girlsexykoreans.blogspot.ba/
172.217.21.161302 Moved Temporarily 182 B URL HTTP/1.1 girlsexykoreans.blogspot.ba/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1940492175ac61f2861a6e6c7216b169
cca3da5e90cc1544ad164210f1e2e99eab15e033
2155a3e5fc2a2878fc3df91488adde5b7b8ece3803370ecd1a8e91ec808f1755
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: girlsexykoreans.blogspot.ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://girlsexykoreans.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 15:15:37 GMT
Expires: Thu, 08 Dec 2022 15:15:37 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 182
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14280
Expires: Thu, 08 Dec 2022 19:13:37 GMT
Date: Thu, 08 Dec 2022 15:15:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11755
Expires: Thu, 08 Dec 2022 18:31:32 GMT
Date: Thu, 08 Dec 2022 15:15:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11672
Expires: Thu, 08 Dec 2022 18:30:09 GMT
Date: Thu, 08 Dec 2022 15:15:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 15:08:13 GMT
content-type: application/json
age: 444
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: S6y4DYb8Hnbt3/1QjMmlCl0vEdsA8UNlXWcvfyKEq7S7eH1Av+2fUirLT3xZ4g+64nf2NIC+IOQ=
x-amz-request-id: 9RGQWRS4NT59HAXC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 14:47:57 GMT
age: 1660
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:15:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
girlsexykoreans.blogspot.com/
172.217.21.161200 OK 18 kB URL HTTP/1.1 girlsexykoreans.blogspot.com/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2889)
Hash 9d7e1d643357dbd56936d6f820d922cb
3e8e14e43e6c3bd1c8e4f68b02113188b7ee1b2c
78f18c9322490049945af12e3b4c7a6777504dd35002c80272bd2b21ec018784
GET / HTTP/1.1
Host: girlsexykoreans.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 08 Dec 2022 15:15:38 GMT
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 20 Nov 2022 12:06:06 GMT
ETag: W/"0dfb962d1b96ef108d8e66ae3e81d1f12a3a608272f9adf57027fe2639e39aff"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 18116
Server: GSE
fonts.googleapis.com/css?family=PT+Sans+Narrow
142.250.74.106200 OK 443 B URL HTTP/1.1 fonts.googleapis.com/css?family=PT+Sans+Narrow
IP 142.250.74.106:0
Hash ce499cfe3701b283d83f97fd8ab16c2a
469f62d47c86cce56a055fc53c7c46c53859c183
0d8010aab11b4ff53221993814f6f574d7b93f808e3d1de74b7326c58b724fe7
GET /css?family=PT+Sans+Narrow HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 08 Dec 2022 15:15:38 GMT
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Oswald
142.250.74.106200 OK 495 B URL HTTP/1.1 fonts.googleapis.com/css?family=Oswald
IP 142.250.74.106:0
Hash a4a32d3d207b2c021587e24e97d9a668
7eba49938cae3f0f1a7204f8ea5c1e24c21397df
2b5c3cdc80fd6a3c61185c1667e7a0fef0d1ce49066bafe2da8cdeba79301933
GET /css?family=Oswald HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 08 Dec 2022 15:15:38 GMT
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
girlsexykoreans.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 girlsexykoreans.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: girlsexykoreans.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 11:34:12 GMT
Expires: Thu, 15 Dec 2022 11:34:12 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 08 Dec 2022 08:52:41 GMT
Content-Type: text/javascript
Age: 13286
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 15:37:33 GMT
Expires: Sat, 02 Dec 2023 15:37:33 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 517085
ajax.googleapis.com/ajax/libs/jqueryui/1.8.5/jquery-ui.min.js
142.250.74.138200 OK 51 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jqueryui/1.8.5/jquery-ui.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (658)
Hash 824b09ff1715480291e2df0876d2c2da
5f4658fe8dbfc2da35792c7c3037ab47cd7df55d
1d90e22b6179ccf2f5ddd1f6fdd8fd4860a63c7480d7653dd86b38bb5e8720e4
GET /ajax/libs/jqueryui/1.8.5/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 50622
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 19:42:49 GMT
Expires: Thu, 07 Dec 2023 19:42:49 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 70369
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
resources.infolinks.com/js/infolinks_main.js
172.66.41.9200 OK 2.2 kB URL HTTP/1.1 resources.infolinks.com/js/infolinks_main.js
IP 172.66.41.9:0
File type ASCII text, with very long lines (3603)
Hash 7c4192d02d7ad088dfb4a9ccf5c0bd0d
9f3179ff4a56431f156df847f3298ac4ba129406
e44394a0fd8a347a37a0099a06843802d0af0d52213674973d1d4eaf2b90c2c5
GET /js/infolinks_main.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 10:27:48 GMT
ETag: W/"e14-5ef4e7d1896ff"
Cache-Control: max-age=3600
Expires: Thu, 08 Dec 2022 15:31:28 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 2650
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77667524edfb0b65-OSL
Content-Encoding: gzip
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Thu, 08 Dec 2022 15:15:38 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
filmmediafire-js.googlecode.com/files/commentslide.js
173.194.222.82404 Not Found 1.6 kB URL HTTP/1.1 filmmediafire-js.googlecode.com/files/commentslide.js
IP 173.194.222.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c09e29e85d87b1c37589bfc35154fafa
b7635b82b768decf00f95df6554a29a1e4505da3
3036e6439747a397f77540a01aad30ee3977cbfa8d7130afbfcab3e3018b5aad
GET /files/commentslide.js HTTP/1.1
Host: filmmediafire-js.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1582
Date: Thu, 08 Dec 2022 15:15:38 GMT
filmmediafire-js.googlecode.com/files/easing.js
173.194.222.82404 Not Found 1.6 kB URL HTTP/1.1 filmmediafire-js.googlecode.com/files/easing.js
IP 173.194.222.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 86f572b18e158dcea590652517b29943
cba3a9f8fb298bc544fa3fe1fe797eeadf919a0c
ceae378100ff6fd6377f364aa5ec094b8ed044075fa082e188e85cd19b450453
GET /files/easing.js HTTP/1.1
Host: filmmediafire-js.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1576
Date: Thu, 08 Dec 2022 15:15:38 GMT
filmmediafire-js.googlecode.com/files/halaman.js
173.194.222.82404 Not Found 1.6 kB URL HTTP/1.1 filmmediafire-js.googlecode.com/files/halaman.js
IP 173.194.222.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash e474a6b5c7ef779054c6a203b08a2acb
93f4d55c7da8fc0dca188bdb7aa481efe324971c
8bca244a60d23103c704ee351b2dd2b006a17c064b09c3483b8d0374c033380e
GET /files/halaman.js HTTP/1.1
Host: filmmediafire-js.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1577
Date: Thu, 08 Dec 2022 15:15:38 GMT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 15:07:58 GMT
age: 460
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: text/css
age: 177235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 88340a984105f6537a74a5198a569c8a
eca386f9fafa3be5aae2696dca30406bace829b4
2da3703b37eb2327164cbbe9f8e267e8daa93328692fb381c62e095bab37275c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4394
Cache-Control: max-age=155068
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:20:06 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
3.bp.blogspot.com/-XzzUpx9ABj8/UpJJy8ISRoI/AAAAAAAANgc/27fEz6-NECg/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Sweet+Young+Hong+Kong+GF+Sex+and+Fisting+001.jpg
142.250.74.65200 OK 3.6 kB URL HTTP/1.1 3.bp.blogspot.com/-XzzUpx9ABj8/UpJJy8ISRoI/AAAAAAAANgc/27fEz6-NECg/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Sweet+Young+Hong+Kong+GF+Sex+and+Fisting+001.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e21339d06daedb83858ef55a93d7d08a
f4dd17aaf6dcf530f7c573525d381d69c7aa777b
ac880bc45885db58d342fd51612d4a4217a073b06e0786d52039b3bd7b322ea6
GET /-XzzUpx9ABj8/UpJJy8ISRoI/AAAAAAAANgc/27fEz6-NECg/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Sweet+Young+Hong+Kong+GF+Sex+and+Fisting+001.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4862"
Expires: Fri, 09 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="trulyasians.blogspot - Sweet Young Hong Kong GF Sex and Fisting 001.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 15:15:38 GMT
Server: fife
Content-Length: 3564
X-XSS-Protection: 0
1.bp.blogspot.com/-KRNzR_exaJM/Ui-svy1zSHI/AAAAAAAAIqU/JNmQI5UzY6I/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Young+Chinese+Teen+Couple+Sex+001+.jpg
142.250.74.65200 OK 4.0 kB URL HTTP/1.1 1.bp.blogspot.com/-KRNzR_exaJM/Ui-svy1zSHI/AAAAAAAAIqU/JNmQI5UzY6I/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Young+Chinese+Teen+Couple+Sex+001+.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 4e02f65bfe3a89c3867fd8521c605d6d
a0edfe79f0db598f1fd91e2d69dbaf15de494dc2
79578e8d85d6f7df01b559ddcf4c0b32f189d940741e16ad1ea008310a47de74
GET /-KRNzR_exaJM/Ui-svy1zSHI/AAAAAAAAIqU/JNmQI5UzY6I/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Young+Chinese+Teen+Couple+Sex+001+.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="trulyasians.blogspot - Young Chinese Teen Couple Sex 001 .jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3996
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 11:34:12 GMT
Expires: Fri, 09 Dec 2022 11:34:12 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v22a7"
Content-Type: image/jpeg
Age: 13286
1.bp.blogspot.com/-ZQb55bpf1Ic/Ui-1Lf-1ZqI/AAAAAAAAIxw/aotZFcdeEmc/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Young+18yr+old+Asian+GF+posing+for+BF+001.jpg
142.250.74.65200 OK 2.7 kB URL HTTP/1.1 1.bp.blogspot.com/-ZQb55bpf1Ic/Ui-1Lf-1ZqI/AAAAAAAAIxw/aotZFcdeEmc/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Young+18yr+old+Asian+GF+posing+for+BF+001.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f89774459a8620a15ca26523aee87349
4ebf0315b9ce1abfa5d4d7d8e9d4ec74c7f69042
f3fc726795daf7e2b499fe35eee2cb627c9cb9be6aff3fb635b70deeb882289a
GET /-ZQb55bpf1Ic/Ui-1Lf-1ZqI/AAAAAAAAIxw/aotZFcdeEmc/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Young+18yr+old+Asian+GF+posing+for+BF+001.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="trulyasians.blogspot - Young 18yr old Asian GF posing for BF 001.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2698
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 11:34:12 GMT
Expires: Fri, 09 Dec 2022 11:34:12 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v231f"
Content-Type: image/jpeg
Age: 13286
1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif
142.250.74.65200 OK 1.2 kB URL HTTP/1.1 1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif
IP 142.250.74.65:0
File type GIF image data, version 89a, 21 x 21\012- data
Hash 4c4d5a137d02ca4414dfe2e76084c7a0
f5b0e9627a211af31faeb95b74f85471c07cc8e5
ff33e9e45ece6b5b9099f38e8e0a246865d21330f4f6300f2f9dc6498c7441d6
GET /-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="home.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1157
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 11:34:12 GMT
Expires: Fri, 04 Nov 2022 17:22:24 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13286
ETag: "va2f"
Content-Type: image/gif
1.bp.blogspot.com/-o67ny_rhoAg/UjTqj0fqItI/AAAAAAAAIzw/zKARayFkI_c/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Miss+Hong+Kong+Candidate+-+zhang+Jing+Si+001+.jpg
142.250.74.65200 OK 3.7 kB URL HTTP/1.1 1.bp.blogspot.com/-o67ny_rhoAg/UjTqj0fqItI/AAAAAAAAIzw/zKARayFkI_c/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Miss+Hong+Kong+Candidate+-+zhang+Jing+Si+001+.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9013ae114c681406756bbbcafc1c2086
52de19b8b84cb29d567809c8055a2ae45e9addd4
818a4a0fe989bfec82c2197d4d116bae2fd8add471097b7313ff43a3e55a9343
GET /-o67ny_rhoAg/UjTqj0fqItI/AAAAAAAAIzw/zKARayFkI_c/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Miss+Hong+Kong+Candidate+-+zhang+Jing+Si+001+.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="trulyasians.blogspot - Miss Hong Kong Candidate - zhang Jing Si 001 .jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3737
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 11:34:12 GMT
Expires: Fri, 09 Dec 2022 11:34:12 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v233e"
Content-Type: image/jpeg
Age: 13286
