christianeka-images.blogspot.com/
172.217.21.161301 Moved Permanently 184 B URL HTTP/1.1 christianeka-images.blogspot.com/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0d8a291fa774983a6c14c7b0ffcf3f4e
f334df0a55f3ba3dc5138b1ef404d8fd9c3427bf
b7956de415bc96fd996913a52e79de6b109cd115c4948d740f71b49439c5dcfa
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: christianeka-images.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://christianeka-images.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 31 Jan 2023 05:36:50 GMT
Expires: Tue, 31 Jan 2023 05:36:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 184
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6420
Expires: Tue, 31 Jan 2023 07:23:50 GMT
Date: Tue, 31 Jan 2023 05:36:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3480
Expires: Tue, 31 Jan 2023 06:34:50 GMT
Date: Tue, 31 Jan 2023 05:36:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12185
Expires: Tue, 31 Jan 2023 08:59:55 GMT
Date: Tue, 31 Jan 2023 05:36:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 05:35:52 GMT
content-type: application/json
age: 58
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0Pk+da7pxHSCtfTVMvi9PWKqD3hxL4+RHnHGLIghe9Ieg1hh4gFPQWUnqeXlwEq65ylc/q6qC+E=
x-amz-request-id: BZ5GXK3BDW4601YX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 04:51:02 GMT
age: 2748
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:50 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 04:41:42 GMT
age: 3308
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10420
Expires: Tue, 31 Jan 2023 08:30:31 GMT
Date: Tue, 31 Jan 2023 05:36:51 GMT
Connection: keep-alive
push.services.mozilla.com/
54.185.76.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.185.76.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 26e/P5EtlDKC4k0sPrGuCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TFXPlytqOJZmYX3tUiIb+UrIUeA=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
christianeka-images.blogspot.com/
172.217.21.161200 OK 40 kB URL HTTP/2 christianeka-images.blogspot.com/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2280)
Hash 95400256049b15166c094facfbbbb8cf
71016e80fb4917896df2bda4f0549712297de360
a120ebb71e5bd630484aa23a7fcbba450feee10783247b1a47057c160bab4f93
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: christianeka-images.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 31 Jan 2023 05:36:51 GMT
date: Tue, 31 Jan 2023 05:36:51 GMT
cache-control: private, max-age=0
last-modified: Fri, 27 Jan 2023 14:31:07 GMT
etag: W/"e4001863d3e1c98cc8405420158e025b77eb5797ae7a78f0014ea63e32e99e47"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 39818
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6010
Cache-Control: max-age=168741
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:51 GMT
Etag: "63d8819e-118"
Expires: Thu, 02 Feb 2023 04:29:12 GMT
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.41200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:41:15 GMT
expires: Wed, 24 Jan 2024 09:41:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 12:51:55 GMT
content-type: text/css
age: 590136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2045757162-widgets.js
142.250.74.41200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2045757162-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash edbc7ab2d53c09471714144789724544
ba36fe6362dccb6bcf542726920a97acde555dec
525408a1919e4cc7ef36c85e43c2dbdbf323aac64299cc06caaf982ca56e4ddc
GET /static/v1/widgets/2045757162-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 02:36:28 GMT
expires: Tue, 30 Jan 2024 02:36:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 01:50:10 GMT
content-type: text/javascript
age: 97223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-0KinYJlPg0o/VAii64HIeiI/AAAAAAAABkA/-P4EIYqFChY/s1600/soc-icon-dribbble.png
142.250.74.161200 OK 2.2 kB URL HTTP/2 1.bp.blogspot.com/-0KinYJlPg0o/VAii64HIeiI/AAAAAAAABkA/-P4EIYqFChY/s1600/soc-icon-dribbble.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b4437e345b9abce8f2a1fb8ddcee9aa
f195bd2ed30b7ecb21b5f35a0533dff3265691b1
7c688da1a660eab4641c04b21ee87d2311775eeb77c20226f03aca4f0eff7be7
GET /-0KinYJlPg0o/VAii64HIeiI/AAAAAAAABkA/-P4EIYqFChY/s1600/soc-icon-dribbble.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-dribbble.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2249
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:40:53 GMT
expires: Tue, 31 Jan 2023 07:30:15 GMT
cache-control: public, max-age=86400, no-transform
age: 3358
etag: "v643"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-PZoZIvzojHQ/VAii52uu-yI/AAAAAAAABjk/oz67jJFt9-c/s1600/soc-icon-be.png
142.250.74.161200 OK 1.6 kB URL HTTP/2 4.bp.blogspot.com/-PZoZIvzojHQ/VAii52uu-yI/AAAAAAAABjk/oz67jJFt9-c/s1600/soc-icon-be.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 60f3015b83fabacbfef9f4d54bf14749
97647be5a998e7ac38ab98dc178647836bc0ea8f
b04b403439101596fb7810668e87dc9336555050fcd53655db9eda52d81d6873
GET /-PZoZIvzojHQ/VAii52uu-yI/AAAAAAAABjk/oz67jJFt9-c/s1600/soc-icon-be.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-be.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1598
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:12:32 GMT
expires: Mon, 30 Jan 2023 04:46:44 GMT
cache-control: public, max-age=86400, no-transform
age: 5059
etag: "v63b"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-X7iMvUAtq08/VAii6wHeRLI/AAAAAAAABj8/ast6_i7jBmc/s1600/soc-icon-fb.png
142.250.74.161200 OK 897 B URL HTTP/2 1.bp.blogspot.com/-X7iMvUAtq08/VAii6wHeRLI/AAAAAAAABj8/ast6_i7jBmc/s1600/soc-icon-fb.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash f67e415fbeeb67864e93acb1bb006bf4
61d370c8b633d418b88590ff03f60c81b4081405
7f74a9a7f2e441e8f2a061b16135f0dc5fb4f81b1a2aa8b5751b752da5f12319
GET /-X7iMvUAtq08/VAii6wHeRLI/AAAAAAAABj8/ast6_i7jBmc/s1600/soc-icon-fb.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-fb.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 897
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:40:53 GMT
expires: Wed, 25 Jan 2023 18:44:57 GMT
cache-control: public, max-age=86400, no-transform
age: 3358
etag: "v642"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-EB4TVsAjhCA/VAikOotrv8I/AAAAAAAABkY/VrBWlMRNYFc/s1600/soc-icon-black-be.png
142.250.74.161200 OK 1.1 kB URL HTTP/2 4.bp.blogspot.com/-EB4TVsAjhCA/VAikOotrv8I/AAAAAAAABkY/VrBWlMRNYFc/s1600/soc-icon-black-be.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash be35fab41fcfc343190feb53ee2e5839
de11767df9258f19f50d1b034fb26161b0ecc20a
082fd9f44e85d64e6d594f6591614e187bd2f244f6e915479376a707f384a7f1
GET /-EB4TVsAjhCA/VAikOotrv8I/AAAAAAAABkY/VrBWlMRNYFc/s1600/soc-icon-black-be.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-black-be.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1069
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:12:32 GMT
expires: Mon, 30 Jan 2023 00:22:43 GMT
cache-control: public, max-age=86400, no-transform
age: 5059
etag: "v648"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-L6MZ5N36hWc/VAii7fHrYoI/AAAAAAAABj4/ENCEAuK5vx4/s1600/soc-icon-instagram.png
142.250.74.161200 OK 1.8 kB URL HTTP/2 4.bp.blogspot.com/-L6MZ5N36hWc/VAii7fHrYoI/AAAAAAAABj4/ENCEAuK5vx4/s1600/soc-icon-instagram.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash d436c5bad65608cfafdb7c3f1033fd08
eff924d8e270c333d0d4f9bd03c57d7a984ec579
d772f42b6b101ff6fce53e9345762cd6f10c5bcc6c88985fe0692a33f97792cd
GET /-L6MZ5N36hWc/VAii7fHrYoI/AAAAAAAABj4/ENCEAuK5vx4/s1600/soc-icon-instagram.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-instagram.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1801
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:12:32 GMT
expires: Thu, 26 Jan 2023 16:21:00 GMT
cache-control: public, max-age=86400, no-transform
age: 5059
etag: "v641"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6011
Cache-Control: max-age=168741
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Etag: "63d8819e-118"
Expires: Thu, 02 Feb 2023 04:29:13 GMT
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
2.bp.blogspot.com/-3XxgEyZ2jRc/VAikPnb3AJI/AAAAAAAABks/wcdkCt0fV8s/s1600/soc-icon-black-p.png
142.250.74.161200 OK 1.3 kB URL HTTP/2 2.bp.blogspot.com/-3XxgEyZ2jRc/VAikPnb3AJI/AAAAAAAABks/wcdkCt0fV8s/s1600/soc-icon-black-p.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash bd5f13647c3f355e66a288a0459cd571
a83ad880c40cede10f55b9912ca4691e0809385e
df95006bc1fff7e47d757a28ffc87bad7ca69a95c81856e8b7e87d29b6dc30a7
GET /-3XxgEyZ2jRc/VAikPnb3AJI/AAAAAAAABks/wcdkCt0fV8s/s1600/soc-icon-black-p.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-black-p.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1338
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:12:32 GMT
expires: Tue, 31 Jan 2023 22:54:31 GMT
cache-control: public, max-age=86400, no-transform
age: 5059
etag: "v64e"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 18:53:25 GMT
expires: Sun, 28 Jan 2024 18:53:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 211407
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-utQwKE6Wikw/VAikO213xpI/AAAAAAAABkc/wakeJTDfcII/s1600/soc-icon-black-dribbble.png
