkdQaJVzLaBwo1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/stylesheets/bv.css?v=P6hVhgCSRxtYzq5gHbKqVbccKYrZ5dkkdQaJVzLaBwo1
IP 104.26.0.18:0
GET /assets/stylesheets/bv.css?v=P6hVhgCSRxtYzq5gHbKqVbccKYrZ5dkkdQaJVzLaBwo1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css
cache-control: max-age=3600
last-modified: Fri, 02 Dec 2022 10:37:18 GMT
etag: W/"043fec3a6d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3087
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuU24tXS%2Fe0lTVHrUBofZrvtb8LrXlKf9G5r31QzPuujF%2FInJCa1IjtBtgtD3XYj62rxe94HabtjFljhcgtl%2FgLQTxR8%2FrLE9MZLfiunTMd1t4hESp76%2F9lTTJ1tHFvFQQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548209070b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/js/productDetail?v=WvlI8RwIpXYd5wssx8Pc9-H0lgepqZbjgr_JOHvWiTw1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/js/productDetail?v=WvlI8RwIpXYd5wssx8Pc9-H0lgepqZbjgr_JOHvWiTw1
IP 104.26.0.18:0
GET /assets/js/productDetail?v=WvlI8RwIpXYd5wssx8Pc9-H0lgepqZbjgr_JOHvWiTw1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpQjCIs4LRaRxwAs8igRTRB1aVCtuAXzG3thWdpmLdBsj2CsD3KWmDHnFxpBKLTUd4Yxnlhu9p%2BOQC5nfW7C1Rz9zjE8UwbK1f3%2BYhQh2P%2F%2B2fUq4eGU20gyl4lKlXXNuWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482394e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/_assets/js/patterns?v=Zd0GsLSSPkbVXcYIt9vA3coBDIPPBf235z5aAlAwVcY1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/_assets/js/patterns?v=Zd0GsLSSPkbVXcYIt9vA3coBDIPPBf235z5aAlAwVcY1
IP 104.26.0.18:0
GET /_assets/js/patterns?v=Zd0GsLSSPkbVXcYIt9vA3coBDIPPBf235z5aAlAwVcY1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfhHWRvPejNQ4MErZAabL88SDo0L%2FlezaAr%2Br7Y7yo%2BSXCgLWm9soQ7vAbA6dLTnp9ngngNvmibH6jrjwNJeL2b9H59yBP4L5s5jncaMWTY0BICVZGFvF%2BNmNRkBXUY53Ko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482292e0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/js/icheck?v=eeoM_391AdlB39LHd6qLezETN43ZU5hUsOC_j-gAwZw1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/js/icheck?v=eeoM_391AdlB39LHd6qLezETN43ZU5hUsOC_j-gAwZw1
IP 104.26.0.18:0
GET /assets/js/icheck?v=eeoM_391AdlB39LHd6qLezETN43ZU5hUsOC_j-gAwZw1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jd1TNunDLkCjGl4Z1y8STlX4JGjdnolDeHjO%2FY168vCh4axp5m4Vzacb1I54W9ShUOIomsPmcdhQY2%2FlcCy90F1%2Fz%2BwjWT0J7Noxs1f445nZOnZGW4AMLlb3K0ZpWVHp63U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548239470b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/images/logo/klarna.svg
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/images/logo/klarna.svg
IP 104.26.0.18:0
GET /assets/images/logo/klarna.svg HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: image/svg+xml
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: W/"01e4fa396d91:0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1vGN8sd%2FVlrZqlBOHawWK9S%2BFJ4JRFex2qqGxfjQuLb3lua%2FA%2B6tYyIzY70ydNMfmFNGxBptaeQFF2WYuVIAfwru6H1Ro%2FKwj62x0tN7duXOYXyJnRTEqZMOV%2BHc%2BYUReg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548259610b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/images/logo/Visa_Brandmark_Blue_RGB_2021-white-bg.svg
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/images/logo/Visa_Brandmark_Blue_RGB_2021-white-bg.svg
IP 104.26.0.18:0
GET /assets/images/logo/Visa_Brandmark_Blue_RGB_2021-white-bg.svg HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: image/svg+xml
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: W/"01e4fa396d91:0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: .NET
cf-cache-status: HIT
age: 13959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLu7DKloqiGgKzTpIy29dhd%2Fy1X0Teu5ha1oDOnE2dkNDvBk12a1SH78j4gGAXqbBBCZiaObfodczKLerRIMVEOWz3pHj9Z4qgAXYgygYuC0Mk3zaMO4qPCcAfPLyQvHbt0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482595f0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/js/views/shared/topmenu-desktop?v=sWZpWEN0CsGU3-FOMEmI4bMjkbRHat2Uife8WNHtnvw1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/js/views/shared/topmenu-desktop?v=sWZpWEN0CsGU3-FOMEmI4bMjkbRHat2Uife8WNHtnvw1