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116406 bytes)
Hash 722e21e12eaa431752dfae3577fe0619
cdf8ee4381284ad6b6081663ae6ee322998e1b35
998242560562ed6542b378745338b65d06b0001ee9c4c9bb843166524bd4c407
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://girlsexykoreans.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116406
date: Thu, 08 Dec 2022 15:15:38 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/3222695235-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3222695235-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 9f2f688aec73940034a0266a2a6266da
af9875c8064027204827b311250191c87e55366e
a78a0cfbae13cfc525657e31c2033d5c0281c5fbec2cf3e493ff75a7e097a02a
GET /static/v1/widgets/3222695235-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56718
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 02:14:06 GMT
expires: Thu, 07 Dec 2023 02:14:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 00:52:16 GMT
content-type: text/javascript
age: 133292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-bKxnq0uV9x0/Ui0NGTcXRjI/AAAAAAAAIBo/tL_wIU21zjg/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+001.jpg
142.250.74.65200 OK 2.9 kB URL HTTP/1.1 2.bp.blogspot.com/-bKxnq0uV9x0/Ui0NGTcXRjI/AAAAAAAAIBo/tL_wIU21zjg/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+001.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 12a0030159d0a0ab82a060c7f7d55cc7
e05434e1e54e7e67e5e9db5be5e3be9301481ad8
10ae49ee6fc8d290b043efade8c16a295bca9d6ca51a87d2320511e0b56687ff
GET /-bKxnq0uV9x0/Ui0NGTcXRjI/AAAAAAAAIBo/tL_wIU21zjg/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+001.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v201d"
Expires: Fri, 09 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="trulyasians.blogspot - Big Boobs Amateur Chinese Girl Posing Nude 001.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 15:15:38 GMT
Server: fife
Content-Length: 2867
X-XSS-Protection: 0
2.bp.blogspot.com/-0uXN6Iu_vqg/Ui5egd0IdEI/AAAAAAAAIcA/DSl-oFznkZw/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+211.jpg
142.250.74.65200 OK 3.0 kB URL HTTP/1.1 2.bp.blogspot.com/-0uXN6Iu_vqg/Ui5egd0IdEI/AAAAAAAAIcA/DSl-oFznkZw/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+211.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c2f3414d0862ef07fc3b8c5f521614a3
099d4cbac16c7f265a5c5039fc3434cb8fd95095
c77fe1c20e8c34581cf7312f554b9d4de2c49394314a4b37ec848578dc6418a1
GET /-0uXN6Iu_vqg/Ui5egd0IdEI/AAAAAAAAIcA/DSl-oFznkZw/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+211.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="trulyasians.blogspot - Big Boobs Amateur Chinese Girl Posing Nude 211.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3048
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 15:15:38 GMT
Expires: Fri, 02 Dec 2022 09:48:24 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2c8e"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-vUYC-a5a-3I/UifZ0UbwgCI/AAAAAAAAH48/TC3NcuTKxws/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Sexy+Korean+Girlfriend+leaked+photos+001+.jpg
142.250.74.65200 OK 3.6 kB URL HTTP/1.1 2.bp.blogspot.com/-vUYC-a5a-3I/UifZ0UbwgCI/AAAAAAAAH48/TC3NcuTKxws/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Sexy+Korean+Girlfriend+leaked+photos+001+.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 41e18e6f425f6349cc3ebe7e0bbdf825
0297f5f02a1a2cadef9bdc77c30c503c2ecc4758
da6283379e8762a2ebc6c1b6a12b479b46b81155be193300db8a11e801ba3cfa
GET /-vUYC-a5a-3I/UifZ0UbwgCI/AAAAAAAAH48/TC3NcuTKxws/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Sexy+Korean+Girlfriend+leaked+photos+001+.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1f92"
Expires: Fri, 09 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="trulyasians.blogspot - Sexy Korean Girlfriend leaked photos 001 .jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 15:15:38 GMT
Server: fife
Content-Length: 3583
X-XSS-Protection: 0
filmmediafire-js.googlecode.com/files/easing.js
173.194.222.82404 Not Found 1.6 kB URL HTTP/1.1 filmmediafire-js.googlecode.com/files/easing.js
IP 173.194.222.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 86f572b18e158dcea590652517b29943
cba3a9f8fb298bc544fa3fe1fe797eeadf919a0c
ceae378100ff6fd6377f364aa5ec094b8ed044075fa082e188e85cd19b450453
GET /files/easing.js HTTP/1.1
Host: filmmediafire-js.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1576
Date: Thu, 08 Dec 2022 15:15:38 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-qljzW6hynLM/UlYQaPBpQ9I/AAAAAAAAK7o/Q_tTtxoRl-c/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Japanese+Amateur+Posing+Dressed+and+Undressed+001.jpg
142.250.74.65200 OK 3.0 kB URL HTTP/1.1 4.bp.blogspot.com/-qljzW6hynLM/UlYQaPBpQ9I/AAAAAAAAK7o/Q_tTtxoRl-c/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Japanese+Amateur+Posing+Dressed+and+Undressed+001.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c596b904bc5c93690fe37ae8fa02ea9e
21af7dda09f531cd672e0bb0b249006badf4ca74
c8f18114f9979b33f00c22d2f163fdaa7e0e4e3f65ad3c90dbcb3d5e841062da
GET /-qljzW6hynLM/UlYQaPBpQ9I/AAAAAAAAK7o/Q_tTtxoRl-c/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Japanese+Amateur+Posing+Dressed+and+Undressed+001.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="trulyasians.blogspot - Japanese Amateur Posing Dressed and Undressed 001.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3031
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 11:34:12 GMT
Expires: Tue, 06 Dec 2022 04:22:58 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13286
ETag: "v4862"
Content-Type: image/jpeg
4.bp.blogspot.com/-bp8rgWqT2qc/Ujow0aFDXzI/AAAAAAAAJE8/uwfrusi8UcI/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Busty+Chinese+Wife+Sex+in+Hotel+001+.jpg
142.250.74.65200 OK 3.1 kB URL HTTP/1.1 4.bp.blogspot.com/-bp8rgWqT2qc/Ujow0aFDXzI/AAAAAAAAJE8/uwfrusi8UcI/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Busty+Chinese+Wife+Sex+in+Hotel+001+.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0984d954cc710bb2011d4f1f45c8ebb4
519fa00e07e9033f8bed9b21d14f86a0e7ba0f9a
58b32e73e47d3df64fc66789b56ee204fc2c58c0b3c06819ce9fe2ccc9b28daf
GET /-bp8rgWqT2qc/Ujow0aFDXzI/AAAAAAAAJE8/uwfrusi8UcI/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Busty+Chinese+Wife+Sex+in+Hotel+001+.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="trulyasians.blogspot - Busty Chinese Wife Sex in Hotel 001 .jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3104
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 11:34:12 GMT
Expires: Tue, 06 Dec 2022 04:22:58 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13286
ETag: "v2452"
Content-Type: image/jpeg
2.bp.blogspot.com/-rU457FEcfBw/Ui0OJnlb60I/AAAAAAAAIJY/rL5zjNvfyy8/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+064.jpg
142.250.74.65200 OK 3.0 kB URL HTTP/1.1 2.bp.blogspot.com/-rU457FEcfBw/Ui0OJnlb60I/AAAAAAAAIJY/rL5zjNvfyy8/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+064.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 50c363ca139bef28a65fa191267d9233
0eb9cda6f411bd8e29395af2d98b829031c988f1
3e8efce3743dc9ca22be6477f93e77c557aed15ef88644dc56cf68e95e81aa15
GET /-rU457FEcfBw/Ui0OJnlb60I/AAAAAAAAIJY/rL5zjNvfyy8/w72-h72-p-k-no-nu/trulyasians.blogspot+-+Big+Boobs+Amateur+Chinese+Girl+Posing+Nude+064.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v2098"
Expires: Fri, 09 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="trulyasians.blogspot - Big Boobs Amateur Chinese Girl Posing Nude 064.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 15:15:38 GMT
Server: fife
Content-Length: 2989
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
filmmediafire-js.googlecode.com/files/commentslide.js
173.194.222.82404 Not Found 1.6 kB URL HTTP/1.1 filmmediafire-js.googlecode.com/files/commentslide.js
IP 173.194.222.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c09e29e85d87b1c37589bfc35154fafa
b7635b82b768decf00f95df6554a29a1e4505da3
3036e6439747a397f77540a01aad30ee3977cbfa8d7130afbfcab3e3018b5aad
GET /files/commentslide.js HTTP/1.1
Host: filmmediafire-js.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1582
Date: Thu, 08 Dec 2022 15:15:38 GMT
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2cFkhf5WWcZS6ktzQ60Gfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9Tz17uVR6TJ/VBVvYTO8hSo56wQ=
3.bp.blogspot.com/-K4hNJ9YcB7I/URKRQe-RbaI/AAAAAAAAB_c/bGaB_wyqaoA/s1600/dotted.png
142.250.74.65200 OK 196 B URL HTTP/1.1 3.bp.blogspot.com/-K4hNJ9YcB7I/URKRQe-RbaI/AAAAAAAAB_c/bGaB_wyqaoA/s1600/dotted.png
IP 142.250.74.65:0
File type PNG image data, 3 x 3, 8-bit/color RGBA, non-interlaced\012- data
Hash b22e8d3271b6ef77912ce1d52e3a75e2
18c57d175904e093e46622cf11d40a032b5da366
bf06b15d3e82be3040e11d303834b7102e3f2c1c737cea9b1fee4f097d537772
GET /-K4hNJ9YcB7I/URKRQe-RbaI/AAAAAAAAB_c/bGaB_wyqaoA/s1600/dotted.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="dotted.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 196
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 15:15:38 GMT
Expires: Thu, 01 Dec 2022 11:02:23 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v7f7"
Content-Type: image/png
Age: 0
filmmediafire-js.googlecode.com/files/halaman.js
173.194.222.82404 Not Found 1.6 kB URL HTTP/1.1 filmmediafire-js.googlecode.com/files/halaman.js
IP 173.194.222.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash e474a6b5c7ef779054c6a203b08a2acb
93f4d55c7da8fc0dca188bdb7aa481efe324971c
8bca244a60d23103c704ee351b2dd2b006a17c064b09c3483b8d0374c033380e
GET /files/halaman.js HTTP/1.1
Host: filmmediafire-js.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1577
Date: Thu, 08 Dec 2022 15:15:38 GMT
2.bp.blogspot.com/-EZyIk5avkHk/URJ9koETxtI/AAAAAAAAB9s/NNAmTygwDLo/s1600/slider-shadow.png
142.250.74.65200 OK 4.0 kB URL HTTP/1.1 2.bp.blogspot.com/-EZyIk5avkHk/URJ9koETxtI/AAAAAAAAB9s/NNAmTygwDLo/s1600/slider-shadow.png
IP 142.250.74.65:0
File type PNG image data, 920 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash bec5985b61fbe5559ce2ab72d4341501
d52b4dcbfd4a3fd2bcdea91893920214929df837
ef9930fab27bc8a2824246970d147dcb782b3fa2eba27684d4d3fa2d5b47a3ca
GET /-EZyIk5avkHk/URJ9koETxtI/AAAAAAAAB9s/NNAmTygwDLo/s1600/slider-shadow.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="slider-shadow.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4036
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 15:15:38 GMT
Expires: Wed, 07 Dec 2022 12:22:18 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v7db"
Content-Type: image/png
Age: 0
4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif
142.250.74.65200 OK 23 kB URL HTTP/1.1 4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif
IP 142.250.74.65:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 6f52f16e0c8869759029f92150fac68f
d7171b0111ecbc51953fb6a6a0fcb639c9aacdb2
0ba65009d2629977348e7cc30414a518b21b8fe7f50351fcead70764219b9bb2
GET /-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="body.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 23343
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 11:34:12 GMT
Expires: Mon, 05 Dec 2022 22:14:37 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13286
ETag: "va1c"
Content-Type: image/gif
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.98200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.98:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 14:48:45 GMT
Expires: Thu, 22 Dec 2022 14:48:45 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 1613
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.227200 OK 9.8 kB URL HTTP/1.1 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://girlsexykoreans.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9840
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 22:31:16 GMT
Expires: Sun, 03 Dec 2023 22:31:16 GMT
Cache-Control: public, max-age=31536000
Age: 405862
Last-Modified: Mon, 18 Jul 2022 19:24:04 GMT
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5c27a4ab37c6c8203d281ea09fa3e4a
0c36ba3df7510a76b2062ad1584e564592a45035