142.250.74.161200 OK 1.4 kB URL HTTP/2 2.bp.blogspot.com/-utQwKE6Wikw/VAikO213xpI/AAAAAAAABkc/wakeJTDfcII/s1600/soc-icon-black-dribbble.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c6e332b50acad44faf49c2d895416ac
3bc63f3cc6728297f5720ab8264174505db19113
45404e5e3b546e24ebfcbf34fbf753647fa76d52fddc577781dbf54478d91da5
GET /-utQwKE6Wikw/VAikO213xpI/AAAAAAAABkc/wakeJTDfcII/s1600/soc-icon-black-dribbble.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-black-dribbble.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1423
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:12:32 GMT
expires: Thu, 26 Jan 2023 16:21:00 GMT
cache-control: public, max-age=86400, no-transform
age: 5059
etag: "v649"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-J773jg0F1x0/VAikO_IkUAI/AAAAAAAABkw/OhrcTHuZKts/s1600/soc-icon-black-instagram.png
142.250.74.161200 OK 1.1 kB URL HTTP/2 2.bp.blogspot.com/-J773jg0F1x0/VAikO_IkUAI/AAAAAAAABkw/OhrcTHuZKts/s1600/soc-icon-black-instagram.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f19d358aa6973a337918452550f820b
e076ddefd685132435f12fceaa1d52a8fe856cf3
13e8c0054c6935fc6dd0f23c5ddf7a8eafac2b7d195c6f50fbcfdd37938a14b2
GET /-J773jg0F1x0/VAikO_IkUAI/AAAAAAAABkw/OhrcTHuZKts/s1600/soc-icon-black-instagram.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-black-instagram.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1079
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:12:32 GMT
expires: Wed, 25 Jan 2023 12:59:37 GMT
cache-control: public, max-age=86400, no-transform
age: 5060
etag: "v64f"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-AlQmGkQq9MI/VAijAQfGagI/AAAAAAAABkQ/_G6WLvRqGgY/s1600/soc-icon-p.png
142.250.74.161200 OK 2.1 kB URL HTTP/2 3.bp.blogspot.com/-AlQmGkQq9MI/VAijAQfGagI/AAAAAAAABkQ/_G6WLvRqGgY/s1600/soc-icon-p.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash f651c836cc7d2a9c86b57dfc795cda0a
09b6c368e27ac3503c82d79ceef9dbea8b19b7ae
2f5e2aed861ca1c05667f9c85807e5e69b9e2153683ad2ad5a03db628d20d40d
GET /-AlQmGkQq9MI/VAijAQfGagI/AAAAAAAABkQ/_G6WLvRqGgY/s1600/soc-icon-p.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-p.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2093
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:27:11 GMT
expires: Sat, 28 Jan 2023 04:27:35 GMT
cache-control: public, max-age=86400, no-transform
age: 11381
etag: "v645"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i2.wp.com/i.ytimg.com/vi/K9XBxZJngoM/maxresdefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i2.wp.com/i.ytimg.com/vi/K9XBxZJngoM/maxresdefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/K9XBxZJngoM/maxresdefault.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 05:36:52 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/K9XBxZJngoM/maxresdefault.jpg
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
3.bp.blogspot.com/-FYCSXetkBVg/VAilJsawdcI/AAAAAAAABlA/brrk-x6L7Vc/s1600/soc-icon-black-fb.png
142.250.74.161200 OK 533 B URL HTTP/2 3.bp.blogspot.com/-FYCSXetkBVg/VAilJsawdcI/AAAAAAAABlA/brrk-x6L7Vc/s1600/soc-icon-black-fb.png
IP 142.250.74.161:0
File type PNG image data, 26 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash a263bb206ae9d228bb2881197b6d0df0
fd1a8fb79b9d30fad6a807691ff5bbceb87609ba
baf9e17885725a379e4a4198c5d3aef343c2e84b53402c59916667c448b8bd16
GET /-FYCSXetkBVg/VAilJsawdcI/AAAAAAAABlA/brrk-x6L7Vc/s1600/soc-icon-black-fb.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="soc-icon-black-fb.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 533
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:27:15 GMT
expires: Sat, 28 Jan 2023 04:27:35 GMT
cache-control: public, max-age=86400, no-transform
age: 11377
etag: "v651"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i2.wp.com/1.bp.blogspot.com/-D8bTjNCKHDc/XlgZ9d8VAYI/AAAAAAAAAUs/aPN4CAZ3cvkoJ5M4oPZyw-cKccedwY2CQCNcBGAsYHQ/s1600/66F8AF19-0802-4D04-8066-EEB385808230.jpeg
192.0.77.2302 Found 138 B URL HTTP/2 i2.wp.com/1.bp.blogspot.com/-D8bTjNCKHDc/XlgZ9d8VAYI/AAAAAAAAAUs/aPN4CAZ3cvkoJ5M4oPZyw-cKccedwY2CQCNcBGAsYHQ/s1600/66F8AF19-0802-4D04-8066-EEB385808230.jpeg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /1.bp.blogspot.com/-D8bTjNCKHDc/XlgZ9d8VAYI/AAAAAAAAAUs/aPN4CAZ3cvkoJ5M4oPZyw-cKccedwY2CQCNcBGAsYHQ/s1600/66F8AF19-0802-4D04-8066-EEB385808230.jpeg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 05:36:52 GMT
content-type: text/html
content-length: 138
location: https://1.bp.blogspot.com/-D8bTjNCKHDc/XlgZ9d8VAYI/AAAAAAAAAUs/aPN4CAZ3cvkoJ5M4oPZyw-cKccedwY2CQCNcBGAsYHQ/s1600/66F8AF19-0802-4D04-8066-EEB385808230.jpeg
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1a17f5bd9cf6bb2ec333fa6eeefb3345
d00ac8d8036e4b5e584006b4446b95445835ea09
4ad64978a243ed85af02e7128e8c0b809709be861997dca42a6f21b4f728766e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Tue, 31 Jan 2023 05:36:52 GMT
expires: Tue, 31 Jan 2023 05:36:52 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-k4BDKlymtjmts-T0uvKgtmyuVtvKHDXVloJV4JvrWpxcnLOyj8CFUNuUO_vb3MffJPvVOUzO7l7xueVFE26wZ50NNtF3bA2NeygLig_8T07mzCyg=w72-h72-n-k-no-nu
142.250.74.129200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-k4BDKlymtjmts-T0uvKgtmyuVtvKHDXVloJV4JvrWpxcnLOyj8CFUNuUO_vb3MffJPvVOUzO7l7xueVFE26wZ50NNtF3bA2NeygLig_8T07mzCyg=w72-h72-n-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 824fb389765972b65b195390aff7688f
e72c5707fb9d4cd72ad8d8cef79a6a5bc8c0b428
162d5e5641c3c4fa1e3cff508804c674d1f92446f5368780a4b88f621fd7852d
GET /blogger_img_proxy/AHs97-k4BDKlymtjmts-T0uvKgtmyuVtvKHDXVloJV4JvrWpxcnLOyj8CFUNuUO_vb3MffJPvVOUzO7l7xueVFE26wZ50NNtF3bA2NeygLig_8T07mzCyg=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 4069
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c3a242e6132fe39e40953523bb8d3175
c9914952910c863f533f0c7bf6451b77b12d10b7
423bd4744c6b389c23fccdfab4dc8731bf553232a6bf14782c946183e8119a04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AHs97-nXyp5Wb87ySm9p4v1fp6tJk-ix6hOk0Fy_YV5of9-o_le_EKEKvf-ajWxK4ZPu42eiCJEmIJzZON30COxjI1sWuFs6Z_GHMz9wS5QJS-wcpuEYZcfdA3rjJLAVyI7IqPugFtkYzdbTBipMvGx4F28wjagMQOs8Uy5pNT8mgtwKtLWnNkOvQTkM9JsHWqR2dQvcN6vRqQa-_DXETJ2Oc0PbJe85C09C6yZ_gAbxvOsm9EcNMhdESe3zilgqcQ=w72-h72-p-k-no-nu
142.250.74.129404 Not Found 1.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-nXyp5Wb87ySm9p4v1fp6tJk-ix6hOk0Fy_YV5of9-o_le_EKEKvf-ajWxK4ZPu42eiCJEmIJzZON30COxjI1sWuFs6Z_GHMz9wS5QJS-wcpuEYZcfdA3rjJLAVyI7IqPugFtkYzdbTBipMvGx4F28wjagMQOs8Uy5pNT8mgtwKtLWnNkOvQTkM9JsHWqR2dQvcN6vRqQa-_DXETJ2Oc0PbJe85C09C6yZ_gAbxvOsm9EcNMhdESe3zilgqcQ=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b49e8e00be22a32390e23eb249c9fb92
68ed821cae597624bb53e3cf235b795a660b3307
49652c1f3c97c3f1effa573a30eab9fd0e9449b3cecdb9be649f302186f0b611
GET /blogger_img_proxy/AHs97-nXyp5Wb87ySm9p4v1fp6tJk-ix6hOk0Fy_YV5of9-o_le_EKEKvf-ajWxK4ZPu42eiCJEmIJzZON30COxjI1sWuFs6Z_GHMz9wS5QJS-wcpuEYZcfdA3rjJLAVyI7IqPugFtkYzdbTBipMvGx4F28wjagMQOs8Uy5pNT8mgtwKtLWnNkOvQTkM9JsHWqR2dQvcN6vRqQa-_DXETJ2Oc0PbJe85C09C6yZ_gAbxvOsm9EcNMhdESe3zilgqcQ=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 1855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/K9XBxZJngoM/maxresdefault.jpg
172.217.21.182200 OK 54 kB URL HTTP/2 i.ytimg.com/vi/K9XBxZJngoM/maxresdefault.jpg
IP 172.217.21.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 4205fd4ccc1c76f7581a82397476e2fa
97d9fc1e544c55d9a45dcd787a1275f69767e780
b50945b3629700b02aa4466139330f469784d4f7292191e865c04d391f72d75b
GET /vi/K9XBxZJngoM/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://christianeka-images.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 54235
date: Tue, 31 Jan 2023 05:36:52 GMT
expires: Tue, 31 Jan 2023 07:36:52 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-kzzxx5a6nrMFyqkLyIFtT4C23cb8q5-bvrAZKjnBrxrqpAXGrUeIe1kVqQvUFYgEq5DnVr5zUxEHtBQZO6SVAJe4xEYSyNBtY9twPq_V5VCOoPNfg2Pvp0zQo6AgTJuqA-qDDPC7SJ-Swm1f17P9gKA3ja0M2ukOHvuD3TBlp6zb6QSg=w72-h72-p-k-no-nu
142.250.74.129200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-kzzxx5a6nrMFyqkLyIFtT4C23cb8q5-bvrAZKjnBrxrqpAXGrUeIe1kVqQvUFYgEq5DnVr5zUxEHtBQZO6SVAJe4xEYSyNBtY9twPq_V5VCOoPNfg2Pvp0zQo6AgTJuqA-qDDPC7SJ-Swm1f17P9gKA3ja0M2ukOHvuD3TBlp6zb6QSg=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 61c6e2e407c14b7f90b1d07402c0c108
58831945422053d125541e569096a5ef82c2c5f6
259b84ce735eb100b677671ae112298cc87de31b25bd51b53bbc8cebaeedb654
GET /blogger_img_proxy/AHs97-kzzxx5a6nrMFyqkLyIFtT4C23cb8q5-bvrAZKjnBrxrqpAXGrUeIe1kVqQvUFYgEq5DnVr5zUxEHtBQZO6SVAJe4xEYSyNBtY9twPq_V5VCOoPNfg2Pvp0zQo6AgTJuqA-qDDPC7SJ-Swm1f17P9gKA3ja0M2ukOHvuD3TBlp6zb6QSg=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 4235
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i2.wp.com/www.short-haircut.com/wp-content/uploads/2017/02/10.Short-Blunt-Hair.jpg
192.0.77.2200 OK 28 kB URL HTTP/2 i2.wp.com/www.short-haircut.com/wp-content/uploads/2017/02/10.Short-Blunt-Hair.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x750, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5d501f73a9e1eba3fc397b8137f90680
05da0cd1e7c907718aa14a21f693af4a6fa01333
93f34f3c78534c26580bfedb879c009c09a54837b06575a0f6caa40d1e2cc9af