IP 104.26.0.18:0
GET /js/views/shared/topmenu-desktop?v=sWZpWEN0CsGU3-FOMEmI4bMjkbRHat2Uife8WNHtnvw1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5elAgjCZizChD72wu1UMNlF%2B0X%2FJAMJhw%2Bi953%2FaWMXP5qUn6nmT1qPxCfG%2Foma5r9gyh43Tw4A%2BPih9EH6uMqpbJID0JaNWe1lyQ4Po5b38gH81YeoB6l9PaMAxf%2FxYgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d5482393c0b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/js/loadedSync?v=idR9dqBOgJ8o0yQ1vTCVRBxLeSoU1ua3N3ftYXWVG941
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/js/loadedSync?v=idR9dqBOgJ8o0yQ1vTCVRBxLeSoU1ua3N3ftYXWVG941
IP 104.26.0.18:0
GET /assets/js/loadedSync?v=idR9dqBOgJ8o0yQ1vTCVRBxLeSoU1ua3N3ftYXWVG941 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/javascript; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDIcVm9b%2Bs3cVDYQPFgJ9gaJnafXwVpLQ8iZogSOLt%2BP1flUk8rKTg5BeOpFJs7NCnlXh%2F%2Bpgt48tuZDUYf5vpocapz8nwiMAMYnc0zHNkYFD1N0o2OEqKqRXpwOZA3qfI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548229270b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/codesplit/views/shared/collapse-box?v=jm4uvT9w1FUT4Ox0WQ42JKy41QZfG9z8Me1eBRHOI1A1
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/codesplit/views/shared/collapse-box?v=jm4uvT9w1FUT4Ox0WQ42JKy41QZfG9z8Me1eBRHOI1A1
IP 104.26.0.18:0
GET /codesplit/views/shared/collapse-box?v=jm4uvT9w1FUT4Ox0WQ42JKy41QZfG9z8Me1eBRHOI1A1 HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: text/css; charset=utf-8
cache-control: public
expires: Sat, 09 Dec 2023 11:16:41 GMT
last-modified: Fri, 09 Dec 2022 11:16:41 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgJxCJhosKCJBrBCUgOPiFbnKOZv9YhRq4pTiNty9Drce6coeRifQwzJeM9LDMaWdXj%2FfwTiU%2FkxBYWIfRD94bgTUFyfw4LYbhb7mYTtXj%2FtGF9pucf2x1Lev8OZyODkpQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548219240b59-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.blivakker.no/assets/images/logo/vipps-rgb-orange-pos.svg
104.26.0.18200 OK 0 B URL HTTP/2 www.blivakker.no/assets/images/logo/vipps-rgb-orange-pos.svg
IP 104.26.0.18:0
GET /assets/images/logo/vipps-rgb-orange-pos.svg HTTP/1.1
Host: www.blivakker.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blivakker.no/product/3233115?utm_source=awin&utm_medium=affiliate&utm_campaign=cpc%7Ccss&awc=19717_1670584601_253f4f4c48d116ff6977592b79b58a26
Cookie: ASP.NET_SessionId=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection=d=0&a=1; 2_brandsdalGroupSession=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; bgPersistent={"bgdid":"141b1862-e04d-4a2b-9672-ccdf6b1856dd","bgsid":"7ba00498-7a41-41c9-be7b-e18b3ada2b8e","bgsts":1670584601754}; ASP.NET_SessionId-samesite-bg2020=2c4xr1wh30jdgxjzqqyrp14x; bvMobileDetection-samesite-bg2020=d=0&a=1; 2_brandsdalGroupSession-samesite-bg2020=%7b%22sid%22%3a4687079491383058391%2c%22ts%22%3a%22133150582016766720%22%7d; __RequestVerificationToken-samesite-bg2020=ROR-g7k1wbU8zQLupxC_z3wA-l92ECLyy1WB2LoTCzIHTdcdISZesjyI4uTC0zPmjVfza1Obm67H3j2SFtz1Tp40zpc1; snaptid=29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:16:41 GMT
content-type: image/svg+xml
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:30:04 GMT
etag: W/"01e4fa396d91:0"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: .NET
cf-cache-status: HIT
age: 13959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMGpnwKidf%2FQjmaBfrNutnVk4kxAQbkxCevcAcw6YgLLFCgmYJnz5Z2zMo6hYx2oAzdnLDIJK0gPOpnn9dTvXDgAd89N397NoHdzZwoqM3IuzyAxH4TayR73AiwCZJ%2BBCJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 776d548259660b59-OSL
content-encoding: br
X-Firefox-Spdy: h2