4eac9570f12e3959c4944baf4f232cd994291cd1dfe334ffc93ac4737972bdb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/6OqSSSbVcaU/default.jpg
142.250.74.118200 OK 4.3 kB URL HTTP/2 i.ytimg.com/vi/6OqSSSbVcaU/default.jpg
IP 142.250.74.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash da0e94b009195d5fa0671427cdc1e5b0
d81b325a7ec12f8b144f2f2d9f9022e103e722fd
c1f121d6bb58775486fdf740dc2784916e897cc93fd63a0162f8db6eb502dfa3
GET /vi/6OqSSSbVcaU/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 4264
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 13:17:35 GMT
expires: Thu, 08 Dec 2022 15:17:35 GMT
cache-control: public, max-age=7200
age: 7083
etag: "1547733191"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5c27a4ab37c6c8203d281ea09fa3e4a
0c36ba3df7510a76b2062ad1584e564592a45035
4eac9570f12e3959c4944baf4f232cd994291cd1dfe334ffc93ac4737972bdb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
girlsexykoreans.blogspot.com/%3C!--Can't%20find%20substitution%20for%20tag%20[post.thumbnailUrl]--%3E
172.217.21.161400 Bad Request 145 B URL HTTP/1.1 girlsexykoreans.blogspot.com/%3C!--Can't%20find%20substitution%20for%20tag%20[post.thumbnailUrl]--%3E
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 272694496a1114baaaab6218b0af5228
0bfa24ffbf6ed1051913fca29c13be4986dae6dc
619d6135930a95212eabbb9df96386a9bf64c68380f25b13237c566ea1bc3a43
GET /%3C!--Can't%20find%20substitution%20for%20tag%20[post.thumbnailUrl]--%3E HTTP/1.1
Host: girlsexykoreans.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=UTF-8
Content-Length: 145
Date: Thu, 08 Dec 2022 15:15:38 GMT
Expires: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
1.bp.blogspot.com/-nn2HgRiN8Ro/XlZ7wB39yCI/AAAAAAAACw8/MtJhqYHJlagElDic1T1qat81-MPe7tKOQCLcBGAsYHQ/w260/AC_1.jpg
142.250.74.65200 OK 32 kB URL HTTP/2 1.bp.blogspot.com/-nn2HgRiN8Ro/XlZ7wB39yCI/AAAAAAAACw8/MtJhqYHJlagElDic1T1qat81-MPe7tKOQCLcBGAsYHQ/w260/AC_1.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 260x390, components 3\012- data
Hash 601c4aff6cf3540edb0687c639b51b84
197f0da5db8eceeae1f8331073c9a471e0272bce
f13389b5adce1959b90b614a8f32611f7356a0910244ef74c5e975e16f883964
GET /-nn2HgRiN8Ro/XlZ7wB39yCI/AAAAAAAACw8/MtJhqYHJlagElDic1T1qat81-MPe7tKOQCLcBGAsYHQ/w260/AC_1.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="AC_1.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 31532
x-xss-protection: 0
date: Thu, 08 Dec 2022 11:34:12 GMT
expires: Fri, 09 Dec 2022 07:08:39 GMT
cache-control: public, max-age=86400, no-transform
age: 13286
etag: "vb11"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-K8j4Tzhjwso/XlKbpzxST_I/AAAAAAAACws/iT0IdikE85gLKzRU08E1MmogonL5spWUgCLcBGAsYHQ/w260/AW1.jpg
142.250.74.65200 OK 27 kB URL HTTP/2 1.bp.blogspot.com/-K8j4Tzhjwso/XlKbpzxST_I/AAAAAAAACws/iT0IdikE85gLKzRU08E1MmogonL5spWUgCLcBGAsYHQ/w260/AW1.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 260x390, components 3\012- data
Hash 7b1e13ab006ad465dd870727018c1fec
57eafc6550b1d3943a03da5ad317491deb5b931e
1b612e7f57fd3598f8add6e5697105bbf92be51502d778c5cad325fc4d9e95b2
GET /-K8j4Tzhjwso/XlKbpzxST_I/AAAAAAAACws/iT0IdikE85gLKzRU08E1MmogonL5spWUgCLcBGAsYHQ/w260/AW1.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="AW1.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 26828
x-xss-protection: 0
date: Thu, 08 Dec 2022 11:34:12 GMT
expires: Fri, 09 Dec 2022 07:08:39 GMT
cache-control: public, max-age=86400, no-transform
age: 13286
etag: "vb0c"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/dKKq6wfejIk/default.jpg
142.250.74.118404 Not Found 1.1 kB URL HTTP/2 i.ytimg.com/vi/dKKq6wfejIk/default.jpg
IP 142.250.74.118:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash e2ddfee11ae7edcae257da47f3a78a70
6e902fa6302eb30cd204579bca6a59b37233e262
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
GET /vi/dKKq6wfejIk/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: image/jpeg
date: Thu, 08 Dec 2022 15:15:38 GMT
expires: Thu, 08 Dec 2022 15:16:08 GMT
cache-control: public, max-age=30
x-content-type-options: nosniff
server: sffe
content-length: 1097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 688a4c6f6b98b3bfb618172e90695341
432a0d43c31e466673d13308db9e1ba5e519619c
becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 15:14:06 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 809468984
etag: W/"980881274"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4405
x-iplb-request-id: 5B5A2A9A:F034_2E69C9F0:0050_6391FF9A_D0125:1A292
x-iplb-instance: 42475
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5c27a4ab37c6c8203d281ea09fa3e4a
0c36ba3df7510a76b2062ad1584e564592a45035
4eac9570f12e3959c4944baf4f232cd994291cd1dfe334ffc93ac4737972bdb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 061dadcab5b514f0adb9ab6bb3282183
7e4bb8397a4b29392a3ed63b957e5488062a1e13
19f23a13b09536a47646491299b60c18a880bd427fff2d96b29ce46930eef3e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
216.58.207.227200 OK 36 kB URL HTTP/1.1 fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 36220, version 1.0\012- data
Hash 703384eb990fa92cab3b11662e55234f
825232b537f04761e3f866599f3abb7c14d32d60
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b
GET /s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://girlsexykoreans.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 36220
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 17:03:09 GMT
Expires: Wed, 06 Dec 2023 17:03:09 GMT
Cache-Control: public, max-age=31536000
Age: 166349
Last-Modified: Wed, 27 Apr 2022 17:03:05 GMT
Content-Type: font/woff2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 08 Dec 2022 15:15:39 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Thu, 08 Dec 2022 15:15:39 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
cdn1.adcdnx.com/adp1v2.js
172.66.42.219200 OK 34 kB URL HTTP/1.1 cdn1.adcdnx.com/adp1v2.js
IP 172.66.42.219:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash be4022d41e2f4b921b68270b42ff747b
b882877fa297275a8fb019e190638ff6876ee4f9
b726b9ba8bd6d1b0abefe42498f04100adc1ac00ef552ae685bee373c27c8994
GET /adp1v2.js HTTP/1.1
Host: cdn1.adcdnx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:39 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 13:54:31 GMT
Cache-Control: max-age=7200
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776675280ffb0b69-OSL
Content-Encoding: gzip
z.moatads.com/addthismoatframe568911941483/moatframe.js
2.18.173.140200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=50488
date: Thu, 08 Dec 2022 15:15:39 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-5020ac402f538670/_ate.track.config_resp
23.38.200.123200 OK 154 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5020ac402f538670/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 1798455c51e19a1de93e52339a502e8d
a0457d200050e575fe5fce342ef18826773a19a2
3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0
GET /live/boost/ra-5020ac402f538670/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=57, s-maxage=86400
date: Thu, 08 Dec 2022 15:15:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56dd321da59775b7baa367a91a4cf492
528d7838749b2e3e84dc0d6405abfb5e8f9d2b67
89845ca1e0a0cf645ee55c1caf4f9cc93f4c18fbe4562b4771e748e93e4a9e5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89845CA1E0A0CF645EE55C1CAF4F9CC93F4C18FBE4562B4771E748E93E4A9E5E"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13216
Expires: Thu, 08 Dec 2022 18:55:55 GMT
Date: Thu, 08 Dec 2022 15:15:39 GMT
Connection: keep-alive
router.infolinks.com/usync/manage?pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/usync/manage?pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/manage?pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 15:15:39 GMT
content-length: 0
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7766752afa77b4ee-OSL
X-Firefox-Spdy: h2
girlsexykoreans.blogspot.com/favicon.ico
172.217.21.161200 OK 412 B URL HTTP/1.1 girlsexykoreans.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: girlsexykoreans.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Cookie: HstCfa2425176=1670512538299; HstCla2425176=1670512538299; HstCmu2425176=1670512538299; HstPn2425176=1; HstPt2425176=1; HstCnv2425176=1; HstCns2425176=1; __atuvc=1%7C49; __atuvs=6391ff9a5c1dd2f6000
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Thu, 08 Dec 2022 15:15:39 GMT
Date: Thu, 08 Dec 2022 15:15:39 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sun, 20 Nov 2022 12:06:06 GMT
ETag: W/"0dfb962d1b96ef108d8e66ae3e81d1f12a3a608272f9adf57027fe2639e39aff"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
s4.histats.com/stats/2425176.php?2425176&@f16&@g1&@h1&@i1&@j1670512538299&@k0&@l1&@m%7C%20Sexy%20Girl%20Korean&@n0&@o1000&@q0&@r0&@s1035&@ten-US&@u1280&@b1:183834078&@b3:1670512538&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgirlsexykoreans.blogspot.com%2F&@w
149.56.240.129200 OK 104 B URL HTTP/1.1 s4.histats.com/stats/2425176.php?2425176&@f16&@g1&@h1&@i1&@j1670512538299&@k0&@l1&@m%7C%20Sexy%20Girl%20Korean&@n0&@o1000&@q0&@r0&@s1035&@ten-US&@u1280&@b1:183834078&@b3:1670512538&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgirlsexykoreans.blogspot.com%2F&@w
IP 149.56.240.129:0
File type ASCII text, with no line terminators
Hash 7cb921a9df58a4a1a4611cd48214cc21
1aae282a5e7717bf0a3d5fe9c202519e91442164
90cb235b4923b030508e1811afe9d88d659cc7355ec3d350e854ba317d4631b9
GET /stats/2425176.php?2425176&@f16&@g1&@h1&@i1&@j1670512538299&@k0&@l1&@m%7C%20Sexy%20Girl%20Korean&@n0&@o1000&@q0&@r0&@s1035&@ten-US&@u1280&@b1:183834078&@b3:1670512538&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fgirlsexykoreans.blogspot.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:39 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 104
Connection: close
adskpak.com/redirect?sid=75890&format=728x90
50.28.0.84200 OK 22 kB URL HTTP/1.1 adskpak.com/redirect?sid=75890&format=728x90
IP 50.28.0.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1139), with CRLF, CR, LF line terminators
Hash 57c484fa437a4630aa85c18746042c4c
267ad26f761d0ec95b171a7b6293428e64829f31
3f887d6b7fce23bbab04b32a26f367b0f9a265964e7dbc7eeb75d78687500b19
GET /redirect?sid=75890&format=728x90 HTTP/1.1
Host: adskpak.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: Server
Date: Thu, 08 Dec 2022 15:15:39 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 21811
Cache-Control: no-transform,no-cache
Connection: Keep-Alive
Pragma: no-cache
wxhiojortldjyegtkx.bid/rci
172.67.133.150200 OK 1 B URL HTTP/1.1 wxhiojortldjyegtkx.bid/rci
IP 172.67.133.150:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /rci HTTP/1.1
Host: wxhiojortldjyegtkx.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://girlsexykoreans.blogspot.com
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:39 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 1
Connection: keep-alive
Cache-Control: no-transform,no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvZyKoVp0pt5XkTFBDl3WwY3cVAInTMlvmk72o5n1RsoACYPzfKp9k1v1R%2B%2BSM%2B5RS8X22RB1cHqwG5GAF9hUXew4etyX%2BNYaSh2R0nRHX%2FvCFRlnqErgrGk6fMvfDhy8TSmuSOK9u%2Fq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7766752a8e0fb511-OSL
alt-svc: h2=":443"; ma=60
router.infolinks.com/gsd?evt=afterGSD&pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F&jsv=1836.008-3.025&_cb=16705125386570
172.66.42.247200 OK 0 B URL HTTP/1.1 router.infolinks.com/gsd?evt=afterGSD&pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F&jsv=1836.008-3.025&_cb=16705125386570
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gsd?evt=afterGSD&pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F&jsv=1836.008-3.025&_cb=16705125386570 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:39 GMT
Content-Length: 0
Connection: keep-alive
Via: 1.1 google
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7766752b88a1b506-OSL
router.infolinks.com/usync/lcmanage?pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/usync/lcmanage?pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/lcmanage?pid=137855&wsid=0&pdom=girlsexykoreans.blogspot.com&purl=http%3A%2F%2Fgirlsexykoreans.blogspot.com%2F HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 15:15:39 GMT