GET /www.short-haircut.com/wp-content/uploads/2017/02/10.Short-Blunt-Hair.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:52 GMT
content-type: image/webp
content-length: 28318
last-modified: Tue, 31 Jan 2023 05:36:52 GMT
expires: Thu, 30 Jan 2025 17:36:52 GMT
cache-control: public, max-age=63115200
link: <http://www.short-haircut.com/wp-content/uploads/2017/02/10.Short-Blunt-Hair.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3ec36b20bc539118"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c3a242e6132fe39e40953523bb8d3175
c9914952910c863f533f0c7bf6451b77b12d10b7
423bd4744c6b389c23fccdfab4dc8731bf553232a6bf14782c946183e8119a04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lQItKNBbjLMt7v_m9wZX8ZL9CR4L_AI8ucEebUI3ihSRgaqvGkrDHw9dwKNY0tlqeMzSpKtnpIfvswKDSCqyFnK0WSibGImmVpAS5XBs3D9716nQZw-lKlcSsu0VpYLGmptwx_y8AvlYJQ21ml7Q=w72-h72-p-k-no-nu
142.250.74.129200 OK 4.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lQItKNBbjLMt7v_m9wZX8ZL9CR4L_AI8ucEebUI3ihSRgaqvGkrDHw9dwKNY0tlqeMzSpKtnpIfvswKDSCqyFnK0WSibGImmVpAS5XBs3D9716nQZw-lKlcSsu0VpYLGmptwx_y8AvlYJQ21ml7Q=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 0b0b8a750599a1c94f2a9a9700adc318
d99377abd94b6407a2281825eb083485a786913e
dfee8bf7fe2042901be92a19281e9f0ef9f41d00cc9ce09086d22bf47d54cc9c
GET /blogger_img_proxy/AHs97-lQItKNBbjLMt7v_m9wZX8ZL9CR4L_AI8ucEebUI3ihSRgaqvGkrDHw9dwKNY0tlqeMzSpKtnpIfvswKDSCqyFnK0WSibGImmVpAS5XBs3D9716nQZw-lKlcSsu0VpYLGmptwx_y8AvlYJQ21ml7Q=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 4304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i2.wp.com/www.itakeyou.co.uk/wp-content/uploads/2015/04/Vintage-Wedding-Hairstylesglamorous-wedding-hair2.jpg
192.0.77.2200 OK 70 kB URL HTTP/2 i2.wp.com/www.itakeyou.co.uk/wp-content/uploads/2015/04/Vintage-Wedding-Hairstylesglamorous-wedding-hair2.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 900x1350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b7f3da989c1dbd22a4c2d7b356025aaf
109af86ec5096a8d03a5fd9e4009ec33e40d3bd7
24ae33b4cc36bf85b51cae9c859510489cb6665ea14dc5a111c45b4543c831ec
GET /www.itakeyou.co.uk/wp-content/uploads/2015/04/Vintage-Wedding-Hairstylesglamorous-wedding-hair2.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:52 GMT
content-type: image/webp
content-length: 70168
last-modified: Tue, 31 Jan 2023 05:36:52 GMT
expires: Thu, 30 Jan 2025 17:36:52 GMT
cache-control: public, max-age=63115200
link: <http://www.itakeyou.co.uk/wp-content/uploads/2015/04/Vintage-Wedding-Hairstylesglamorous-wedding-hair2.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9a42af81cf4af64d"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-negnVWxWEBgk4faUwhhvnpHfeY0ObV4ZaI653_MEDmLU5Uu0EmRNrew5KIeeTwFd2mH2DFOf_D28NwDAkCyP6NJHKZPV_pcXCiRZaJzKS7uCA9TR3XX8GflHzUQshbMGUVf-zbeoJAWzT1C22A1YOmPcAmTpAgRYnZTX5Neye_SGsMiBMB2CIbxKp0o8PbjluAEvE9mwuseULeFPWdEgLHoJWJBsdkbOGIICPUmsDlQFQkojAULfV5E9tdeWgFkVVaWZDAan1ZFuVSYBP58k6qBLcJI9alWaMoQKq5vKUo=w72-h72-p-k-no-nu
142.250.74.129200 OK 1.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-negnVWxWEBgk4faUwhhvnpHfeY0ObV4ZaI653_MEDmLU5Uu0EmRNrew5KIeeTwFd2mH2DFOf_D28NwDAkCyP6NJHKZPV_pcXCiRZaJzKS7uCA9TR3XX8GflHzUQshbMGUVf-zbeoJAWzT1C22A1YOmPcAmTpAgRYnZTX5Neye_SGsMiBMB2CIbxKp0o8PbjluAEvE9mwuseULeFPWdEgLHoJWJBsdkbOGIICPUmsDlQFQkojAULfV5E9tdeWgFkVVaWZDAan1ZFuVSYBP58k6qBLcJI9alWaMoQKq5vKUo=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash c6c8b1b1830edfb1207f6c1255ce7053
8cd47a6a8d73b140aa46a802fd2891d4c7e6f934
89b883a06fab8573707a47a060569c4247ebca3e243ef5a365ff922bf5bebe37
GET /blogger_img_proxy/AHs97-negnVWxWEBgk4faUwhhvnpHfeY0ObV4ZaI653_MEDmLU5Uu0EmRNrew5KIeeTwFd2mH2DFOf_D28NwDAkCyP6NJHKZPV_pcXCiRZaJzKS7uCA9TR3XX8GflHzUQshbMGUVf-zbeoJAWzT1C22A1YOmPcAmTpAgRYnZTX5Neye_SGsMiBMB2CIbxKp0o8PbjluAEvE9mwuseULeFPWdEgLHoJWJBsdkbOGIICPUmsDlQFQkojAULfV5E9tdeWgFkVVaWZDAan1ZFuVSYBP58k6qBLcJI9alWaMoQKq5vKUo=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
date: Tue, 31 Jan 2023 05:36:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-knWWXvsy3qA1HoA-5Nhx93ljIYU8eM2oYKKcw_eUUtKfvAFSRbqe_JjFSw58cyOsuWZS7hIjuJNpa5fKRfmc90IlAC67HUmxyUqPgzsXA2TkVwqLAQuW9IpkKQw4UwlptNO1l-Aw7AMBdUKupCtmxzVQ=w72-h72-p-k-no-nu
142.250.74.129200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-knWWXvsy3qA1HoA-5Nhx93ljIYU8eM2oYKKcw_eUUtKfvAFSRbqe_JjFSw58cyOsuWZS7hIjuJNpa5fKRfmc90IlAC67HUmxyUqPgzsXA2TkVwqLAQuW9IpkKQw4UwlptNO1l-Aw7AMBdUKupCtmxzVQ=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 29938b5605172a8a06a208e9d9a3a180
c61291b9279156e2e080b31bf69395f886a9724c
4e515b3961f4a810cf8202261e6b65d5b4d3fff82e4d6b90a34580b9e5715e55
GET /blogger_img_proxy/AHs97-knWWXvsy3qA1HoA-5Nhx93ljIYU8eM2oYKKcw_eUUtKfvAFSRbqe_JjFSw58cyOsuWZS7hIjuJNpa5fKRfmc90IlAC67HUmxyUqPgzsXA2TkVwqLAQuW9IpkKQw4UwlptNO1l-Aw7AMBdUKupCtmxzVQ=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 3140
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lyKMaTTuDRMViVDotS-ktoX1_ZN7j5qEP0bGLkjCPnF_lFOzNY4BgcSmcsCXCBhM5jW72KS6IeEnoxsbW9qhSj9zzuIIE0meOXT_EJHiv18_EyWhTCMNrQ0B36_EaOQ9_A=w72-h72-p-k-no-nu
142.250.74.129200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lyKMaTTuDRMViVDotS-ktoX1_ZN7j5qEP0bGLkjCPnF_lFOzNY4BgcSmcsCXCBhM5jW72KS6IeEnoxsbW9qhSj9zzuIIE0meOXT_EJHiv18_EyWhTCMNrQ0B36_EaOQ9_A=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash a1fbf65c02afc4fc40935ec2908a4846
ca953b82037c7149b9953e837106d60ec21ec680
556a61b76e296dbbb715dc596de6c5b0035841f0319cc3754a77ce9915adfa98
GET /blogger_img_proxy/AHs97-lyKMaTTuDRMViVDotS-ktoX1_ZN7j5qEP0bGLkjCPnF_lFOzNY4BgcSmcsCXCBhM5jW72KS6IeEnoxsbW9qhSj9zzuIIE0meOXT_EJHiv18_EyWhTCMNrQ0B36_EaOQ9_A=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 3801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-l20cDPyXkW9D1cPvTPXOy_SSw8A-W7sjr2pc-ozyoFEHg3KAflMYWxXWgLCcCOqqQPjOamQWlbxqnKRx-vI_rDlyRRuMqAJz_sbCJQGbIMTVj_0jj0zMmAES54qeXrsqSXhgtERUYq=w72-h72-p-k-no-nu
142.250.74.129200 OK 3.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-l20cDPyXkW9D1cPvTPXOy_SSw8A-W7sjr2pc-ozyoFEHg3KAflMYWxXWgLCcCOqqQPjOamQWlbxqnKRx-vI_rDlyRRuMqAJz_sbCJQGbIMTVj_0jj0zMmAES54qeXrsqSXhgtERUYq=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 147371207c3da80b87863a582d24eacc
a149a69bbc6bbbccf8c32ba9464dcadfc00a4718
6d8ec183a0d5f25a2ea17f7ac1187b3565031a5fed894ec0d7f98ece6d350c75
GET /blogger_img_proxy/AHs97-l20cDPyXkW9D1cPvTPXOy_SSw8A-W7sjr2pc-ozyoFEHg3KAflMYWxXWgLCcCOqqQPjOamQWlbxqnKRx-vI_rDlyRRuMqAJz_sbCJQGbIMTVj_0jj0zMmAES54qeXrsqSXhgtERUYq=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 3397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9e8de19b8b0fbdbd462c62f4c7ffa4c
f566777a35019961eae0eb35c3190b0c6534a073
93fd9aa2d3baa4b02d25ed5fbf4dfce647477f4eb35cd08e5727ca9fb5abb665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93FD9AA2D3BAA4B02D25ED5FBF4DFCE647477F4EB35CD08E5727CA9FB5ABB665"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12229
Expires: Tue, 31 Jan 2023 09:00:41 GMT
Date: Tue, 31 Jan 2023 05:36:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9e8de19b8b0fbdbd462c62f4c7ffa4c
f566777a35019961eae0eb35c3190b0c6534a073
93fd9aa2d3baa4b02d25ed5fbf4dfce647477f4eb35cd08e5727ca9fb5abb665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93FD9AA2D3BAA4B02D25ED5FBF4DFCE647477F4EB35CD08E5727CA9FB5ABB665"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12229
Expires: Tue, 31 Jan 2023 09:00:41 GMT
Date: Tue, 31 Jan 2023 05:36:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9e8de19b8b0fbdbd462c62f4c7ffa4c
f566777a35019961eae0eb35c3190b0c6534a073
93fd9aa2d3baa4b02d25ed5fbf4dfce647477f4eb35cd08e5727ca9fb5abb665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93FD9AA2D3BAA4B02D25ED5FBF4DFCE647477F4EB35CD08E5727CA9FB5ABB665"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12229
Expires: Tue, 31 Jan 2023 09:00:41 GMT
Date: Tue, 31 Jan 2023 05:36:52 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/AHs97-l-kFsqfX6jxpT1il2f4YUmS_ncytHzRxtguveQLFtUCDcVZMWq0aIt7MGmiBJjliL77AY6T05ke4PE5XrrAlAPayEeRHukPd8nJgL2PJjEo10z6zg9H5h0sGK8h-eiRUyLWd4eS8KZ=w72-h72-p-k-no-nu
142.250.74.129200 OK 3.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-l-kFsqfX6jxpT1il2f4YUmS_ncytHzRxtguveQLFtUCDcVZMWq0aIt7MGmiBJjliL77AY6T05ke4PE5XrrAlAPayEeRHukPd8nJgL2PJjEo10z6zg9H5h0sGK8h-eiRUyLWd4eS8KZ=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 7e5f4677e88cdc72c7ca28dcdb9c1d06
b9f2bbb42a5885ef5a3bba925d25f8ab6a0d3e37
53b46f0094f8533f3179f30b0b9e951539afb3c864bcc5fe1d20cc17c6214ca7
GET /blogger_img_proxy/AHs97-l-kFsqfX6jxpT1il2f4YUmS_ncytHzRxtguveQLFtUCDcVZMWq0aIt7MGmiBJjliL77AY6T05ke4PE5XrrAlAPayEeRHukPd8nJgL2PJjEo10z6zg9H5h0sGK8h-eiRUyLWd4eS8KZ=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 3311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-V8XkHVM7Iyw/V_HpaSarsRI/AAAAAAAAAsY/-p_paT4Q3ncnnf_dD5WOK__v29u1iSQYwCLcB/w72-h72-p-k-no-nu/Canon%2BPixma%2Bmp230%2BDriver.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 2.bp.blogspot.com/-V8XkHVM7Iyw/V_HpaSarsRI/AAAAAAAAAsY/-p_paT4Q3ncnnf_dD5WOK__v29u1iSQYwCLcB/w72-h72-p-k-no-nu/Canon%2BPixma%2Bmp230%2BDriver.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 18994f456e09ddbbcb2d442420ae5f09
def3c2328cea5ed03fa020985f3086a530b3d5b3
8f26771cb5582d14c2bc9a006e266683ac4d0545e8f94b7c5e5d772a156474b7
GET /-V8XkHVM7Iyw/V_HpaSarsRI/AAAAAAAAAsY/-p_paT4Q3ncnnf_dD5WOK__v29u1iSQYwCLcB/w72-h72-p-k-no-nu/Canon%2BPixma%2Bmp230%2BDriver.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2c7"
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Canon Pixma mp230 Driver.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 2222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/proxy/QAv4Tv0CVAcMlsG-Mq6D2ryNEKseDeAaAqLzbeKub7frwC1aGRAX8RdnmE0RSr9f38mY12XCWEpYUb9yCI6UcZL0TspYPmNGTh_xXfCvR2IvS1uWNN7RAgUEXToD=w72-h72-p-k-no-nu
142.250.74.129200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/proxy/QAv4Tv0CVAcMlsG-Mq6D2ryNEKseDeAaAqLzbeKub7frwC1aGRAX8RdnmE0RSr9f38mY12XCWEpYUb9yCI6UcZL0TspYPmNGTh_xXfCvR2IvS1uWNN7RAgUEXToD=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash cc93aee42d33d71d865c6a0909f81554
5b354a5d4b0083b0e18f255bc345ff7d8a600ccc
c74472989e1603b392af1e2fbf7393cd4d2907d17278c5ec017e68902cdfdaef
GET /proxy/QAv4Tv0CVAcMlsG-Mq6D2ryNEKseDeAaAqLzbeKub7frwC1aGRAX8RdnmE0RSr9f38mY12XCWEpYUb9yCI6UcZL0TspYPmNGTh_xXfCvR2IvS1uWNN7RAgUEXToD=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 2222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-l7VWbdIuXuBAbbARLN8OmghiRqxtGlzlOamLe03GF3W7EQns4_Ie5iI1m_iyx-juhDqOSxuoSHx66kYjuASWC6QkZKcm7EN-oV8g35M0-TVmgWivzWTBLM1KDDONZ6g_Rstl_TMf_y8qRwwZ-rUqd0lo2ihd30WwDsy1jBIcyg1m-DKE3QzN4n6UckHaJSwKgxMqgx-xVTBnxXVRtzNGQ1BPoLGRbmZjJtSTrW413UueQ1Z_EX8Vx_ymERmhhllFtw52FvWjHi01UhK97Gur_5PGDhK5Uwe4mVyr1Gl93wGTUAHsxORqIoePZj7xrCY3dK7s_tizuEbg-8skIfvJyCN7nZQtRwAvY=w72-h72-p-k-no-nu
142.250.74.129200 OK 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-l7VWbdIuXuBAbbARLN8OmghiRqxtGlzlOamLe03GF3W7EQns4_Ie5iI1m_iyx-juhDqOSxuoSHx66kYjuASWC6QkZKcm7EN-oV8g35M0-TVmgWivzWTBLM1KDDONZ6g_Rstl_TMf_y8qRwwZ-rUqd0lo2ihd30WwDsy1jBIcyg1m-DKE3QzN4n6UckHaJSwKgxMqgx-xVTBnxXVRtzNGQ1BPoLGRbmZjJtSTrW413UueQ1Z_EX8Vx_ymERmhhllFtw52FvWjHi01UhK97Gur_5PGDhK5Uwe4mVyr1Gl93wGTUAHsxORqIoePZj7xrCY3dK7s_tizuEbg-8skIfvJyCN7nZQtRwAvY=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash c30fb27e49a6599c35e743731a1da4eb
7f34c7d0196084977ce7550a9019ce427d09bd09
5b9cdba39ea2a54fca50052b7a76f5a3d68fe69696d5d1fe1f1ac152115ff661
GET /blogger_img_proxy/AHs97-l7VWbdIuXuBAbbARLN8OmghiRqxtGlzlOamLe03GF3W7EQns4_Ie5iI1m_iyx-juhDqOSxuoSHx66kYjuASWC6QkZKcm7EN-oV8g35M0-TVmgWivzWTBLM1KDDONZ6g_Rstl_TMf_y8qRwwZ-rUqd0lo2ihd30WwDsy1jBIcyg1m-DKE3QzN4n6UckHaJSwKgxMqgx-xVTBnxXVRtzNGQ1BPoLGRbmZjJtSTrW413UueQ1Z_EX8Vx_ymERmhhllFtw52FvWjHi01UhK97Gur_5PGDhK5Uwe4mVyr1Gl93wGTUAHsxORqIoePZj7xrCY3dK7s_tizuEbg-8skIfvJyCN7nZQtRwAvY=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 1783
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-nALDVHlDLCSzDabFfHMliujgm6Je0TNWXGXkzvZFQmFDiU8KSNau8ATLtaH2BGkLHC4d1XdYMjJrBi00VxqCbwcnUuoqJUUF0upaAyFjPtRtu1wwp92_hZFK5ntxjAMTPKzxfxBGbiiCMoHGHLyHVoGDWj6vKT3gpg=w72-h72-p-k-no-nu
142.250.74.129200 OK 4.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-nALDVHlDLCSzDabFfHMliujgm6Je0TNWXGXkzvZFQmFDiU8KSNau8ATLtaH2BGkLHC4d1XdYMjJrBi00VxqCbwcnUuoqJUUF0upaAyFjPtRtu1wwp92_hZFK5ntxjAMTPKzxfxBGbiiCMoHGHLyHVoGDWj6vKT3gpg=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 0cc822ac7144e2edcb86128082cb86b7
f2a255c9787e6733bd5573862ad26b1f261d72f2
e8593c1303f567a478972e0d417a8eeb73d29c0a14369b0ff529b43e95569322
GET /blogger_img_proxy/AHs97-nALDVHlDLCSzDabFfHMliujgm6Je0TNWXGXkzvZFQmFDiU8KSNau8ATLtaH2BGkLHC4d1XdYMjJrBi00VxqCbwcnUuoqJUUF0upaAyFjPtRtu1wwp92_hZFK5ntxjAMTPKzxfxBGbiiCMoHGHLyHVoGDWj6vKT3gpg=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 4027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-D8bTjNCKHDc/XlgZ9d8VAYI/AAAAAAAAAUs/aPN4CAZ3cvkoJ5M4oPZyw-cKccedwY2CQCNcBGAsYHQ/s1600/66F8AF19-0802-4D04-8066-EEB385808230.jpeg
142.250.74.161200 OK 375 kB URL HTTP/2 1.bp.blogspot.com/-D8bTjNCKHDc/XlgZ9d8VAYI/AAAAAAAAAUs/aPN4CAZ3cvkoJ5M4oPZyw-cKccedwY2CQCNcBGAsYHQ/s1600/66F8AF19-0802-4D04-8066-EEB385808230.jpeg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 854x750, components 3\012- data
Size 375 kB (374639 bytes)
Hash bdf94111fec1cbfb2a4df59a25f81731
a6d65fe8baee2b54049845f1365588d9a0a02390
26d6b06eb91fed800c2be98f70cf0b8549b529cea34572417ad01ff54d7a23b0
GET /-D8bTjNCKHDc/XlgZ9d8VAYI/AAAAAAAAAUs/aPN4CAZ3cvkoJ5M4oPZyw-cKccedwY2CQCNcBGAsYHQ/s1600/66F8AF19-0802-4D04-8066-EEB385808230.jpeg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://christianeka-images.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v154"
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="66F8AF19-0802-4D04-8066-EEB385808230.jpeg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 374639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5167
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:36:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5167
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:36:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5167
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:36:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5167
Expires: Tue, 31 Jan 2023 07:02:59 GMT
Date: Tue, 31 Jan 2023 05:36:52 GMT
Connection: keep-alive
i2.wp.com/media.gettyimages.com/photos/beverly-hills-united-states-view-of-the-playboy-mansion-owned-by-us-picture-id72171982
192.0.77.2200 OK 177 kB URL HTTP/2 i2.wp.com/media.gettyimages.com/photos/beverly-hills-united-states-view-of-the-playboy-mansion-owned-by-us-picture-id72171982
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=Beverly Hills, UNITED STATES: View of the Playboy Mansion, owned by US Playboy Magazine publisher Hugh Hefner in Beverly Hills, copyright=2006 AFP\377\355\001DPhotoshop 3.0], progressive, precision 8, 1024x683, components 3\012- data
Size 177 kB (176804 bytes)
Hash 97e72a3b934a60e68495a3f81de6a6a9
b4ad0cb069ad33f1df194205e3205ab6f11ae04a
31eb710c8f4b232cd7f5939e0e251013c791b1c1388e4daea384f44e6ffc5fd6
GET /media.gettyimages.com/photos/beverly-hills-united-states-view-of-the-playboy-mansion-owned-by-us-picture-id72171982 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:52 GMT
content-type: image/jpeg
content-length: 176804
last-modified: Tue, 31 Jan 2023 05:36:52 GMT
expires: Thu, 30 Jan 2025 17:36:52 GMT
cache-control: public, max-age=63115200
link: <http://media.gettyimages.com/photos/beverly-hills-united-states-view-of-the-playboy-mansion-owned-by-us-picture-id72171982>; rel="canonical"
x-content-type-options: nosniff
etag: "502bd5a0504d010b"
x-bytes-saved: 9511
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:23 GMT
age: 27209
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: djoQmYTv7Rlq9tKKkJ5U1J3YeVSIs5yzSts_xRN3bdi27Ra8UfM6OQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:45 GMT
age: 28327
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZP2Mar8l3QoPH733_vv3hUuQjWvaN4_TgfYwme2-6WIxGi55BoSchg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:26:31 GMT
age: 4221
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:40:17 GMT
age: 6995
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63486f2a937aa8fd013fc2c2d1b32f2d
e8868de34c2f79348c1edad764259eb70bebd7a6
fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13639
x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcJSF0SIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mXlQ5A2PHadECkKglPquN9x68ubYk8s2to-_JjCgEQe7axfJo6K8Jw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 07:53:36 GMT
age: 78196
etag: "e8868de34c2f79348c1edad764259eb70bebd7a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 13116
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-mvVOYby6FynJX7B_5_BPKa6-lOmG5CmXQIZC5EJeNxShLEISN-rAAnOagoZiMmNAkFxLTAntBTH6KPTbLBVrRfW6iw9cTQO0kuYJaYuyeY98dekZVZasOqtQXbonyXrWjhAnM-k2F7SLK0BLkncH59qhqOaNxIlrJWo-hYNJSsDGWuV5nwo49KtQSop8rz-AiC_4V-5qHIWl-DyaMOlUq8aKrUasXa21qyXWYsg62CSSU4rWncS7OvA9EOEBmahpXsG8_yoSHRtRH7T-w2d-ET6PnoNjwNGp63XbHo0p8ljiA41fZBLdXFAlvarn03HnLe-2qoUP8WukwjxtcSs5cZDA=w72-h72-p-k-no-nu
142.250.74.129200 OK 2.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-mvVOYby6FynJX7B_5_BPKa6-lOmG5CmXQIZC5EJeNxShLEISN-rAAnOagoZiMmNAkFxLTAntBTH6KPTbLBVrRfW6iw9cTQO0kuYJaYuyeY98dekZVZasOqtQXbonyXrWjhAnM-k2F7SLK0BLkncH59qhqOaNxIlrJWo-hYNJSsDGWuV5nwo49KtQSop8rz-AiC_4V-5qHIWl-DyaMOlUq8aKrUasXa21qyXWYsg62CSSU4rWncS7OvA9EOEBmahpXsG8_yoSHRtRH7T-w2d-ET6PnoNjwNGp63XbHo0p8ljiA41fZBLdXFAlvarn03HnLe-2qoUP8WukwjxtcSs5cZDA=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 0ff69a9547e21d0892623955dbece8f4
eb17b6bd897ea72f605e921e71d0ad5c2712ebfe
b95f1727f5ff26093342f0425e3b95fcc4a44d24361b8d99b7a4c534781a3058
GET /blogger_img_proxy/AHs97-mvVOYby6FynJX7B_5_BPKa6-lOmG5CmXQIZC5EJeNxShLEISN-rAAnOagoZiMmNAkFxLTAntBTH6KPTbLBVrRfW6iw9cTQO0kuYJaYuyeY98dekZVZasOqtQXbonyXrWjhAnM-k2F7SLK0BLkncH59qhqOaNxIlrJWo-hYNJSsDGWuV5nwo49KtQSop8rz-AiC_4V-5qHIWl-DyaMOlUq8aKrUasXa21qyXWYsg62CSSU4rWncS7OvA9EOEBmahpXsG8_yoSHRtRH7T-w2d-ET6PnoNjwNGp63XbHo0p8ljiA41fZBLdXFAlvarn03HnLe-2qoUP8WukwjxtcSs5cZDA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 2698
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maggotpolity.com/43/b5/8a/43b58a7e20ba103896d1ca7b38924106.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 maggotpolity.com/43/b5/8a/43b58a7e20ba103896d1ca7b38924106.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37113), with no line terminators