content-length: 0
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7766752b8b0bb4ee-OSL
X-Firefox-Spdy: h2
cpxtri.com/redirect?sid=75890&format=728x90
50.28.0.84200 OK 22 kB URL HTTP/1.1 cpxtri.com/redirect?sid=75890&format=728x90
IP 50.28.0.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1139), with CRLF, CR, LF line terminators
Hash 69c3759ee4a8caead15db826926e53d6
201da3716a105ac309620ab8698893a03d1287b3
84619c204c2f2ea429637508f4654c6d7248f6f78600afe6f31714b48854778a
GET /redirect?sid=75890&format=728x90 HTTP/1.1
Host: cpxtri.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adskpak.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: Server
Date: Thu, 08 Dec 2022 15:15:39 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 21811
Cache-Control: no-transform,no-cache
Connection: Keep-Alive
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15556
Expires: Thu, 08 Dec 2022 19:34:56 GMT
Date: Thu, 08 Dec 2022 15:15:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15556
Expires: Thu, 08 Dec 2022 19:34:56 GMT
Date: Thu, 08 Dec 2022 15:15:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15556
Expires: Thu, 08 Dec 2022 19:34:56 GMT
Date: Thu, 08 Dec 2022 15:15:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15556
Expires: Thu, 08 Dec 2022 19:34:56 GMT
Date: Thu, 08 Dec 2022 15:15:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 56541
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 58302
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 23252
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 60858
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 57545
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 57775
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/100eng.json?sh=0&ph=1001&ivh=939&dt=0&pdt=829&ict=&pct=0&perf=widget%7C829%7C244%2Csh%7C1516%7C19&rndr=render_toolbox%7C1831%2Crender_layers_share%7C1878%2Crender_layers_thankyou%7C1899&cmenu=null&ppd=0&ppl=0&fbe=&xmv=0&xms=0&xmlc=0&jsfw=jquery&jsfwv=jquery-1.7.1&al=men%2Csmlsh%2Csmlty%2Csmlwn%2Csmlre&scr=0&scv=0&apiu=2&ba=1&sid=6391ff9a53fbcb87&rev=v8.28.8-wp&pub=ra-5020ac402f538670&dp=girlsexykoreans.blogspot.com&fp=&pfm=0&icns=facebook%2Ctwitter%2Cprint%2Cemail%2Caddthis
23.38.200.123204 No Content 0 B URL HTTP/2 m.addthis.com/live/red_lojson/100eng.json?sh=0&ph=1001&ivh=939&dt=0&pdt=829&ict=&pct=0&perf=widget%7C829%7C244%2Csh%7C1516%7C19&rndr=render_toolbox%7C1831%2Crender_layers_share%7C1878%2Crender_layers_thankyou%7C1899&cmenu=null&ppd=0&ppl=0&fbe=&xmv=0&xms=0&xmlc=0&jsfw=jquery&jsfwv=jquery-1.7.1&al=men%2Csmlsh%2Csmlty%2Csmlwn%2Csmlre&scr=0&scv=0&apiu=2&ba=1&sid=6391ff9a53fbcb87&rev=v8.28.8-wp&pub=ra-5020ac402f538670&dp=girlsexykoreans.blogspot.com&fp=&pfm=0&icns=facebook%2Ctwitter%2Cprint%2Cemail%2Caddthis
IP 23.38.200.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /live/red_lojson/100eng.json?sh=0&ph=1001&ivh=939&dt=0&pdt=829&ict=&pct=0&perf=widget%7C829%7C244%2Csh%7C1516%7C19&rndr=render_toolbox%7C1831%2Crender_layers_share%7C1878%2Crender_layers_thankyou%7C1899&cmenu=null&ppd=0&ppl=0&fbe=&xmv=0&xms=0&xmlc=0&jsfw=jquery&jsfwv=jquery-1.7.1&al=men%2Csmlsh%2Csmlty%2Csmlwn%2Csmlre&scr=0&scv=0&apiu=2&ba=1&sid=6391ff9a53fbcb87&rev=v8.28.8-wp&pub=ra-5020ac402f538670&dp=girlsexykoreans.blogspot.com&fp=&pfm=0&icns=facebook%2Ctwitter%2Cprint%2Cemail%2Caddthis HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://girlsexykoreans.blogspot.com
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
date: Thu, 08 Dec 2022 15:15:40 GMT
X-Firefox-Spdy: h2
cpxtri.com/redirect?cid=uvRuIuuzbh&http_referer=&sid=75890&subid=&s3=&b1505f6522e89574c53af4a50171e378=1&rr=1&id=&t=1670512539&hrf=5FwRlooVkBQCfGpv8VuyzxJBBtZSbL0xLu%2B4lDtJMRo20udpsBk%3D&iwx=1280&iwy=939&owx=1280&owy=1024&isph=0&pbc=0&fp=null&hf=1&op=1&pd=24&tp=%3F&xd=%3F&yd=%3F&pl=0&mt=0&sw=1280&sh=1002&fw=1280&fh=1024&pw=0&ph=0&ow=1280x1024&iw=1280x939&sd=24&ifr=0&coo=1&m=0&hr=2&ab=1&ua=undefined&npl=Linux+x86_64&ncpu=%3F&nhc=16>z=0&nba=0&nbt=0&nve=&vapp=Netscape&napv=5.0+%28X11%29&ss=1&ls=1&bl=en-US&sl=undefined&dr=%3F&is=-1522083666&wc=undefined&msy=number&ddm=undefined&ps=20100101&st=0&sp=undefined&mob=0&ifp1=0&ifp2=0&wn=&nap=0&ind=1&opd=0&dab=0&nsb=1&chk1=0&chk2=0&chk3=0&chk4=0
50.28.0.84302 Found 0 B URL HTTP/1.1 cpxtri.com/redirect?cid=uvRuIuuzbh&http_referer=&sid=75890&subid=&s3=&b1505f6522e89574c53af4a50171e378=1&rr=1&id=&t=1670512539&hrf=5FwRlooVkBQCfGpv8VuyzxJBBtZSbL0xLu%2B4lDtJMRo20udpsBk%3D&iwx=1280&iwy=939&owx=1280&owy=1024&isph=0&pbc=0&fp=null&hf=1&op=1&pd=24&tp=%3F&xd=%3F&yd=%3F&pl=0&mt=0&sw=1280&sh=1002&fw=1280&fh=1024&pw=0&ph=0&ow=1280x1024&iw=1280x939&sd=24&ifr=0&coo=1&m=0&hr=2&ab=1&ua=undefined&npl=Linux+x86_64&ncpu=%3F&nhc=16>z=0&nba=0&nbt=0&nve=&vapp=Netscape&napv=5.0+%28X11%29&ss=1&ls=1&bl=en-US&sl=undefined&dr=%3F&is=-1522083666&wc=undefined&msy=number&ddm=undefined&ps=20100101&st=0&sp=undefined&mob=0&ifp1=0&ifp2=0&wn=&nap=0&ind=1&opd=0&dab=0&nsb=1&chk1=0&chk2=0&chk3=0&chk4=0
IP 50.28.0.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?cid=uvRuIuuzbh&http_referer=&sid=75890&subid=&s3=&b1505f6522e89574c53af4a50171e378=1&rr=1&id=&t=1670512539&hrf=5FwRlooVkBQCfGpv8VuyzxJBBtZSbL0xLu%2B4lDtJMRo20udpsBk%3D&iwx=1280&iwy=939&owx=1280&owy=1024&isph=0&pbc=0&fp=null&hf=1&op=1&pd=24&tp=%3F&xd=%3F&yd=%3F&pl=0&mt=0&sw=1280&sh=1002&fw=1280&fh=1024&pw=0&ph=0&ow=1280x1024&iw=1280x939&sd=24&ifr=0&coo=1&m=0&hr=2&ab=1&ua=undefined&npl=Linux+x86_64&ncpu=%3F&nhc=16>z=0&nba=0&nbt=0&nve=&vapp=Netscape&napv=5.0+%28X11%29&ss=1&ls=1&bl=en-US&sl=undefined&dr=%3F&is=-1522083666&wc=undefined&msy=number&ddm=undefined&ps=20100101&st=0&sp=undefined&mob=0&ifp1=0&ifp2=0&wn=&nap=0&ind=1&opd=0&dab=0&nsb=1&chk1=0&chk2=0&chk3=0&chk4=0 HTTP/1.1
Host: cpxtri.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpxtri.com/redirect?sid=75890&format=728x90
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: Server
Date: Thu, 08 Dec 2022 15:15:41 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Cache-Control: no-transform,no-cache
Connection: Keep-Alive
Pragma: no-cache
Location: http://game-addicted.net/ad?id=22850&impid=167051254069582&rkey=0&u=190
game-addicted.net/ad?id=22850&impid=167051254069582&rkey=0&u=190
45.158.37.139200 OK 829 B URL HTTP/1.1 game-addicted.net/ad?id=22850&impid=167051254069582&rkey=0&u=190
IP 45.158.37.139:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1777), with no line terminators
Hash 51c9e1d9d5236731ac66c2fa3513d3bc
6599c1cf4eb5cd325a78aa75b487486339556a87
034e4222d9d0c6e579d9256a857d19110caec88a9cb5e31708ccfa5fe3262a16
GET /ad?id=22850&impid=167051254069582&rkey=0&u=190 HTTP/1.1
Host: game-addicted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cpxtri.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referer: http://game-addicted.net/adOk
Refresh: 0; url=http://game-addicted.net/adOk?a_cid=167051254231095&a_ppcId=22850&a_uid=190&b_country=160&b_impid=167051254069582&b_rkey=0&b_sid=10075890&ct=2&q=aHR0cHM6Ly90aG9yLXBvbS5jb20vemN2aXNpdG9yLzJkMjBlNmY2LTc3MGItMTFlZC1hOGU2LTBhZGYwZDk0NGY5NS9hOTQ3NDdkMC04MDUxLTExZWMtYTZhZi0wYWE3NGM2N2Q4NDc%2FY2FtcGFpZ25pZD0zOGY4YWViMC1hZjdjLTExZWMtYmZlOS0wYTkxOGNiY2JiOTc%3D&z_back=
Content-Encoding: gzip
game-addicted.net/adOk?a_cid=167051254231095&a_ppcId=22850&a_uid=190&b_country=160&b_impid=167051254069582&b_rkey=0&b_sid=10075890&ct=2&q=aHR0cHM6Ly90aG9yLXBvbS5jb20vemN2aXNpdG9yLzJkMjBlNmY2LTc3MGItMTFlZC1hOGU2LTBhZGYwZDk0NGY5NS9hOTQ3NDdkMC04MDUxLTExZWMtYTZhZi0wYWE3NGM2N2Q4NDc%2FY2FtcGFpZ25pZD0zOGY4YWViMC1hZjdjLTExZWMtYmZlOS0wYTkxOGNiY2JiOTc%3D&z_back=
45.158.37.139200 OK 4.1 kB URL HTTP/1.1 game-addicted.net/adOk?a_cid=167051254231095&a_ppcId=22850&a_uid=190&b_country=160&b_impid=167051254069582&b_rkey=0&b_sid=10075890&ct=2&q=aHR0cHM6Ly90aG9yLXBvbS5jb20vemN2aXNpdG9yLzJkMjBlNmY2LTc3MGItMTFlZC1hOGU2LTBhZGYwZDk0NGY5NS9hOTQ3NDdkMC04MDUxLTExZWMtYTZhZi0wYWE3NGM2N2Q4NDc%2FY2FtcGFpZ25pZD0zOGY4YWViMC1hZjdjLTExZWMtYmZlOS0wYTkxOGNiY2JiOTc%3D&z_back=
IP 45.158.37.139:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3834), with CRLF line terminators
Hash b6fa710c0afdf557e2120cb8bcab4621
a8eccecee5e3339820d864038ef10ad2d51338c2
2d0f9ca568a91793579024a0619581a187b19ed8e5016537046d741d3d803a6b
GET /adOk?a_cid=167051254231095&a_ppcId=22850&a_uid=190&b_country=160&b_impid=167051254069582&b_rkey=0&b_sid=10075890&ct=2&q=aHR0cHM6Ly90aG9yLXBvbS5jb20vemN2aXNpdG9yLzJkMjBlNmY2LTc3MGItMTFlZC1hOGU2LTBhZGYwZDk0NGY5NS9hOTQ3NDdkMC04MDUxLTExZWMtYTZhZi0wYWE3NGM2N2Q4NDc%2FY2FtcGFpZ25pZD0zOGY4YWViMC1hZjdjLTExZWMtYmZlOS0wYTkxOGNiY2JiOTc%3D&z_back= HTTP/1.1
Host: game-addicted.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash de01839e330897e38ca4de7eb1cc7867
e1a19ae6f78bb637122ba96c4328efa4aba625b6
17c822db006752a9600448ca4ee03b67a9eac0fec29a7b4073f7b8116624dc82
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90375
Date: Thu, 08 Dec 2022 15:15:42 GMT
Etag: "6390b8ad-1d7"
Expires: Fri, 09 Dec 2022 16:21:57 GMT
Last-Modified: Wed, 07 Dec 2022 16:00:45 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1dJjMxDyQ4c9_reS3BBz886_H9yLXPChEEVNScVXOrSCbM0J-iwY8Q==
Age: 1272
thor-pom.com/zcvisitor/2d20e6f6-770b-11ed-a8e6-0adf0d944f95/a94747d0-8051-11ec-a6af-0aa74c67d847?campaignid=38f8aeb0-af7c-11ec-bfe9-0a918cbcbb97
3.208.247.235302 Found 0 B URL HTTP/2 thor-pom.com/zcvisitor/2d20e6f6-770b-11ed-a8e6-0adf0d944f95/a94747d0-8051-11ec-a6af-0aa74c67d847?campaignid=38f8aeb0-af7c-11ec-bfe9-0a918cbcbb97
IP 3.208.247.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/2d20e6f6-770b-11ed-a8e6-0adf0d944f95/a94747d0-8051-11ec-a6af-0aa74c67d847?campaignid=38f8aeb0-af7c-11ec-bfe9-0a918cbcbb97 HTTP/1.1
Host: thor-pom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://game-addicted.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 15:15:42 GMT
content-length: 0
location: https://backend.finalono.com/v1/rtb?domain=finalono.com&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=5836873905&visitorIPAddress=46.15.231.130&forceShopping=100480081&smart=true&sourcePlatform=tonic&cpc=0.004000&source=foxtrot-rah-k7q28pm4w8&campaignName=TNC-RON-NO-DESKTOP-Normalize-bnpl-klk-96968259&geo=NO&auctionId=zr2d20e6f6770b11eda8e60adf0d944f95253884262b9d47149a37fdbfcc9cda33069567cabb98be6185&match=real-free-credit-report&device=desktop&browser=firefox&os=windows&long_campaign_id=38f8aeb0-af7c-11ec-bfe9-0a918cbcbb97&isRON=true
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: BQcUHqxw
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c2467879e873df6467a9b04643bc6dcf
422e08e8d76fb540d64e3eaec9519e62fb3924fc
5c270ded605d20d5fafa34c66b381a76a3779468ad05e7c72236555bb8c5447a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158573
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:42 GMT
Etag: "6391c80b-118"
Expires: Sat, 10 Dec 2022 11:18:35 GMT
Last-Modified: Thu, 08 Dec 2022 11:18:35 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7d047c6733f9c8d5998cae08d314f084
c23a8dce8a76dd01e22650fc1c19af2bae963008
d13c4f663e010387e21eece93c733faf5f2c3f9ff8ffca7aad99235aa990bea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4849
Cache-Control: max-age=134614
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:44 GMT
Etag: "63915785-1d7"
Expires: Sat, 10 Dec 2022 04:39:18 GMT
Last-Modified: Thu, 08 Dec 2022 03:18:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f437354ecc5a7ed438a7f57777b4603f
d536ee1dd1b839c73a66167a5ae0f88ae224a376
664897437b7288ad9311bef5a1ac68633b094fd3848480f1d51cdc4cf964dee5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4120
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:44 GMT
Last-Modified: Thu, 08 Dec 2022 14:07:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1670512544104&.sig=Qzf9JyW0vP5CmBWRRfwDTXRT_FA-&affiliationId=96968259&comId=100480081&country=no&offerId=362eb94a80987854d53b66ec23316131&searchId=1076100373763778_1670512544039_73341&service=36&tokenId=137d9480-fe68-4fb0-bea1-aca4ccc32178&custom1=5836873905&custom2=a~r-635daee07e254e1094d279a626f9cf54%3Bk~100480081&addedParams=true