Hash 4a54ba7da6e64435b0fb969da945f442
bb7ebdffe6cd68933000247d16fc8473e84f4bf1
15b352ea42a9e4ced9d26fdb9bf9c0d7febbb262265d8da143d7e78fcd803ddd
GET /43/b5/8a/43b58a7e20ba103896d1ca7b38924106.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9e63b9f8d30272474da47b00a676057
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
maggotpolity.com/e2/3d/31/e23d31f9787faf9bc31853ea1fd29172.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 maggotpolity.com/e2/3d/31/e23d31f9787faf9bc31853ea1fd29172.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37113), with no line terminators
Hash 9eb0594dc730542667383bc476a301aa
61bf28870fe66391bbc842164fe63c535efe206b
233067c37a16506f7881492b7069582d6c56644f456245d00d7cb8fed7389af7
GET /e2/3d/31/e23d31f9787faf9bc31853ea1fd29172.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ead1b90247805180bc77e87cecde8c38
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lh3.googleusercontent.com/blogger_img_proxy/AHs97-m7TFdi8Gwp2z-En6Sun9Ke4g1YORC597ddvaSKglq0OhNlrjgJrm4-SNG2-RVjcidvt3wxEcE7xCMd-FUfnUqIB7LEXz9Y-YNiOpvJ1xnqCjrHtaV_z-nhAyjSYTLIm5g9RmalmSAvcoPGPqZkJ8B3_swmkPu9fJA_6qcvt8hMFDN2ita_GrRTHikmUjzMC9l2zhyzSe9vDw=w72-h72-p-k-no-nu
142.250.74.129200 OK 2.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-m7TFdi8Gwp2z-En6Sun9Ke4g1YORC597ddvaSKglq0OhNlrjgJrm4-SNG2-RVjcidvt3wxEcE7xCMd-FUfnUqIB7LEXz9Y-YNiOpvJ1xnqCjrHtaV_z-nhAyjSYTLIm5g9RmalmSAvcoPGPqZkJ8B3_swmkPu9fJA_6qcvt8hMFDN2ita_GrRTHikmUjzMC9l2zhyzSe9vDw=w72-h72-p-k-no-nu
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash f10154177c7fa6bfa0fcadf98105a3fd
ff64aa7fe0ebb6934754e20740877c3e87f97639
378a6f0718fd7ea9575afa408503de688924d167a2d44bd4edd6b017d1363bef
GET /blogger_img_proxy/AHs97-m7TFdi8Gwp2z-En6Sun9Ke4g1YORC597ddvaSKglq0OhNlrjgJrm4-SNG2-RVjcidvt3wxEcE7xCMd-FUfnUqIB7LEXz9Y-YNiOpvJ1xnqCjrHtaV_z-nhAyjSYTLIm5g9RmalmSAvcoPGPqZkJ8B3_swmkPu9fJA_6qcvt8hMFDN2ita_GrRTHikmUjzMC9l2zhyzSe9vDw=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 01 Feb 2023 05:36:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 05:36:52 GMT
server: fife
content-length: 2740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maggotpolity.com/a0/bd/6f/a0bd6f9ca4e263c43ea9cb3677895a19.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 maggotpolity.com/a0/bd/6f/a0bd6f9ca4e263c43ea9cb3677895a19.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60158), with no line terminators
Hash e7b09af9c1023d02992dc95f461dfd6b
571a4a838b68fbc06fcfa0cea426eeec426d4d04
77e83542176fabbedf242cd7bb7ee4f50c0519e9e038af0024dc0dc41adb2c26
GET /a0/bd/6f/a0bd6f9ca4e263c43ea9cb3677895a19.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6007e7f5b69a12a3939f5cc680449ab8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i2.wp.com/www.catholic.org/files/images/media/2013/10/20/1382321065569_700.jpg
192.0.77.2200 OK 60 kB URL HTTP/2 i2.wp.com/www.catholic.org/files/images/media/2013/10/20/1382321065569_700.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x621, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e9572bd391ff6f77361faa5f8b9b0916
c65eeaf6f57f0e9d92cf07b52fbaaa5025f84c71
1e2aa7193a8c6e43cbf9d939f0006461edc6ee1af5ab828e3347079d22236ece
GET /www.catholic.org/files/images/media/2013/10/20/1382321065569_700.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:52 GMT
content-type: image/webp
content-length: 59924
last-modified: Tue, 31 Jan 2023 05:36:52 GMT
expires: Thu, 30 Jan 2025 17:36:52 GMT
cache-control: public, max-age=63115200
link: <http://www.catholic.org/files/images/media/2013/10/20/1382321065569_700.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a2c7e4fc5a14bfd5"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
maggotpolity.com/a0/bd/6f/a0bd6f9ca4e263c43ea9cb3677895a19.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 maggotpolity.com/a0/bd/6f/a0bd6f9ca4e263c43ea9cb3677895a19.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60182), with no line terminators
Hash a7fd2384c0de5561c47e6d7a14766680
95f6b16f1054903c581323a494b21d933643afba
82a41c9b358749f51d60580b25dafd9f7a7582513c85d17d7b18a605c4938409
GET /a0/bd/6f/a0bd6f9ca4e263c43ea9cb3677895a19.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4e7bbb0bbd556406d126937b7dc3dfe6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.googleapis.com/css?family=Fjalla+One
142.250.74.74200 OK 843 B URL HTTP/2 fonts.googleapis.com/css?family=Fjalla+One
IP 142.250.74.74:0
Hash 21b177d491dfa506f67f2450020df284
e7250245beb9084a7fc87c3f3a3de28721a555c8
b31c2fcd454586aaecf603afb7e9c2f070f5e9eb1a6da2b5c7257513fb8fb5f2
GET /css?family=Fjalla+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 05:36:52 GMT
date: Tue, 31 Jan 2023 05:36:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16588, version 1.0\012- data
Hash 6a93e73463e9f1b7c7b41c52c93843c5
48d5ed2bcc9c9c5c4182ae8957e5cef207cdfcbc
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
GET /s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:06:43 GMT
expires: Sat, 27 Jan 2024 18:06:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:38:59 GMT
content-type: font/woff2
age: 300610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash faf1d8a7f1edd1251b55117f41d77161
7e6b55f7968cc7381b7aa4deeed12d2692f135a2
8c27b658d2267f2dd6d138e17751edaec11d04c9e0f6015212dd92fb583533bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119034
Date: Tue, 31 Jan 2023 05:36:53 GMT
Etag: "63d7c69b-1d7"
Expires: Wed, 01 Feb 2023 14:40:47 GMT
Last-Modified: Mon, 30 Jan 2023 13:31:07 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YSICiuVtaurDIr5REqEaa2x2NTmwvdEAcLrWf8dwXEYpAfm9MZ4kvg==
Age: 4180
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
104.18.10.207200 OK 44 kB URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
IP 104.18.10.207:0
File type Web Open Font Format, TrueType, length 44432, version 1.0\012- data
Hash 3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
GET /font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 05:36:53 GMT
content-type: font/woff
content-length: 44432
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "3293616ec0c605c7c2db25829a0a509e"
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 01/04/2023 08:53:03
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1076
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7f55330071327ddec16b67c337fc06ab
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7920179baf11b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maggotpolity.com/b6e13ade7de3ab8cb99c63fb6c3a1791/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 maggotpolity.com/b6e13ade7de3ab8cb99c63fb6c3a1791/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
GET /b6e13ade7de3ab8cb99c63fb6c3a1791/invoke.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5acb3277946984ee0aab47c44b4aa0a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 0f4bbad275f9b6043fdac7f70c114785
a3c5e8c2639171eebc0c333d59dcfbe7826f47fa
48098f631efc1edb045dbb71b80f541a8948b65d3206b7f4a8f2e4d7a874e594
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 05:36:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://christianeka-images.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=20ef6275-5327-48cb-99c7-3447912dda7e:3:1; expires=Fri, 28 Jan 2033 05:36:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash faf1d8a7f1edd1251b55117f41d77161
7e6b55f7968cc7381b7aa4deeed12d2692f135a2
8c27b658d2267f2dd6d138e17751edaec11d04c9e0f6015212dd92fb583533bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119364
Date: Tue, 31 Jan 2023 05:36:53 GMT
Etag: "63d7c69b-1d7"
Expires: Wed, 01 Feb 2023 14:46:17 GMT
Last-Modified: Mon, 30 Jan 2023 13:31:07 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AQ9reqYNNPsC0oNd1fCYN7gSIZ0v307VJ9fRvIKTSP7NLPaRcIeYsw==
Age: 4510
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 0f4bbad275f9b6043fdac7f70c114785
a3c5e8c2639171eebc0c333d59dcfbe7826f47fa
48098f631efc1edb045dbb71b80f541a8948b65d3206b7f4a8f2e4d7a874e594
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Cookie: uid_id2=20ef6275-5327-48cb-99c7-3447912dda7e:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 05:36:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://christianeka-images.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 9c6ebc28671c4902b7f9ddffd89b8abc
4a14a06de11f0e015c2dcc9d894fd8a80813d0f6
69d12aa82b20dd7b4da84f4136ef1313eb81100a0747acef7aa96f45ac90485d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 05:36:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://christianeka-images.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=d2023420-c13b-4a95-a1fa-9e54e759023c:1:1; expires=Fri, 28 Jan 2033 05:36:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
fonts.gstatic.com/s/biryani/v13/hv-WlzNxIFoO84YdfUsTPA.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/biryani/v13/hv-WlzNxIFoO84YdfUsTPA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14100, version 1.0\012- data
Hash 2b7f18361ed3731d7236d0b01b811baa
8d36e643abc8abceafce25f27f95feb9513424f0
e8a3408ff569d96ac3050903b7c31d3f7be82c30c89faa951f14d82606e02f66
GET /s/biryani/v13/hv-WlzNxIFoO84YdfUsTPA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 04:02:13 GMT
expires: Sat, 27 Jan 2024 04:02:13 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:11:15 GMT
content-type: font/woff2
age: 351280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 113693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6f46e1baf9dedd28355ec6685555e69f
2e3455055e40681fb121edfc01a0c0c435a722bb
7bcc07a6a58d8c8f475dcee1aaa1213da805025827a5c0f696fe24a091ee9865
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BCC07A6A58D8C8F475DCEE1AAA1213DA805025827A5C0F696FE24A091EE9865"
Last-Modified: Sun, 29 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5842
Expires: Tue, 31 Jan 2023 07:14:15 GMT
Date: Tue, 31 Jan 2023 05:36:53 GMT
Connection: keep-alive
nudgeworry.com/pixel/purst?dl=0&th=0&sc=0&rs=2697&rd=2697&fd=1094&bv=22.10.v.9&tmpl=70
173.233.137.60200 OK 0 B URL HTTP/1.1 nudgeworry.com/pixel/purst?dl=0&th=0&sc=0&rs=2697&rd=2697&fd=1094&bv=22.10.v.9&tmpl=70
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2697&rd=2697&fd=1094&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
peevishchasingstir.com/pixel/purst?dl=0&th=0&sc=0&rs=2697&rd=2697&fd=1094&bv=22.10.v.9&tmpl=70
173.233.137.52200 OK 0 B URL HTTP/1.1 peevishchasingstir.com/pixel/purst?dl=0&th=0&sc=0&rs=2697&rd=2697&fd=1094&bv=22.10.v.9&tmpl=70
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2697&rd=2697&fd=1094&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: peevishchasingstir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
i2.wp.com/www.wikihow.com/images/1/1e/Delete-Comments-or-Posts-on-Facebook-on-the-Facebook-App-Step-10.jpg
192.0.77.2200 OK 74 kB URL HTTP/2 i2.wp.com/www.wikihow.com/images/1/1e/Delete-Comments-or-Posts-on-Facebook-on-the-Facebook-App-Step-10.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 3200x2400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 324c8ea345017604a9836d35d2997702
fcb83df36dd43fb66266cbe8259a5a25aa379338
e4306a3447c3c6d76e752548cf34d11fc6bd0cd4ad359e102b6b3edb85c41199
GET /www.wikihow.com/images/1/1e/Delete-Comments-or-Posts-on-Facebook-on-the-Facebook-App-Step-10.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:53 GMT
content-type: image/webp
content-length: 73856
last-modified: Tue, 31 Jan 2023 05:36:53 GMT
expires: Thu, 30 Jan 2025 17:36:53 GMT
cache-control: public, max-age=63115200
link: <http://www.wikihow.com/images/1/1e/Delete-Comments-or-Posts-on-Facebook-on-the-Facebook-App-Step-10.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "88dbc9354934b21e"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 98988bf41d6e5621fe9fa4b297e6930d
0a68688e2c01871e50f8a00de4e3f898d00b3b0c
3e4c5b82b3defb517e4843aed4fcea094a354a2c6a4576bead832cb5bf6cde2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E4C5B82B3DEFB517E4843AED4FCEA094A354A2C6A4576BEAD832CB5BF6CDE2C"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3638
Expires: Tue, 31 Jan 2023 06:37:31 GMT
Date: Tue, 31 Jan 2023 05:36:53 GMT
Connection: keep-alive
maggotpolity.com/131385f4c661cfce80f524d711e10d79/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 maggotpolity.com/131385f4c661cfce80f524d711e10d79/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
GET /131385f4c661cfce80f524d711e10d79/invoke.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: acdc83017b589d18c4d9ec3c5b8e45d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplaycontent.com/watch.319431897739.js?key=b6e13ade7de3ab8cb99c63fb6c3a1791&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.319431897739.js?key=b6e13ade7de3ab8cb99c63fb6c3a1791&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.319431897739.js?key=b6e13ade7de3ab8cb99c63fb6c3a1791&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 05:36:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://christianeka-images.blogspot.com
Access-Control-Allow-Origin: https://christianeka-images.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.319431897739.js?key=b6e13ade7de3ab8cb99c63fb6c3a1791&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1&shu=4bc130bf5df6c5556134fbdd927b57f5f17e066ed8787af1042ac0cbdd2326010faf151e29370d3ca1bb587098138f8b8697cba9617c43150465c8079857bb0ad0a94076fc59746d36fd715fa8c933b9d53ace5b&pst=1675143474&rmtc=t
Set-Cookie: u_pl=14575066; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTA2NiwiayI6ImI2ZTEzYWRlN2RlM2FiOGNiOTljNjNmYjZjM2ExNzkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDU5OTgsInBpZCI6ODAxNDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjMsInB0Ijo0LCJwayI6Imp6MjNlNGpnenIiLCJjcGtzIjp7ICI0NyI6ImViODE5ZDRiODM5NWJhOGI4YTQ4YjY5YTU0ZGUzNjU2In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2NocmlzdGlhbmVrYS1pbWFnZXMuYmxvZ3Nwb3QuY29tLyJ9fQ.x3rvQVa4GMxazT7DMH6s6SsH0nFON9QLYXEyWB-03Qs; expires=Tue, 31 Jan 2023 05:37:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 01c6a6e35b736533cefcd648cad03fdb
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.2200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.2:0
Hash d0360ff032091f5b24fb22cdc84a6890
76140dbc7eb007f3ec7995d88e7491ebebcf159c
29ea95cbc925c4afd08a2d36d812406c2a0172e0bb2703fce7a76749667472d7
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:28:35 GMT
expires: Tue, 14 Feb 2023 04:28:35 GMT
cache-control: public, max-age=1209600
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
age: 4099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/watch.158130614261.js?key=131385f4c661cfce80f524d711e10d79&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.158130614261.js?key=131385f4c661cfce80f524d711e10d79&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.158130614261.js?key=131385f4c661cfce80f524d711e10d79&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://christianeka-images.blogspot.com
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 05:36:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://christianeka-images.blogspot.com
Access-Control-Allow-Origin: https://christianeka-images.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.158130614261.js?key=131385f4c661cfce80f524d711e10d79&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1&shu=0710f31f3947dadf45af4cb4cbc68158ba6a68fcbc0f1c27394d8a7e78eca85b6a8e18bee13fa591aa09de144bc1a4e54ff4f091bda0cd4bd9b592d694260a339f8c1ba4f434246fa1f8d4d08ca32f7a0f80e0&pst=1675143474&rmtc=t
Set-Cookie: u_pl=14575068; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTA2OCwiayI6IjEzMTM4NWY0YzY2MWNmY2U4MGY1MjRkNzExZTEwZDc5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDU5OTgsInBpZCI6ODAxNDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjUsInB0Ijo0LCJwayI6Iml4OTA5eTkzdWkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jaHJpc3RpYW5la2EtaW1hZ2VzLmJsb2dzcG90LmNvbS8ifX0.ZQw9hzWKMxWnfyoOQCeSSbVlsyskt3IeS00Y8eodS3s; expires=Tue, 31 Jan 2023 05:37:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 06962576111247b999786eb3c6efc5cd
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fba2578a219c482ced81e299d0da0061
059d2a565118457c53f655c7c4e3faaa9ac0fc41
e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11679
Expires: Tue, 31 Jan 2023 08:51:33 GMT
Date: Tue, 31 Jan 2023 05:36:54 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fba2578a219c482ced81e299d0da0061
059d2a565118457c53f655c7c4e3faaa9ac0fc41
e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11679
Expires: Tue, 31 Jan 2023 08:51:33 GMT
Date: Tue, 31 Jan 2023 05:36:54 GMT
Connection: keep-alive
www.profitabledisplaycontent.com/watch.319431897739.js?key=b6e13ade7de3ab8cb99c63fb6c3a1791&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1&shu=4bc130bf5df6c5556134fbdd927b57f5f17e066ed8787af1042ac0cbdd2326010faf151e29370d3ca1bb587098138f8b8697cba9617c43150465c8079857bb0ad0a94076fc59746d36fd715fa8c933b9d53ace5b&pst=1675143474&rmtc=t
192.243.59.13200 OK 634 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.319431897739.js?key=b6e13ade7de3ab8cb99c63fb6c3a1791&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1&shu=4bc130bf5df6c5556134fbdd927b57f5f17e066ed8787af1042ac0cbdd2326010faf151e29370d3ca1bb587098138f8b8697cba9617c43150465c8079857bb0ad0a94076fc59746d36fd715fa8c933b9d53ace5b&pst=1675143474&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash e779ab3944a275474a29fde167acd51f
9280b4d077d83ce2bf7565c27f644558a506e002
365c3efae61f39f45ecc201d25df87d95f729a2f89d4963a4c273c8a03db5b77
GET /watch.319431897739.js?key=b6e13ade7de3ab8cb99c63fb6c3a1791&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1&shu=4bc130bf5df6c5556134fbdd927b57f5f17e066ed8787af1042ac0cbdd2326010faf151e29370d3ca1bb587098138f8b8697cba9617c43150465c8079857bb0ad0a94076fc59746d36fd715fa8c933b9d53ace5b&pst=1675143474&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://christianeka-images.blogspot.com
Referer: https://christianeka-images.blogspot.com/
Connection: keep-alive
Cookie: u_pl=14575066; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTA2NiwiayI6ImI2ZTEzYWRlN2RlM2FiOGNiOTljNjNmYjZjM2ExNzkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDU5OTgsInBpZCI6ODAxNDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjMsInB0Ijo0LCJwayI6Imp6MjNlNGpnenIiLCJjcGtzIjp7ICI0NyI6ImViODE5ZDRiODM5NWJhOGI4YTQ4YjY5YTU0ZGUzNjU2In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2NocmlzdGlhbmVrYS1pbWFnZXMuYmxvZ3Nwb3QuY29tLyJ9fQ.x3rvQVa4GMxazT7DMH6s6SsH0nFON9QLYXEyWB-03Qs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 05:36:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://christianeka-images.blogspot.com