95.211.116.27200 OK 29 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1670512544104&.sig=Qzf9JyW0vP5CmBWRRfwDTXRT_FA-&affiliationId=96968259&comId=100480081&country=no&offerId=362eb94a80987854d53b66ec23316131&searchId=1076100373763778_1670512544039_73341&service=36&tokenId=137d9480-fe68-4fb0-bea1-aca4ccc32178&custom1=5836873905&custom2=a~r-635daee07e254e1094d279a626f9cf54%3Bk~100480081&addedParams=true
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 3810a2bd471eef1c7a9e0baebc472498
c8c577bdaefff5a2a043b99b38953abb9655a368
4574f91abfc64a0d3f458fb833a211c34c629319480a787f7e7ea3358aa1a26c
GET /ctl/go/sitesearchGo?.ts=1670512544104&.sig=Qzf9JyW0vP5CmBWRRfwDTXRT_FA-&affiliationId=96968259&comId=100480081&country=no&offerId=362eb94a80987854d53b66ec23316131&searchId=1076100373763778_1670512544039_73341&service=36&tokenId=137d9480-fe68-4fb0-bea1-aca4ccc32178&custom1=5836873905&custom2=a~r-635daee07e254e1094d279a626f9cf54%3Bk~100480081&addedParams=true HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://backend.finalono.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:44 GMT
leadId: dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683
clickId: 107698154_1670512544631_1065400
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.019263S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 29195
Set-Cookie: datadome=67MiDE0qchaeZ-4UNY5ppfRQsBvq_o~ZvC22i2DVTXQZopbNOPIpauy8Rj8QMF2qLqRlEQEeK0Kuo47Dvuw05xIbwQ640WfbSXxtviXfNwjQ-135OrfTIYBP2yL~nZ22; Max-Age=31536000; Expires=Fri, 08 Dec 2023 15:15:44 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c629a-184f24e8b77-572cb; Max-Age=31536000; Expires=Fri, 08 Dec 2023 15:15:44 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=98
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1670512544104&.sig=Qzf9JyW0vP5CmBWRRfwDTXRT_FA-&affiliationId=96968259&comId=100480081&country=no&offerId=362eb94a80987854d53b66ec23316131&searchId=1076100373763778_1670512544039_73341&service=36&tokenId=137d9480-fe68-4fb0-bea1-aca4ccc32178&custom1=5836873905&custom2=a~r-635daee07e254e1094d279a626f9cf54%3Bk~100480081&addedParams=true
Connection: keep-alive
Cookie: datadome=67MiDE0qchaeZ-4UNY5ppfRQsBvq_o~ZvC22i2DVTXQZopbNOPIpauy8Rj8QMF2qLqRlEQEeK0Kuo47Dvuw05xIbwQ640WfbSXxtviXfNwjQ-135OrfTIYBP2yL~nZ22; kelkooID=a4c629a-184f24e8b77-572cb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:44 GMT
Request-Time: PT0.001322S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=89
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1670512544104&.sig=Qzf9JyW0vP5CmBWRRfwDTXRT_FA-&affiliationId=96968259&comId=100480081&country=no&offerId=362eb94a80987854d53b66ec23316131&searchId=1076100373763778_1670512544039_73341&service=36&tokenId=137d9480-fe68-4fb0-bea1-aca4ccc32178&custom1=5836873905&custom2=a~r-635daee07e254e1094d279a626f9cf54%3Bk~100480081&addedParams=true
Content-Type: text/plain;charset=utf-8
Content-Length: 544
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=67MiDE0qchaeZ-4UNY5ppfRQsBvq_o~ZvC22i2DVTXQZopbNOPIpauy8Rj8QMF2qLqRlEQEeK0Kuo47Dvuw05xIbwQ640WfbSXxtviXfNwjQ-135OrfTIYBP2yL~nZ22; kelkooID=a4c629a-184f24e8b77-572cb; _ga=GA1.2.386629821.1670512544; _gid=GA1.2.613460545.1670512544
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:44 GMT
Request-Time: PT0.003023S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
dd.kelkoogroup.net/tags.js
54.230.111.25200 OK 43 kB URL HTTP/2 dd.kelkoogroup.net/tags.js
IP 54.230.111.25:0
File type ASCII text, with very long lines (65432)
Hash 415a2173b7594522994c0d8b20a61e84
25e995f3ba4c22c8f252550532609cecc9e8e80b
49c82e367a121c73a821d132f5e48c06490731203c241c779ae7c58bfab60da5
GET /tags.js HTTP/1.1
Host: dd.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/
Connection: keep-alive
Cookie: datadome=67MiDE0qchaeZ-4UNY5ppfRQsBvq_o~ZvC22i2DVTXQZopbNOPIpauy8Rj8QMF2qLqRlEQEeK0Kuo47Dvuw05xIbwQ640WfbSXxtviXfNwjQ-135OrfTIYBP2yL~nZ22; kelkooID=a4c629a-184f24e8b77-572cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 42664
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 07 Dec 2022 10:03:12 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront), 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
date: Thu, 08 Dec 2022 15:03:50 GMT
cache-control: max-age=3600, public
expires: Thu, 08 Dec 2022 16:03:48 GMT
etag: "32de8-5ef3a07422ee0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, OSL50-P1
x-amz-cf-id: RhNZpYWEMP56H64wordPaJirkyBTO9pKZXI0qLPR0D9_4FlToCiZ-A==
age: 716
X-Firefox-Spdy: h2
no-go.kelkoogroup.net/favicon.ico
95.211.116.27403 Forbidden 0 B URL HTTP/1.0 no-go.kelkoogroup.net/favicon.ico
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1670512544104&.sig=Qzf9JyW0vP5CmBWRRfwDTXRT_FA-&affiliationId=96968259&comId=100480081&country=no&offerId=362eb94a80987854d53b66ec23316131&searchId=1076100373763778_1670512544039_73341&service=36&tokenId=137d9480-fe68-4fb0-bea1-aca4ccc32178&custom1=5836873905&custom2=a~r-635daee07e254e1094d279a626f9cf54%3Bk~100480081&addedParams=true
Connection: keep-alive
Cookie: datadome=67MiDE0qchaeZ-4UNY5ppfRQsBvq_o~ZvC22i2DVTXQZopbNOPIpauy8Rj8QMF2qLqRlEQEeK0Kuo47Dvuw05xIbwQ640WfbSXxtviXfNwjQ-135OrfTIYBP2yL~nZ22; kelkooID=a4c629a-184f24e8b77-572cb; _ga=GA1.2.386629821.1670512544; _gid=GA1.2.613460545.1670512544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.0 403 Forbidden
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400&url=https%3A%2F%2Fnettbutikk.telenor.no%2Fnettbrett%2Fios%2Fapple-ipad-mini-7-9-tommer-256gb-wi-fi-2019%2Fsolv%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DApple%2BIpad%2BMini%2B7%252C9-Tommer%2B256gb%2BWi-Fi.%2B&initiator=timeout
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400&url=https%3A%2F%2Fnettbutikk.telenor.no%2Fnettbrett%2Fios%2Fapple-ipad-mini-7-9-tommer-256gb-wi-fi-2019%2Fsolv%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DApple%2BIpad%2BMini%2B7%252C9-Tommer%2B256gb%2BWi-Fi.%2B&initiator=timeout
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4379ce44df4a54b6e9ddf388a4fd157b77fad865b7e3e10b81d457a911c9a546a1f8dedcdaa289b7ef93915d24a5ab16066db95a1a1fa9a2d5a24470f3eaf2dc80be8e4c1a4e9bfadc8ebe87a8f7720b7c80a51bbcaec7e4880578c83046d23596f17d1d0e8fc959071cec4f3dc093dcb32fc9f095dd1ce5beda0fc4f1adcb44ed173c85d46fe71509e1e1f5ca4cf6b1f8aae344cba78233d04a306942ec6b099dd0d53c17b69f3bb16dc93569a0ac5cab318bd462106ee2aaab8f0c0d35226bbedf5cf64032a994aafd0918c58a1119032f3e0358a253f30cd3eb113436cd53b49963b97d4408a6e26&leadId=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&clickId=107698154_1670512544631_1065400&url=https%3A%2F%2Fnettbutikk.telenor.no%2Fnettbrett%2Fios%2Fapple-ipad-mini-7-9-tommer-256gb-wi-fi-2019%2Fsolv%2F%3Futm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DApple%2BIpad%2BMini%2B7%252C9-Tommer%2B256gb%2BWi-Fi.%2B&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/sitesearchGo?.ts=1670512544104&.sig=Qzf9JyW0vP5CmBWRRfwDTXRT_FA-&affiliationId=96968259&comId=100480081&country=no&offerId=362eb94a80987854d53b66ec23316131&searchId=1076100373763778_1670512544039_73341&service=36&tokenId=137d9480-fe68-4fb0-bea1-aca4ccc32178&custom1=5836873905&custom2=a~r-635daee07e254e1094d279a626f9cf54%3Bk~100480081&addedParams=true
Connection: keep-alive
Cookie: datadome=67MiDE0qchaeZ-4UNY5ppfRQsBvq_o~ZvC22i2DVTXQZopbNOPIpauy8Rj8QMF2qLqRlEQEeK0Kuo47Dvuw05xIbwQ640WfbSXxtviXfNwjQ-135OrfTIYBP2yL~nZ22; kelkooID=a4c629a-184f24e8b77-572cb; _ga=GA1.2.386629821.1670512544; _gid=GA1.2.613460545.1670512544
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Thu, 08 Dec 2022 15:15:44 GMT
leadId: dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683
clickId: 107698154_1670512544631_1065400
country: no
Location: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.014992S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=5TofGEycyQuM2-8LoFhadNpt1gI4a0bSXZ8ES_3rFdO~8GnsrifrYcDjVx3hfzCJMZr00Nb~-2cbX6yVEDdBGuXEWJwgI6WR-O5E9cXzOvEmmdu~TmpfTv03dj0pDCll; Max-Age=31536000; Expires=Fri, 08 Dec 2023 15:15:44 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=96
Connection: Keep-Alive
Content-Type: text/plain
ocsp.buypass.com/
23.33.119.18200 OK 1.7 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 3d10d7944225291abe6e1ef827fa3f56
52725a9605dcbb59cc6f67137039a92d4bd7d3d1
0d7f4433a60cf33698aeed7804e85fa2dcf5528a0f5aa1fd56e824fe7a1d1252
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: a32d774e-f618-4149-9cc5-a2beeadb6e3a
Content-Length: 1702
Date: Thu, 08 Dec 2022 15:15:45 GMT
Connection: keep-alive
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash befe05fb3c85ee9a74ab672aaecb9aa6
a6ffd7600387830e3e1a3173f08d347aea042679
238e4f98a73ff58ae548e020a3c8d36967d5e76ed7051502abb530fc769f4ea2
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:51:18 GMT
Expires: Tue, 13 Dec 2022 13:51:17 GMT
Etag: "a6ffd7600387830e3e1a3173f08d347aea042679"
Cache-Control: max-age=602318,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 738
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7766754f2c26b518-OSL
api-js.datadome.co/js/
16.170.26.249200 OK 236 B IP 16.170.26.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 238076a6038dcb804898080dca8f715d
7f60f3e1928f26aa3e6514a7cef6d273225e98e2
22856b0e0ad32d618fdc918918f12aa270e1ea74490bbb36c7a378e5e3204b5d
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4091
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 15:15:45 GMT
content-type: application/json;charset=utf-8
content-length: 236
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.33.119.18200 OK 1.4 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash bf85a97b625fa069d1d2e00e233dfee3
c91fcf4522b09310f5a038f7c94d645ccb69e74d
f54be28a7c7052dc76ad0cc4d34e41a8facc2534429b00c320ded4fedce7d893
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 77
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: cde62b15-05f2-4c50-aa5a-cc324d85f46c
Content-Length: 1444
Date: Thu, 08 Dec 2022 15:15:45 GMT
Connection: keep-alive
nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
91.213.224.90200 OK 20 kB URL HTTP/1.1 nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
IP 91.213.224.90:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4802), with CRLF, LF line terminators
Hash d17ac3b203857917390dda9c6504ec20
1646f4a1dddc02be7a16cad6da38a40aa390a32b
9b0c434411b2727039041853a5f803f0f804c04e9bc1eb9cfe2a8ab71acf9568
GET /nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+ HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 20109
Connection: keep-alive
Cache-Control: private, no-store
Expires: Sat, 07 Jan 2023 14:13:07 GMT
Set-Cookie: telenormobile=550e7f17959f27e475a803f177cf4e; path=/; expires=Sat, 10-Dec-2022 15:15:45 GMT;; Secure; HttpOnly
Last-Modified: Thu, 08 Dec 2022 14:13:07 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FsitesearchGo%3F.ts%3D1670512544104%26.sig%3DQzf9JyW0vP5CmBWRRfwDTXRT_FA-%26affiliationId%3D96968259%26comId%3D100480081%26country%3Dno%26offerId%3D362eb94a80987854d53b66ec23316131%26searchId%3D1076100373763778_1670512544039_73341%26service%3D36%26tokenId%3D137d9480-fe68-4fb0-bea1-aca4ccc32178%26custom1%3D5836873905%26custom2%3Da~r-635daee07e254e1094d279a626f9cf54%253Bk~100480081%26addedParams%3Dtrue&dr=https%3A%2F%2Fbackend.finalono.com%2F&dp=%2F96968259%7C100480081%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Telenor&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=386629821.1670512544&tid=UA-168544891-6&_gid=613460545.1670512544&_r=1&cd1=96968259&cd2=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&cd3=100480081&cd4=a4c629a-184f24e8b77-572cb&cd5=&cd6=96968259%7C100480081%7C&z=780070622
216.58.207.206200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FsitesearchGo%3F.ts%3D1670512544104%26.sig%3DQzf9JyW0vP5CmBWRRfwDTXRT_FA-%26affiliationId%3D96968259%26comId%3D100480081%26country%3Dno%26offerId%3D362eb94a80987854d53b66ec23316131%26searchId%3D1076100373763778_1670512544039_73341%26service%3D36%26tokenId%3D137d9480-fe68-4fb0-bea1-aca4ccc32178%26custom1%3D5836873905%26custom2%3Da~r-635daee07e254e1094d279a626f9cf54%253Bk~100480081%26addedParams%3Dtrue&dr=https%3A%2F%2Fbackend.finalono.com%2F&dp=%2F96968259%7C100480081%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Telenor&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=386629821.1670512544&tid=UA-168544891-6&_gid=613460545.1670512544&_r=1&cd1=96968259&cd2=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&cd3=100480081&cd4=a4c629a-184f24e8b77-572cb&cd5=&cd6=96968259%7C100480081%7C&z=780070622