Access-Control-Allow-Origin: https://christianeka-images.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=20ef6275-5327-48cb-99c7-3447912dda7e:3:1; expires=Tue, 07 Feb 2023 05:36:54 GMT; secure; SameSite=None
iprc7aeadc2cc63caf62fa18a8b33f1b2a66=2717343; expires=Wed, 01 Feb 2023 07:36:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
uncs=1; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 027c5a8e540c2e0a10f82a1092a49afa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fba2578a219c482ced81e299d0da0061
059d2a565118457c53f655c7c4e3faaa9ac0fc41
e94e09d0cc3d1767f4bfdb420aa7bb2be731d6427cd67980838959de3b2b2648
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E94E09D0CC3D1767F4BFDB420AA7BB2BE731D6427CD67980838959DE3B2B2648"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11679
Expires: Tue, 31 Jan 2023 08:51:33 GMT
Date: Tue, 31 Jan 2023 05:36:54 GMT
Connection: keep-alive
www.profitabledisplaycontent.com/watch.158130614261?key=131385f4c661cfce80f524d711e10d79&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1
192.243.59.13200 OK 1.2 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.158130614261?key=131385f4c661cfce80f524d711e10d79&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (427)
Hash 3d3c18a7531c57203a11305ecaf8f7bf
70373743dfe30fb05ed6051960c874d1a7380878
e71a9235a083924eae7237916c5c6067282955dec94fd671e83d980dc4061c3e
GET /watch.158130614261?key=131385f4c661cfce80f524d711e10d79&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Cookie: u_pl=14575068; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTA2OCwiayI6IjEzMTM4NWY0YzY2MWNmY2U4MGY1MjRkNzExZTEwZDc5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDU5OTgsInBpZCI6ODAxNDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjUsInB0Ijo0LCJwayI6Iml4OTA5eTkzdWkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jaHJpc3RpYW5la2EtaW1hZ2VzLmJsb2dzcG90LmNvbS8ifX0.ZQw9hzWKMxWnfyoOQCeSSbVlsyskt3IeS00Y8eodS3s; uid_id2=20ef6275-5327-48cb-99c7-3447912dda7e:3:1; iprc7aeadc2cc63caf62fa18a8b33f1b2a66=2717343; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 05:36:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTA2OCwiayI6IjEzMTM4NWY0YzY2MWNmY2U4MGY1MjRkNzExZTEwZDc5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDU5OTgsInBpZCI6ODAxNDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjUsInB0Ijo0LCJwayI6Iml4OTA5eTkzdWkiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vY2hyaXN0aWFuZWthLWltYWdlcy5ibG9nc3BvdC5jb20vIn19.BTQB7ujDY8DllBuj0BrC-G2F0Q8sk98sWx-WkNFicGk; expires=Tue, 31 Jan 2023 05:37:54 GMT; secure; SameSite=None
uid_id2=20ef6275-5327-48cb-99c7-3447912dda7e:3:1; expires=Tue, 07 Feb 2023 05:36:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bfc09f178fa36e7cfbc6155b0675e148
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9ca371a18b1afacc82e035f41dc2b86
8b4a87be43183e4f89e19ecac344915d60574950
8ac3da2f8ce052a3d27fee0dccc5712a55e917f9de8daff8db891d50249aba90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AC3DA2F8CE052A3D27FEE0DCCC5712A55E917F9DE8DAFF8DB891D50249ABA90"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4364
Expires: Tue, 31 Jan 2023 06:49:38 GMT
Date: Tue, 31 Jan 2023 05:36:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e503e546751a5aef6c70e3912d29a57b
f96cd2d9795b1c7b081c256203e28098c1bd7a15
e3255438fccbf3b2b4ff44362939ce585a85decea89cae33a9802c28a0cbead2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3255438FCCBF3B2B4FF44362939CE585A85DECEA89CAE33A9802C28A0CBEAD2"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3143
Expires: Tue, 31 Jan 2023 06:29:17 GMT
Date: Tue, 31 Jan 2023 05:36:54 GMT
Connection: keep-alive
www.profitabledisplaycontent.com/watch.158130614261?shu=42000d24ea33cbf3ce4a97f1fdd19de40529c4a98cbd4084f78d2b0387e849f99c1b8a6fbbf17f31bfc22411c68b1b5e017c2532cefeb32be9250adfca7cba542639935d2cced42dc1dbdad4e60dbec739a5cc6f&pst=1675143474&rmtc=t&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1&pii=&in=false&key=131385f4c661cfce80f524d711e10d79&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&kw=%5B%22christianeka-images%22%5D
192.243.59.13200 OK 1.8 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.158130614261?shu=42000d24ea33cbf3ce4a97f1fdd19de40529c4a98cbd4084f78d2b0387e849f99c1b8a6fbbf17f31bfc22411c68b1b5e017c2532cefeb32be9250adfca7cba542639935d2cced42dc1dbdad4e60dbec739a5cc6f&pst=1675143474&rmtc=t&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1&pii=&in=false&key=131385f4c661cfce80f524d711e10d79&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&kw=%5B%22christianeka-images%22%5D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2444)
Hash 39fe2876e198924a94877d9097f16c79
458fbd714ecf037772c6d6a3766b8352d2e2d5b6
e438c1fbfe1430b5f4502e242cc6a2043d3b1ac9136d40b2e5061f7543ed08de
GET /watch.158130614261?shu=42000d24ea33cbf3ce4a97f1fdd19de40529c4a98cbd4084f78d2b0387e849f99c1b8a6fbbf17f31bfc22411c68b1b5e017c2532cefeb32be9250adfca7cba542639935d2cced42dc1dbdad4e60dbec739a5cc6f&pst=1675143474&rmtc=t&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1&pii=&in=false&key=131385f4c661cfce80f524d711e10d79&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&kw=%5B%22christianeka-images%22%5D HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplaycontent.com/watch.158130614261?key=131385f4c661cfce80f524d711e10d79&kw=%5B%22christianeka-images%22%5D&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=20ef6275-5327-48cb-99c7-3447912dda7e%3A3%3A1
Cookie: u_pl=14575068; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTA2OCwiayI6IjEzMTM4NWY0YzY2MWNmY2U4MGY1MjRkNzExZTEwZDc5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDU5OTgsInBpZCI6ODAxNDcsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjUsInB0Ijo0LCJwayI6Iml4OTA5eTkzdWkiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vY2hyaXN0aWFuZWthLWltYWdlcy5ibG9nc3BvdC5jb20vIn19.BTQB7ujDY8DllBuj0BrC-G2F0Q8sk98sWx-WkNFicGk; uid_id2=20ef6275-5327-48cb-99c7-3447912dda7e:3:1; iprc7aeadc2cc63caf62fa18a8b33f1b2a66=2717343; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 31 Jan 2023 05:36:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://christianeka-images.blogspot.com/
Access-Control-Allow-Origin: https://christianeka-images.blogspot.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=20ef6275-5327-48cb-99c7-3447912dda7e:3:1; expires=Tue, 07 Feb 2023 05:36:54 GMT; secure; SameSite=None
uncs=2; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
pdhtkv25=true; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
uncs25=1; expires=Wed, 01 Feb 2023 05:36:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7dd3bb63cc9ef39f36af6c71661e821d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14575066
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14575066
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 828e7d765f0efb6803b05aaf755616a8
ef54cabbbc687d228afd4d80745c0602101af441
cda1827381049df18ebd6060172950f051039540b09945ae7339e1d9e176255e
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14575066 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Cookie: u_pl=16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ1NzUwNjYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vY2hyaXN0aWFuZWthLWltYWdlcy5ibG9nc3BvdC5jb20vIn19.lYhSbn74m7arvKJnevJNRHVwbo57OSTdHhgg8dzwkjY; expires=Tue, 31 Jan 2023 05:37:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3ed5ce7f9a8aada3a5b318a8fef9a053
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62452129bb8dec065bf82af1cd2325a0
9b32f067ac26364f2cd578bcdd40c50d18fd03d7
0d2f762553a22b9679301179d107a4a8f2e01efd82c6f432a806d4810481a08c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D2F762553A22B9679301179D107A4A8F2E01EFD82C6F432A806D4810481A08C"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7466
Expires: Tue, 31 Jan 2023 07:41:20 GMT
Date: Tue, 31 Jan 2023 05:36:54 GMT
Connection: keep-alive
jennyvisits.com/dyfc1k09?shu=e45b14a396d8ae0d51d8a1178ec6471d197ab9be98b153fc07589f31930f8bfc1fd30e1af8e0090bdfc1510e35dfd35231ec867ec131d50945aa80cc04e3e81b598c83af958fafe7d5c7ead58a5ec690e5ee06fd1d93e78d01340385198bb5f2&pst=1675143474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&psid=14575066
173.233.139.164302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=e45b14a396d8ae0d51d8a1178ec6471d197ab9be98b153fc07589f31930f8bfc1fd30e1af8e0090bdfc1510e35dfd35231ec867ec131d50945aa80cc04e3e81b598c83af958fafe7d5c7ead58a5ec690e5ee06fd1d93e78d01340385198bb5f2&pst=1675143474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&psid=14575066