IP 216.58.207.206:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?v=1&_v=j96&t=pageview&_s=1&dl=https%3A%2F%2Fno-go.kelkoogroup.net%2Fctl%2Fgo%2FsitesearchGo%3F.ts%3D1670512544104%26.sig%3DQzf9JyW0vP5CmBWRRfwDTXRT_FA-%26affiliationId%3D96968259%26comId%3D100480081%26country%3Dno%26offerId%3D362eb94a80987854d53b66ec23316131%26searchId%3D1076100373763778_1670512544039_73341%26service%3D36%26tokenId%3D137d9480-fe68-4fb0-bea1-aca4ccc32178%26custom1%3D5836873905%26custom2%3Da~r-635daee07e254e1094d279a626f9cf54%253Bk~100480081%26addedParams%3Dtrue&dr=https%3A%2F%2Fbackend.finalono.com%2F&dp=%2F96968259%7C100480081%7C&ul=en-us&de=UTF-8&dt=Du%20sendes%20videre%20til%20Telenor&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=QACAAAABAAAAAC~&cid=386629821.1670512544&tid=UA-168544891-6&_gid=613460545.1670512544&_r=1&cd1=96968259&cd2=dc1-kls-prod-ls-silo.prod.dc1.kelkoo.net_1670512544638_443683&cd3=100480081&cd4=a4c629a-184f24e8b77-572cb&cd5=&cd6=96968259%7C100480081%7C&z=780070622 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://no-go.kelkoogroup.net
date: Thu, 08 Dec 2022 15:15:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nettbutikk.telenor.no/frontend/redesign/assets/global.min.css?v=20221207.1
91.213.224.90200 OK 114 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/assets/global.min.css?v=20221207.1
IP 91.213.224.90:0
File type ASCII text, with very long lines (65354)
Size 114 kB (114142 bytes)
Hash 05a2a95b2cf6d550543d96c82c78b0f4
343e4c555163ccb29b1b650b936ec54ac9707244
73b6da3092a48313033f6d623b09f89e167ec6f970c6e04f5732bdfa4df782fa
GET /frontend/redesign/assets/global.min.css?v=20221207.1 HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 02:25:00 GMT
ETag: "b93d9-5ed64f23e4622-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:15:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nettbutikk.telenor.no/frontend/redesign/lib/jquery-typeahead/jquery.typeahead.min.css?v=20221207.1
91.213.224.90200 OK 3.3 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/lib/jquery-typeahead/jquery.typeahead.min.css?v=20221207.1
IP 91.213.224.90:0
File type assembler source, ASCII text, with very long lines (12438), with no line terminators
Hash a3f1054ef3f914ef057127ad40ab8e2d
33b099ba3b3e3e2efd2c3fcb7b478388f15923af
dacb98f5af47598ebaef517ed63a40eb5fa6f182c98bbf8a5a68c897f1935a12
GET /frontend/redesign/lib/jquery-typeahead/jquery.typeahead.min.css?v=20221207.1 HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: text/css
Content-Length: 3301
Connection: keep-alive
Last-Modified: Fri, 04 Dec 2020 04:26:35 GMT
ETag: "3096-5b59be1b9ac64-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
nettbutikk.telenor.no/frontend/redesign/js/jquery-2.2.4.min.js
91.213.224.90200 OK 35 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/js/jquery-2.2.4.min.js
IP 91.213.224.90:0
File type ASCII text, with very long lines (659)
Hash 0f2f1f400524ea1b966bb2e09b00107c
32e04f2f970d4553b78ffcb56b9aad557702afd1
129d8b0abd903c2101ffa0fd9639f880d39ed3720d535fdbe869ba6a70c86010
GET /frontend/redesign/js/jquery-2.2.4.min.js HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: application/javascript
Content-Length: 34798
Connection: keep-alive
Last-Modified: Mon, 13 Jun 2022 03:41:37 GMT
ETag: "1dbbb-5e14c10b90705-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
tags.tiqcdn.com/utag/telenor/telenor.no/prod/utag.sync.js
2.18.173.203200 OK 531 B URL HTTP/2 tags.tiqcdn.com/utag/telenor/telenor.no/prod/utag.sync.js
IP 2.18.173.203:0
File type ASCII text, with very long lines (308)
Hash d552fd6a64ad57de413c61731ce2e3a4
467cc8a7ce22484f326a3774bc6d428a3cd36cb4
d8ae18022ea8398d5e5d9025cd9347c8a99ab0a0d632c63fa18ee04a4017b2ed
GET /utag/telenor/telenor.no/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d552fd6a64ad57de413c61731ce2e3a4:1669971397.453207"
last-modified: Fri, 02 Dec 2022 08:56:37 GMT
server: AkamaiNetStorage
content-length: 531
cache-control: max-age=300
expires: Thu, 08 Dec 2022 15:20:45 GMT
date: Thu, 08 Dec 2022 15:15:45 GMT
X-Firefox-Spdy: h2
backend.finalono.com/v1/rtb?domain=finalono.com&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=5836873905&visitorIPAddress=46.15.231.130&forceShopping=100480081&smart=true&sourcePlatform=tonic&cpc=0.004000&source=foxtrot-rah-k7q28pm4w8&campaignName=TNC-RON-NO-DESKTOP-Normalize-bnpl-klk-96968259&geo=NO&auctionId=zr2d20e6f6770b11eda8e60adf0d944f95253884262b9d47149a37fdbfcc9cda33069567cabb98be6185&match=real-free-credit-report&device=desktop&browser=firefox&os=windows&long_campaign_id=38f8aeb0-af7c-11ec-bfe9-0a918cbcbb97&isRON=true
104.26.13.138302 Found 185 kB URL HTTP/2 backend.finalono.com/v1/rtb?domain=finalono.com&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=5836873905&visitorIPAddress=46.15.231.130&forceShopping=100480081&smart=true&sourcePlatform=tonic&cpc=0.004000&source=foxtrot-rah-k7q28pm4w8&campaignName=TNC-RON-NO-DESKTOP-Normalize-bnpl-klk-96968259&geo=NO&auctionId=zr2d20e6f6770b11eda8e60adf0d944f95253884262b9d47149a37fdbfcc9cda33069567cabb98be6185&match=real-free-credit-report&device=desktop&browser=firefox&os=windows&long_campaign_id=38f8aeb0-af7c-11ec-bfe9-0a918cbcbb97&isRON=true
IP 104.26.13.138:0
Size 185 kB (185136 bytes)
Hash 2628b84460d0ff6792b7e512c46624f7
5fd4450dc57631d9cd9907e06b90cf9da482e10f
f80aae724f3859815af004a2bce2c0f7a4bd7fed650fd242a678f1d0d47c577d
GET /v1/rtb?domain=finalono.com&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=5836873905&visitorIPAddress=46.15.231.130&forceShopping=100480081&smart=true&sourcePlatform=tonic&cpc=0.004000&source=foxtrot-rah-k7q28pm4w8&campaignName=TNC-RON-NO-DESKTOP-Normalize-bnpl-klk-96968259&geo=NO&auctionId=zr2d20e6f6770b11eda8e60adf0d944f95253884262b9d47149a37fdbfcc9cda33069567cabb98be6185&match=real-free-credit-report&device=desktop&browser=firefox&os=windows&long_campaign_id=38f8aeb0-af7c-11ec-bfe9-0a918cbcbb97&isRON=true HTTP/1.1
Host: backend.finalono.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://game-addicted.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 15:15:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
location: /v1/hybrid-web?q=gzliybzv2a75ygyatzwtzgu6vm
x-api-version: 4.2.54
x-request-id: gql521vlbev9ushdagtmaln8eps446ks
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0doUjooRb%2BHlX04wtZ%2FqREGutnO8BZ35zbrKvPo5B589DgHT34H0hz1CG6Sa4J%2FfJ5TmyY3sI4grhHEDSf3aHuuSXx9lTSGO4KV6uV9TW2cYfwk4FtKlXMGtLT33OLWFBPk19VCM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77667541caaab4f1-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 41d80815e4ff8a4fa9a3b683359676f2
5b1589d5759b334b9b9d9006b8a4a367c1f3399e
b65d53199e0778167a3af0a6707f11f4f21b6984879d1a09f2e0ce37c71c9e4a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=172039
Date: Thu, 08 Dec 2022 15:15:45 GMT
Etag: "6391ee1f-1d7"
Expires: Sat, 10 Dec 2022 15:03:04 GMT
Last-Modified: Thu, 08 Dec 2022 14:01:03 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vHXVcr0KszJ4qesitID8pDjb6__KFe4divdLCjZqymOJYq7MIy7RVA==
Age: 3721
pixel.everesttech.net/rlsa/285
34.251.101.88200 OK 0 B URL HTTP/1.1 pixel.everesttech.net/rlsa/285
IP 34.251.101.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rlsa/285 HTTP/1.1
Host: pixel.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: text/javascript
Content-Length: 0
Connection: keep-alive
Server: AMO-RLSA/1.1
nettbutikk.telenor.no/mediabank/store/1/14417/_thumb_14417.png
91.213.224.90200 OK 14 kB URL HTTP/1.1 nettbutikk.telenor.no/mediabank/store/1/14417/_thumb_14417.png
IP 91.213.224.90:0
File type PNG image data, 74 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash bbf1db699e2323926fdc544bb63d27cf
d47fb8a6776c847595a4b0f3b0198c5dd26267f7
627e3ef262426f1de8b81f37ad4a79244ccbd3fbe4c40fd7a0d08ffffdc33820
GET /mediabank/store/1/14417/_thumb_14417.png HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: image/png
Content-Length: 14010
Connection: keep-alive
Last-Modified: Wed, 20 Mar 2019 12:58:25 GMT
ETag: "36ba-584862d5b5e40"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
nettbutikk.telenor.no/mediabank/store/8/8733/Telenor-L2-Web-Footer-Help2x.png
91.213.224.90200 OK 3.7 kB URL HTTP/1.1 nettbutikk.telenor.no/mediabank/store/8/8733/Telenor-L2-Web-Footer-Help2x.png
IP 91.213.224.90:0
File type PNG image data, 60 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 201975784c1c47e3e7b709407e36bb75
f99f4fc52058c4db0bc6918ee0ea70e8faa9382f
170922014197514692aaad0f95695db19b1f89d40cd3ce153bf6d0e35005aa7b
GET /mediabank/store/8/8733/Telenor-L2-Web-Footer-Help2x.png HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: image/png
Content-Length: 3666
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 09:19:09 GMT
ETag: "e52-5415372e11d40"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
nettbutikk.telenor.no/mediabank/store/8/8734/Telenor-L2-Web-Footer-Security2x.png
91.213.224.90200 OK 3.1 kB URL HTTP/1.1 nettbutikk.telenor.no/mediabank/store/8/8734/Telenor-L2-Web-Footer-Security2x.png
IP 91.213.224.90:0
File type PNG image data, 66 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash b56c5b34676a68cb2566f7215a7d85eb
4d79f8a92fe90cb9bf51f0194b13c0bc76084693
66f1b0f37405b5254377c69a213663b7630a6489a17d0d3c14d1439f2c51d989
GET /mediabank/store/8/8734/Telenor-L2-Web-Footer-Security2x.png HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: image/png
Content-Length: 3064
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2016 09:19:10 GMT
ETag: "bf8-5415372f05f80"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
nettbutikk.telenor.no/frontend/redesign/img/header-icons/telenor-logo-flat-blue.svg
91.213.224.90200 OK 1.1 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/img/header-icons/telenor-logo-flat-blue.svg
IP 91.213.224.90:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (890)
Hash 5fe62a11ee839dd42de737d0d26da92b
8de4f2b0e9a7dd714e920fb8c5ab3ef596a7b221
58bf01e52ece7ae2ce6cf8c9caa864975ab47f24c369a561fce229dc08354304
GET /frontend/redesign/img/header-icons/telenor-logo-flat-blue.svg HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: image/svg+xml
Content-Length: 1136
Connection: keep-alive
Last-Modified: Fri, 04 Dec 2020 04:26:35 GMT
ETag: "470-5b59be1b91024"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
nettbutikk.telenor.no/mediabank/store/1/16635/levering_t.jpg
91.213.224.90200 OK 5.3 kB URL HTTP/1.1 nettbutikk.telenor.no/mediabank/store/1/16635/levering_t.jpg
IP 91.213.224.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 92x92, components 3\012- data
Hash bfc32dcf68346ee5b27446d6bab00ce2
d9d7fb4f2fd00554fdd2aef448b4f217d4b809a7
5484ed4c41cc9f3ca354432f0431c8f45fab7991a1ad31ed1ed79fce09f571f8
GET /mediabank/store/1/16635/levering_t.jpg HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: image/jpeg
Content-Length: 5265
Connection: keep-alive
Last-Modified: Tue, 15 Dec 2020 04:11:35 GMT
ETag: "1491-5b678f4538bc0"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
nettbutikk.telenor.no/mediabank/store/1/16633/klikk-hent_t.jpg
91.213.224.90200 OK 5.6 kB URL HTTP/1.1 nettbutikk.telenor.no/mediabank/store/1/16633/klikk-hent_t.jpg
IP 91.213.224.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 92x92, components 3\012- data
Hash fcb49f87a8dce4bdb567dd693f8fbef5
22c94b410b4b19a640088c4a9ec530fd6fcc8a78
b52a1345d83df23fe0d8912be275c034866e156b6e7216b4f50f18b5710b6321
GET /mediabank/store/1/16633/klikk-hent_t.jpg HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: image/jpeg
Content-Length: 5579
Connection: keep-alive
Last-Modified: Tue, 15 Dec 2020 04:12:09 GMT
ETag: "15cb-5b678f65a5840"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
nettbutikk.telenor.no/mediabank/store/1/16632/fri-frakt_t.jpg
91.213.224.90200 OK 5.6 kB URL HTTP/1.1 nettbutikk.telenor.no/mediabank/store/1/16632/fri-frakt_t.jpg
IP 91.213.224.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 92x92, components 3\012- data
Hash e89080b9688c628809346954815f3283
1f825719764611ca895990631e69d5f15fc97dde
4174a809a7cffcc041bb03c7118273f653866d07635bd70d12ff1c631f6fce3d
GET /mediabank/store/1/16632/fri-frakt_t.jpg HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: image/jpeg
Content-Length: 5583
Connection: keep-alive
Last-Modified: Tue, 15 Dec 2020 04:12:26 GMT
ETag: "15cf-5b678f75dbe80"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
widget.porterbuddy.com/widgetframe.html
54.230.111.24200 OK 101 B URL HTTP/2 widget.porterbuddy.com/widgetframe.html
IP 54.230.111.24:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2946dfbe162d793818e2bd45f5338537
ac2a60035df5d7202f985956443ed580a0f53ecb
3e788329e1f4d21f3bf962b605d86cd5d6ca4703f44b2d695bb81953e7ad94d6
GET /widgetframe.html HTTP/1.1
Host: widget.porterbuddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 101
last-modified: Mon, 01 Aug 2022 07:45:33 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Dec 2022 01:20:32 GMT
cache-control: public, max-age=300, s-maxage=86400
etag: "2946dfbe162d793818e2bd45f5338537"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7cd4KcTkVoEpzv4F43bIaCxS3psvALBnBIflgdCU2YN-0LLBRX1Ubw==
age: 50115
X-Firefox-Spdy: h2
nettbutikk.telenor.no/frontend/redesign/img/svg/close-x.svg
91.213.224.90200 OK 339 B URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/img/svg/close-x.svg
IP 91.213.224.90:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (339), with no line terminators
Hash 41ae3b1f9400c1c3cd13cf038fa9bfb2
cdb66852a43808b3e41459fb06ddb1bcb70e240d
37a477496dd46cc3c249ae3333e6b913fe9d769fb9c7afe53656c6613d53d93d
GET /frontend/redesign/img/svg/close-x.svg HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/frontend/redesign/assets/global.min.css?v=20221207.1
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Content-Length: 339
Connection: keep-alive
Last-Modified: Fri, 04 Dec 2020 04:26:35 GMT
ETag: "153-5b59be1b92f64"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
nettbutikk.telenor.no/mediabank/store/1/14417/ipadmini-2019-silver1-produktside-600px.png
91.213.224.90200 OK 78 kB URL HTTP/1.1 nettbutikk.telenor.no/mediabank/store/1/14417/ipadmini-2019-silver1-produktside-600px.png
IP 91.213.224.90:0
File type PNG image data, 405 x 600, 8-bit colormap, non-interlaced\012- data
Hash 18995398f59d98ad82b1203ae533a13a
57975fd018c0be8f9ac39e61ece8f70c134e6c8e
db130ebb9d36d1ef305a0ab77216e95c99b9fd9f17af77171b51ced01d77c562
GET /mediabank/store/1/14417/ipadmini-2019-silver1-produktside-600px.png HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/nettbrett/ios/apple-ipad-mini-7-9-tommer-256gb-wi-fi-2019/solv/?utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Apple+Ipad+Mini+7%2C9-Tommer+256gb+Wi-Fi.+
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:45 GMT
Content-Type: image/png
Content-Length: 77479
Connection: keep-alive
Last-Modified: Wed, 20 Mar 2019 12:58:24 GMT
ETag: "12ea7-584862d4c1c00"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
ocsp.buypass.com/
23.33.119.18200 OK 1.4 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 1b2d69e6c268a8f4d5694778f4e2a641
7fbe64d0f21278557843713fbdb75d96a0a9dbf7
0a4b0f9a191c56f781c8d3264c6f099f9f0e3916d525289f1a16abd25ba19d20
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 77
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: c2d15899-bc58-4c24-ba44-ff2ff47af820
Content-Length: 1444
Date: Thu, 08 Dec 2022 15:15:46 GMT
Connection: keep-alive
nettbutikk.telenor.no/frontend/redesign/fonts/TelenorLight_tcm52-213518.woff
91.213.224.90200 OK 27 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/fonts/TelenorLight_tcm52-213518.woff
IP 91.213.224.90:0
File type Web Open Font Format, TrueType, length 26948, version 1.0\012- data
Hash 0c81bab4d33b2896f5090d15b5372314
7927f0acf04bbdb6af0194f3130370d060b5319e
516b24cfe8831eca438296ef3a680d1447b6dc9ca282dacfb95c1177b3700630
GET /frontend/redesign/fonts/TelenorLight_tcm52-213518.woff HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/frontend/redesign/assets/global.min.css?v=20221207.1
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: font/woff
Content-Length: 26948
Connection: keep-alive
Last-Modified: Wed, 16 Dec 2020 03:45:28 GMT
ETag: "6944-5b68cb4cbd8bd"
Accept-Ranges: bytes
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
www.telenor.no/binaries/dynamic-components/privat/system/telenor-logo-icon_tcm94-306239.png
51.13.25.113200 OK 2.6 kB URL HTTP/1.1 www.telenor.no/binaries/dynamic-components/privat/system/telenor-logo-icon_tcm94-306239.png
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 94 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash 27d9dbcd1c9579145efbe944e498ab7e
d00c84e3b92a4c3450a68c241dc3b89adbd4beec
29ac6847b1ab6fa0f6f85bbbc7be9f761063401b70f0d2e464efe59d21e0e8b8
GET /binaries/dynamic-components/privat/system/telenor-logo-icon_tcm94-306239.png HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/png
Content-Length: 2551
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *, *
nettbutikk.telenor.no/frontend/redesign/img/svg/icon-basket-black.svg
91.213.224.90200 OK 1.1 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/img/svg/icon-basket-black.svg
IP 91.213.224.90:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 312a0980a8f81a14d379ac87965912c8
6b319cfe82fb9728010ca2ce6f7a4b2703f61eb6
4c30730ee5bc91e0a09af841c0309b5e59ba7dd173b81a5539359bf89d2c98a4
GET /frontend/redesign/img/svg/icon-basket-black.svg HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/frontend/redesign/assets/global.min.css?v=20221207.1
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Content-Length: 1100
Connection: keep-alive
Last-Modified: Wed, 16 Dec 2020 03:45:28 GMT
ETag: "44c-5b68cb4cc079d"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
www.telenor.no/binaries/frontend/search-black.svg
51.13.25.113200 OK 787 B URL HTTP/1.1 www.telenor.no/binaries/frontend/search-black.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (934)
Hash c97634d255506e35260c13ba82198684
952bfdff44e824adaade3b51f738ac1255ff8191
5117a712ea28238a99a2b85d46568134f5f93ec23b3221b1a90e286bf5692ca8
GET /binaries/frontend/search-black.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"567-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
nettbutikk.telenor.no/frontend/redesign/img/ajax-loader.png
91.213.224.90200 OK 2.2 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/img/ajax-loader.png
IP 91.213.224.90:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, interlaced\012- data
Hash 6ab9d065eaeb1ce90050060f378225bd
7bbd729ea8c171a460746e06cd6cf2c81bc0a0ae
dd962e679f7fd9e8a94cde263049ca405bac275258bb598300f3cee540498955
GET /frontend/redesign/img/ajax-loader.png HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/frontend/redesign/assets/global.min.css?v=20221207.1
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/png
Content-Length: 2168
Connection: keep-alive
Last-Modified: Wed, 16 Dec 2020 03:45:28 GMT
ETag: "878-5b68cb4cbe85d"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000
ocsp.buypass.com/
23.33.119.18200 OK 1.4 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 967353ee4e9f0e313618ef34b6a5d157
a3a14e5cbbece032cca26cfea314cba5ebdfe98d
d83012164d4bea960d4c2d53df4263853874d90dc3d3b40e36353a74519aa646
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 77
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 1d918f12-4fb0-4e36-aef3-e0583c4937e3
Content-Length: 1444
Date: Thu, 08 Dec 2022 15:15:46 GMT
Connection: keep-alive
nettbutikk.telenor.no/frontend/redesign/fonts/Telenor_tcm52-213517.woff
91.213.224.90200 OK 28 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/fonts/Telenor_tcm52-213517.woff
IP 91.213.224.90:0
File type Web Open Font Format, TrueType, length 28248, version 1.0\012- data
Hash 13c9993c35ff9fc0ee4297cd11a12833
b43ad5a5e5cd7492226c221da5f9ab226eb95565
cd45b04f70f6d57c980ea2cc7852b1f2565d4da7bbf6a6ddd7f83c3d2a366cea
GET /frontend/redesign/fonts/Telenor_tcm52-213517.woff HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/frontend/redesign/assets/global.min.css?v=20221207.1
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: font/woff
Content-Length: 28248
Connection: keep-alive
Last-Modified: Fri, 04 Dec 2020 04:26:35 GMT
ETag: "6e58-5b59be1b90084"
Accept-Ranges: bytes
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
www.telenor.no/binaries/frontend/mine-sider-white.svg
51.13.25.113200 OK 698 B URL HTTP/1.1 www.telenor.no/binaries/frontend/mine-sider-white.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (780)
Hash 8ec1cb811c9d4fff5f486ade3bc2ee68
6a7245e892d748ed196ca91e538296a8fd9a4289
e42fe3c2ced5ebd1442c937ec10ddf59ae32f57c606647f3e97b974cb6ba4275
GET /binaries/frontend/mine-sider-white.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"53f-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
www.telenor.no/binaries/frontend/telenor-logo-flat-blue.svg
51.13.25.113200 OK 654 B URL HTTP/1.1 www.telenor.no/binaries/frontend/telenor-logo-flat-blue.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (890)
Hash 5a4657100edd5531dd1658a4774e7a28
29042622fc26a9bfacba6fec002fa5eeea7f0006
d061f93fc2dd338f15ce4d1a5355656a916a44c564a607814b17e6dbdaa44ac2
GET /binaries/frontend/telenor-logo-flat-blue.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"470-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
www.telenor.no/binaries/dynamic-components/privat/system/flogo-HexRBG-Wht-72_tcm94-365306.svg
51.13.25.113200 OK 427 B URL HTTP/1.1 www.telenor.no/binaries/dynamic-components/privat/system/flogo-HexRBG-Wht-72_tcm94-365306.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (427), with no line terminators
Hash 9700c594e8a9f1ae57e548b14c62048e
ab5fb0e0e49cfdd718849bd5634bbe06d556d0ac
ef3ebdb053723271d18354c2bdda13108d99c660db7abdae67c9fc915e4b065e
GET /binaries/dynamic-components/privat/system/flogo-HexRBG-Wht-72_tcm94-365306.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Content-Length: 427
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *, *
www.telenor.no/binaries/dynamic-components/privat/system/youtube_tcm94-365307.svg
51.13.25.113200 OK 917 B URL HTTP/1.1 www.telenor.no/binaries/dynamic-components/privat/system/youtube_tcm94-365307.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1533)
Hash 2fd16488b6c435fa348a24eb36aefe70
12d1e67e0a5a5ce72e7db93863c0e8ca48dc34d3
82c30be1c57a7f194512d3f3e29d2f6555b04dbb7cada29273b1a69713bc4dee
GET /binaries/dynamic-components/privat/system/youtube_tcm94-365307.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *, *
ocsp.buypass.com/
23.33.119.18200 OK 1.4 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 1b2d69e6c268a8f4d5694778f4e2a641
7fbe64d0f21278557843713fbdb75d96a0a9dbf7
0a4b0f9a191c56f781c8d3264c6f099f9f0e3916d525289f1a16abd25ba19d20
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 77
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 8feed6bc-acda-4301-a910-b7f1ac54f69e
Content-Length: 1444
Date: Thu, 08 Dec 2022 15:15:46 GMT
Connection: keep-alive
www.telenor.no/binaries/frontend/mine-sider-black.svg
51.13.25.113200 OK 698 B URL HTTP/1.1 www.telenor.no/binaries/frontend/mine-sider-black.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (780)
Hash bdeeb2f6ec83d87fbde4d2a14e496e03
979bfeb1331a6db37d86c2e1a20ae8e5ccde65b2
c2b7baa17e46481a7d74be615992627fbb77ff7efcddda80edc4a0e4b71a49fe
GET /binaries/frontend/mine-sider-black.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"53f-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
tags.tiqcdn.com/utag/telenor/telenor.no/prod/utag.js
2.18.173.203200 OK 98 kB URL HTTP/2 tags.tiqcdn.com/utag/telenor/telenor.no/prod/utag.js
IP 2.18.173.203:0
Hash 558b03e9f1c6439cf8b98209388bedc1
05a8b5bd799c3b1f92dad89c11cc5562851f2122
af492d1124a01256b1f23d120e7cc04a6a5b5684ef4fff6dca4872fb20fbfc05
GET /utag/telenor/telenor.no/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f75e50764f64fedbeec4780118b303d6:1669971397.57965"
last-modified: Fri, 02 Dec 2022 08:56:37 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 08 Dec 2022 15:20:45 GMT
date: Thu, 08 Dec 2022 15:15:45 GMT
X-Firefox-Spdy: h2
www.telenor.no/binaries/dynamic-components/privat/system/IG_glyph-logo_May2016_white_tcm94-365308.svg
51.13.25.113200 OK 1.5 kB URL HTTP/1.1 www.telenor.no/binaries/dynamic-components/privat/system/IG_glyph-logo_May2016_white_tcm94-365308.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2304)
Hash 40214e86021c26a43bd2b10501a89196
ac775a3791f3104af50ae6865b9dd19d52157c5c
1ff25ff184e730e3b98e6a8b9fbf60021e70c2e3b0208a33cf949c1159a8ba3c
GET /binaries/dynamic-components/privat/system/IG_glyph-logo_May2016_white_tcm94-365308.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *, *
nettbutikk.telenor.no/frontend/redesign/fonts/SourceSansPro-Regular.ttf
91.213.224.90200 OK 119 kB URL HTTP/1.1 nettbutikk.telenor.no/frontend/redesign/fonts/SourceSansPro-Regular.ttf
IP 91.213.224.90:0
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2010, 2012, 2014 Adobe Systems Incorporated (http://www.adobe.com/), with Reserved Fon\012- data
Size 119 kB (119238 bytes)
Hash 30d5f0dd7d709b40b4a92dbe12b60497
49c5aeb42b656b02d73ab35fa10100a375e6cd9e
a8313caa59a3065fb9500b43b97a50e33f428ffed1695e29b5b425fe1248d57e
GET /frontend/redesign/fonts/SourceSansPro-Regular.ttf HTTP/1.1
Host: nettbutikk.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/frontend/redesign/assets/global.min.css?v=20221207.1
Cookie: telenormobile=550e7f17959f27e475a803f177cf4e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: font/ttf
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 04 Dec 2020 04:26:35 GMT
ETag: "4169c-5b59be1b90084-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
www.telenor.no/binaries/frontend/minus-icon-black.svg
51.13.25.113200 OK 262 B URL HTTP/1.1 www.telenor.no/binaries/frontend/minus-icon-black.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 37a2b1ecda2238a3abb15a5b9346443e
2685108f408b2bb256f7ea72d5b89ebf15c9cae3
190ae2576745ef47c02f227a8f5384c7fe176ae64c1e6bf734adb772c7390fbe
GET /binaries/frontend/minus-icon-black.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Content-Length: 262
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"106-dc6acfac00"
Vary: Accept-Encoding
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
www.telenor.no/binaries/dynamic-components/privat/system/Twitter_tcm94-365310.svg
51.13.25.113200 OK 834 B URL HTTP/1.1 www.telenor.no/binaries/dynamic-components/privat/system/Twitter_tcm94-365310.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1039)
Hash c79afbdb83e808206eb3798cd1a50fa8
f8a65c0143f3c40bdcd351a597de57ab76b16896
919d9e9bccf59047f10a0004b7a5bb4065df995dfdcdea789bb70e64e86a84f5
GET /binaries/dynamic-components/privat/system/Twitter_tcm94-365310.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *, *
www.telenor.no/binaries/frontend/minus-icon-white.svg
51.13.25.113200 OK 262 B URL HTTP/1.1 www.telenor.no/binaries/frontend/minus-icon-white.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4e95d4a546e4f8e385f2285a9576288c
9233ccf4b414373c4f160b49f52b9000cd4b96b6
4643912ac0d0c4b745a9c961cbaa03edaf91aef3a053fa1a5cf67b493dcc78a2
GET /binaries/frontend/minus-icon-white.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Content-Length: 262
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"106-dc6acfac00"
Vary: Accept-Encoding
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
www.telenor.no/binaries/dynamic-components/privat/system/LinkedIn_tcm94-365309.svg
51.13.25.113200 OK 667 B URL HTTP/1.1 www.telenor.no/binaries/dynamic-components/privat/system/LinkedIn_tcm94-365309.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (776)
Hash 497f6a36c34d6ba49f91668b05825097
85af9a611da0f287917f2d7abb8147de81e4cf1e
e030224320cf1c36ff344b2e17851dd0b974a482ce309e623f9a0989da5e95a5
GET /binaries/dynamic-components/privat/system/LinkedIn_tcm94-365309.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *, *
ocsp.buypass.com/
23.33.119.18200 OK 1.4 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash 1985950ddfd5d9a72ab0d3e20f9fcf8f
0c981f7cb08dc296c220468f9c95e3e0e90eedc1
bf39ad8d2bcea45038c3c20bc296f6100253b03e819ed0ea1c9fe07f7fc7841b
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 77
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 52ffa32a-1682-4a77-8b88-9681b0613f93
Content-Length: 1444
Date: Thu, 08 Dec 2022 15:15:46 GMT
Connection: keep-alive
www.telenor.no/binaries/frontend/close-white.svg
51.13.25.113200 OK 729 B URL HTTP/1.1 www.telenor.no/binaries/frontend/close-white.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1043)
Hash 061da6892a2fd8df601fcf97d473259e
7e77c79a4642c334ce744e4bbdd12fef414dbaba
3345485873c1e965c5854068c9bc1c756b53c07b2baac575d10365d005edf0a5
GET /binaries/frontend/close-white.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"5d2-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
www.telenor.no/binaries/frontend/telefonkiosk.svg
51.13.25.113200 OK 702 B URL HTTP/1.1 www.telenor.no/binaries/frontend/telefonkiosk.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document, ASCII text
Hash d1241a7160fbf8e295966e8a31b85d74
0a68f45d15c3414e4bd173939917d57eae7a9fda
a3317150f79d39c5e7fc5eea8954439621c373b47d8a1528373efbc533e7edde
GET /binaries/frontend/telefonkiosk.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"5ba-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
www.telenor.no/binaries/frontend/close-black.svg
51.13.25.113200 OK 729 B URL HTTP/1.1 www.telenor.no/binaries/frontend/close-black.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1043)
Hash fb2c1fce832f8d62370998f6078fbcc5
d29302d396f9c991a219cd6937078591e9c2f804
37a04427024823f11b41008ad5e0dbd3545651e30817cd495f24e0e723fe2770
GET /binaries/frontend/close-black.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"5d2-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
www.telenor.no/binaries/frontend/plus-icon-black.svg
51.13.25.113200 OK 291 B URL HTTP/1.1 www.telenor.no/binaries/frontend/plus-icon-black.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 206ed4a9242d3a8751b38a64cddd7ece
81fe196682ebb3e93c190a1f452dde95c1caad2a
d0d0a67038c59d0d584f9e7313e2267c879651f0a7387a4fe1420cf985994936
GET /binaries/frontend/plus-icon-black.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Content-Length: 291
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"123-dc6acfac00"
Vary: Accept-Encoding
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
www.telenor.no/binaries/frontend/search-white.svg
51.13.25.113200 OK 785 B URL HTTP/1.1 www.telenor.no/binaries/frontend/search-white.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (934)
Hash 0e9f5a6d57b8ee48685fc5dd9308a026
9d9aff5c92dceafcfd084403746428b1eef1bb14
c632de4b6829f889e118190cacee59fdb701da5b8b008706b40c28636689e014
GET /binaries/frontend/search-white.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"55b-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
www.telenor.no/binaries/frontend/plus-icon-white.svg
51.13.25.113200 OK 291 B URL HTTP/1.1 www.telenor.no/binaries/frontend/plus-icon-white.svg
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash e394f7698b2cd40f443601265a996723
66cc7bb48c43d7ed733e1600d1a6279d838c10db
c0801d1ec627d96db97e9476bd23bbcb7c449f6f11fb20683412d2eccb4cadfd
GET /binaries/frontend/plus-icon-white.svg HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: image/svg+xml
Content-Length: 291
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=864000
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"123-dc6acfac00"
Vary: Accept-Encoding
Expires: Sun, 18 Dec 2022 15:15:46 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ocsp.buypass.com/
23.33.119.18200 OK 1.4 kB IP 23.33.119.18:0
ASN #20940 Akamai International B.V.
Hash b1cd873b16be1d5ed5b58bf3cd44cae3
e7570ba936c00b7d1d4803af5119e4db45a05c16
66ce959536b2ae533343ee8fb296b2facabe10beb2510d64e06599da819454bc
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 77
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 21d89000-1ace-4834-a6e0-05c8a75b9a86
Content-Length: 1444
Date: Thu, 08 Dec 2022 15:15:46 GMT
Connection: keep-alive
chat.telenor.no/client.js?_=1670512545098
51.13.25.113200 OK 148 kB URL HTTP/1.1 chat.telenor.no/client.js?_=1670512545098
IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39865)
Size 148 kB (147997 bytes)
Hash 30cae8d33b90c302c7e31564e804a042
18e023dc7f5b9d3aa847a7359ed90dbc41ac8209
0bac71cdc5bc80ed23ee9fe6ec284d20a990b4aa019b81f3aada76586c54233f
GET /client.js?_=1670512545098 HTTP/1.1
Host: chat.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
ETag: W/"6ff2d-FBDSlypMFU1aXlX956xeGRjF/s8"
Content-Encoding: gzip
X-Cache-Status: HIT
X-Cache-Key: frontend_version_b/client.js
Strict-Transport-Security: max-age=15724800; includeSubDomains
www.telenor.no/fonts.css
51.13.25.113200 OK 336 B IP 51.13.25.113:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 92bd88ce85d01c4a3cb83a0b0a80412c
0d53635f375a4e55fd61e2696a6ac8f06203c2a7
9c4f78f0eb0757fb10e3f584072bfc01b495e2a5cda454155b6b9ecb6876cb21
GET /fonts.css HTTP/1.1
Host: www.telenor.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Cookie: utag_main=v_id:0184f24e8eef001425653581f15d0005000cd00900918$_sn:1$_se:1$_ss:1$_st:1670514345519$ses_id:1670512545519%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:46 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 01 Jan 2000 00:00:00 GMT
ETag: W/"b5f-dc6acfac00"
Vary: Accept-Encoding
Content-Encoding: gzip
widget.porterbuddy.com/porterbuddy-widget.js
54.230.111.24200 OK 0 B URL HTTP/2 widget.porterbuddy.com/porterbuddy-widget.js
IP 54.230.111.24:0
GET /porterbuddy-widget.js HTTP/1.1
Host: widget.porterbuddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 01 Aug 2022 07:45:31 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 02:14:36 GMT
cache-control: public, max-age=300, s-maxage=86400
etag: W/"ed660fa50df3fc2ce6a6c75afa1419a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gpOSgvsXP1X237wN4g8BakaoUipXUesSdA1fMUdHlIq8gffwBVbrvQ==
age: 46870
X-Firefox-Spdy: h2
widget.porterbuddy.com/porterbuddy-widget.css
54.230.111.24200 OK 0 B URL HTTP/2 widget.porterbuddy.com/porterbuddy-widget.css
IP 54.230.111.24:0
GET /porterbuddy-widget.css HTTP/1.1
Host: widget.porterbuddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nettbutikk.telenor.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 01 Aug 2022 07:45:32 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 08 Dec 2022 13:14:03 GMT
cache-control: public, max-age=300, s-maxage=86400
etag: W/"44e07c559e0e666e3da9d739fcc682cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pwOLQ5smNm3AsLSd-uPTDff8Z-lyVSn8aX130eGmpNdtIpU4-kDv4A==
age: 7303
X-Firefox-Spdy: h2
widget.porterbuddy.com/porterbuddy-storage.js
54.230.111.24200 OK 0 B URL HTTP/2 widget.porterbuddy.com/porterbuddy-storage.js
IP 54.230.111.24:0
GET /porterbuddy-storage.js HTTP/1.1
Host: widget.porterbuddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.porterbuddy.com/widgetframe.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 08 Dec 2022 03:18:27 GMT
last-modified: Mon, 01 Aug 2022 07:45:30 GMT
etag: W/"b314f8ef781f2a4b02e746dac72aedde"
cache-control: public, max-age=300, s-maxage=86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0EoEv-HOHptbunVXjixJjGkz-4WpqhQ7mTje1Oxaep1IH64mrmjFyw==
age: 43040
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.8.3.js
69.16.175.42200 OK 0 B URL HTTP/1.1 code.jquery.com/jquery-1.8.3.js
IP 69.16.175.42:0
GET /jquery-1.8.3.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://girlsexykoreans.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 15:15:38 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 78927
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"611feac9-40f49"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1670512538.dop068.sk1.t,1670512538.cds211.sk1.c