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=e45b14a396d8ae0d51d8a1178ec6471d197ab9be98b153fc07589f31930f8bfc1fd30e1af8e0090bdfc1510e35dfd35231ec867ec131d50945aa80cc04e3e81b598c83af958fafe7d5c7ead58a5ec690e5ee06fd1d93e78d01340385198bb5f2&pst=1675143474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fchristianeka-images.blogspot.com%2F&psid=14575066 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQ1NzUwNjYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vY2hyaXN0aWFuZWthLWltYWdlcy5ibG9nc3BvdC5jb20vIn19.lYhSbn74m7arvKJnevJNRHVwbo57OSTdHhgg8dzwkjY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Tue, 31 Jan 2023 05:36:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://orest-vlv.com/zcvisitor/457770a2-a129-11ed-af75-12a0f196700f/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=484dcef0-98c9-11ec-814f-12beee04f19b
Set-Cookie: uncs=2; expires=Wed, 01 Feb 2023 05:36:55 GMT
uncs28=2; expires=Wed, 01 Feb 2023 05:36:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e9d846ccbf29c9c6973a7e8a27598d1
Strict-Transport-Security: max-age=0; includeSubdomains
orest-vlv.com/zcvisitor/457770a2-a129-11ed-af75-12a0f196700f/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=484dcef0-98c9-11ec-814f-12beee04f19b
52.7.54.238302 0 B URL HTTP/1.1 orest-vlv.com/zcvisitor/457770a2-a129-11ed-af75-12a0f196700f/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=484dcef0-98c9-11ec-814f-12beee04f19b
IP 52.7.54.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/457770a2-a129-11ed-af75-12a0f196700f/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=484dcef0-98c9-11ec-814f-12beee04f19b HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Tue, 31 Jan 2023 05:36:55 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://geotrkclknow.com/rot/ZrYlOOwRni7p0sNB
Server: AreMLQJM
ocsp.pki.goog/s/gts1p5/_jvK7pzkejU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/_jvK7pzkejU
IP 142.250.74.131:0
Hash 6de711c628466814d750b55d595d1f40
af5da1b90035d22c94b83f03d81272080c4e50b3
8e0a7582c322979065acec91d090b25c4a15ff4aceda814e9e12f091fe218e3a
POST /s/gts1p5/_jvK7pzkejU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
geotrkclknow.com/rot/ZrYlOOwRni7p0sNB
172.67.161.46302 Found 897 B URL HTTP/2 geotrkclknow.com/rot/ZrYlOOwRni7p0sNB
IP 172.67.161.46:0
Hash b26833b6806e2eca99ad03462b8998ac
ba7f702efc9312016dae7a46d590c5cf174e3d35
4c092d8bb4a37a5d6e66a0758ff91829304add65c6c81795028163374a087e2a
GET /rot/ZrYlOOwRni7p0sNB HTTP/1.1
Host: geotrkclknow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 31 Jan 2023 05:36:55 GMT
content-type: text/html; charset=UTF-8
location: https://akapdby.com/click?trvid=24163
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlmjHR5VkV%2BN3F9EelY9ONh9IhoQywDQbajjHvIFE%2FboU0b5pi8GF24y0AcxD7OAe43AQrvSqsdUeSuV4yWo47vLKhi89jQcVFTLBYld6mAFfZHWpc8GWNJtljfhCFGJ6k7T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792017ab7bd21bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/_jvK7pzkejU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/_jvK7pzkejU
IP 142.250.74.131:0
Hash 6de711c628466814d750b55d595d1f40
af5da1b90035d22c94b83f03d81272080c4e50b3
8e0a7582c322979065acec91d090b25c4a15ff4aceda814e9e12f091fe218e3a
POST /s/gts1p5/_jvK7pzkejU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
akapdby.com/click?trvid=24163
3.126.48.135200 OK 284 B URL HTTP/2 akapdby.com/click?trvid=24163
IP 3.126.48.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a456e766a0ce67add02916f31742f995
cd625a94a74ee830b16ea8aefd620b82d741f3dd
66d37bcfba5ad3ae53ffee84eab3da70f590656a6c900974f3cd47970a97d2ec
GET /click?trvid=24163 HTTP/1.1
Host: akapdby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:56 GMT
content-type: text/html; charset=utf-8
content-length: 284
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.166.29200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.166.29:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 42edcc770841c725419ec1fd8d810bab
a8dc3a092ad1c66c0f784f49ed8df43a861ad674
19f3b931e3a03ae79ca9129c7ca215c244f017286de9040de52733496a97c497
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 05:36:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2a6339fd91cfdba346c9f2cb2721c33d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 31 Jan 2023 05:36:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zucrtJqaJReI8cfvpctr0tgAi0XcH%2FLyF7IyQEVX5ISKkSRrsYSPacAXL84QxNzAdQUMNTikg9QU56BlK%2B1VzUyjhtg5JAtNOIHBAxY07OQsLqgrG5LbxR4nSORApsMgoio30WE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792017a3387188a4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
akapdby.com/click?trvid=24163&trvjs=t
3.126.48.135200 OK 1.0 kB URL HTTP/2 akapdby.com/click?trvid=24163&trvjs=t
IP 3.126.48.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (306)
Hash db3c65b902508ee201b864e62bf4c24f
6ddc8559980b63f41807b9271bec7268cdda2ff5
96a3c3cf522dda5bec66cb5f3293a2547a25cdbdc35aa6e4636660ce08021462
GET /click?trvid=24163&trvjs=t HTTP/1.1
Host: akapdby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://akapdby.com/click?trvid=24163
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:56 GMT
content-type: text/html; charset=utf-8
content-length: 1001
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
set-cookie: ClickDataNG=H4sIAAAAAAAA_1xTXU_jOhD9K9E83StFqV2aQI0qBEX36kpQrgQsL_vi2tPWW9eOxnZoF_jvKyddqPYlysw5mTMfJ2_QIQXjHQjgFasYlBAPLYJgJYS0fPr9rrzrkCJqECtpA5agrFHb_3T-EHFzfpYM2-44lKBlRBC8Oa_55GzCmxKU3LXSrF1mjye8OSvBhPn_15-1yEcZje8Jkwtel0DJYo5YCYTaEKp4j3HjNYi6hOATqR7nFyVY6bRx6yP9GD2TBQFQgl-tkDLWTOumhCVJpzZHbo8NzE2MbRCjUWdaDNEThkr53cgatw1XRodZXdfT74mxcRPS0ujZH1MrH-Kx3Q5dGrbWyoNP8UtqnojQqQMIeH68hRISmRNtuZWtXh564X69V5E6o2f9zgbtSN2PMItQgmmvtSYMAQRMeTVl1WRc8XpyCjXDClJAul6jiyDg3v801spRXbHirxfjtH8NxeKp4Kxil8WLcc3kstjnB3WCs7pifxf_otr60ZhxxjjjxT-GcOX3ox6FPPEKCQkEnAyQjYCdUfhpIZ87PSrmu4RvX9bLZZbkX0Nf5ijwWeKGpNPDKEPi3mu0p4mF3OEQq0EP5nJpcXT7eJf3EVoQcGPNvnj0NmWnhf5kyUXKx1g89GOsh24WD-_vD8H6Yp4Jh8w08XACQL4soYvzfKSjzcisjbtrT1KRpAtSDcYOIFyytgSVQvQ7EG-A-4jkpO1_Ivj4-BUAAP__bPC_TY0DAAA=; Expires=Thu, 02 Mar 2023 05:36:56 GMT; SameSite=None; Secure
ClickDataNgFall=H4sIAAAAAAAA_1xTXU_jOhD9K9E83StFqV2aQI0qBEX36kpQrgQsL_vi2tPWW9eOxnZoF_jvKyddqPYlysw5mTMfJ2_QIQXjHQjgFasYlBAPLYJgJYS0fPr9rrzrkCJqECtpA5agrFHb_3T-EHFzfpYM2-44lKBlRBC8Oa_55GzCmxKU3LXSrF1mjye8OSvBhPn_15-1yEcZje8Jkwtel0DJYo5YCYTaEKp4j3HjNYi6hOATqR7nFyVY6bRx6yP9GD2TBQFQgl-tkDLWTOumhCVJpzZHbo8NzE2MbRCjUWdaDNEThkr53cgatw1XRodZXdfT74mxcRPS0ujZH1MrH-Kx3Q5dGrbWyoNP8UtqnojQqQMIeH68hRISmRNtuZWtXh564X69V5E6o2f9zgbtSN2PMItQgmmvtSYMAQRMeTVl1WRc8XpyCjXDClJAul6jiyDg3v801spRXbHirxfjtH8NxeKp4Kxil8WLcc3kstjnB3WCs7pifxf_otr60ZhxxjjjxT-GcOX3ox6FPPEKCQkEnAyQjYCdUfhpIZ87PSrmu4RvX9bLZZbkX0Nf5ijwWeKGpNPDKEPi3mu0p4mF3OEQq0EP5nJpcXT7eJf3EVoQcGPNvnj0NmWnhf5kyUXKx1g89GOsh24WD-_vD8H6Yp4Jh8w08XACQL4soYvzfKSjzcisjbtrT1KRpAtSDcYOIFyytgSVQvQ7EG-A-4jkpO1_Ivj4-BUAAP__bPC_TY0DAAA=; Expires=Thu, 02 Mar 2023 05:36:56 GMT
X-Firefox-Spdy: h2
akapdby.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkcz01NTU5XHUwMDI2c3ViaWQ9MWVlaDczdWkwa20xIiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ==
3.126.48.135200 OK 636 B URL HTTP/2 akapdby.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkcz01NTU5XHUwMDI2c3ViaWQ9MWVlaDczdWkwa20xIiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ==
IP 3.126.48.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0a5b5e1a590eb77af1c58a09da302208
4bb523d7abcfb300cf0c75f060277fce45e2bf27
0a1ceae9c2c542fb22f7473dca07489736aea3e5452afe2a7c2595c82b9231e4
GET /double?t=2&d=eyJVUkwiOiJodHRwczovL3ZpcGVzdG9yZXMuY29tL2xpbmtzP2lkcz01NTU5XHUwMDI2c3ViaWQ9MWVlaDczdWkwa20xIiwiUmVkaXJlY3RXb3JkaW5nIjoiICIsIlJlZGlyZWN0VGl0bGUiOiJSZWRpcmVjdGlvbi4uLiIsIlJlZGlyZWN0TGlua1RleHQiOiIgIiwiSW5zdGFsbElkIjoyMDAxfQ== HTTP/1.1
Host: akapdby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ClickDataNG=H4sIAAAAAAAA_1xTXU_jOhD9K9E83StFqV2aQI0qBEX36kpQrgQsL_vi2tPWW9eOxnZoF_jvKyddqPYlysw5mTMfJ2_QIQXjHQjgFasYlBAPLYJgJYS0fPr9rrzrkCJqECtpA5agrFHb_3T-EHFzfpYM2-44lKBlRBC8Oa_55GzCmxKU3LXSrF1mjye8OSvBhPn_15-1yEcZje8Jkwtel0DJYo5YCYTaEKp4j3HjNYi6hOATqR7nFyVY6bRx6yP9GD2TBQFQgl-tkDLWTOumhCVJpzZHbo8NzE2MbRCjUWdaDNEThkr53cgatw1XRodZXdfT74mxcRPS0ujZH1MrH-Kx3Q5dGrbWyoNP8UtqnojQqQMIeH68hRISmRNtuZWtXh564X69V5E6o2f9zgbtSN2PMItQgmmvtSYMAQRMeTVl1WRc8XpyCjXDClJAul6jiyDg3v801spRXbHirxfjtH8NxeKp4Kxil8WLcc3kstjnB3WCs7pifxf_otr60ZhxxjjjxT-GcOX3ox6FPPEKCQkEnAyQjYCdUfhpIZ87PSrmu4RvX9bLZZbkX0Nf5ijwWeKGpNPDKEPi3mu0p4mF3OEQq0EP5nJpcXT7eJf3EVoQcGPNvnj0NmWnhf5kyUXKx1g89GOsh24WD-_vD8H6Yp4Jh8w08XACQL4soYvzfKSjzcisjbtrT1KRpAtSDcYOIFyytgSVQvQ7EG-A-4jkpO1_Ivj4-BUAAP__bPC_TY0DAAA=; ClickDataNgFall=H4sIAAAAAAAA_1xTXU_jOhD9K9E83StFqV2aQI0qBEX36kpQrgQsL_vi2tPWW9eOxnZoF_jvKyddqPYlysw5mTMfJ2_QIQXjHQjgFasYlBAPLYJgJYS0fPr9rrzrkCJqECtpA5agrFHb_3T-EHFzfpYM2-44lKBlRBC8Oa_55GzCmxKU3LXSrF1mjye8OSvBhPn_15-1yEcZje8Jkwtel0DJYo5YCYTaEKp4j3HjNYi6hOATqR7nFyVY6bRx6yP9GD2TBQFQgl-tkDLWTOumhCVJpzZHbo8NzE2MbRCjUWdaDNEThkr53cgatw1XRodZXdfT74mxcRPS0ujZH1MrH-Kx3Q5dGrbWyoNP8UtqnojQqQMIeH68hRISmRNtuZWtXh564X69V5E6o2f9zgbtSN2PMItQgmmvtSYMAQRMeTVl1WRc8XpyCjXDClJAul6jiyDg3v801spRXbHirxfjtH8NxeKp4Kxil8WLcc3kstjnB3WCs7pifxf_otr60ZhxxjjjxT-GcOX3ox6FPPEKCQkEnAyQjYCdUfhpIZ87PSrmu4RvX9bLZZbkX0Nf5ijwWeKGpNPDKEPi3mu0p4mF3OEQq0EP5nJpcXT7eJf3EVoQcGPNvnj0NmWnhf5kyUXKx1g89GOsh24WD-_vD8H6Yp4Jh8w08XACQL4soYvzfKSjzcisjbtrT1KRpAtSDcYOIFyytgSVQvQ7EG-A-4jkpO1_Ivj4-BUAAP__bPC_TY0DAAA=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 05:36:56 GMT
content-type: text/html; charset=utf-8
content-length: 636
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash d714c02328cbcbe224b1527be3150d5b
1aa34d489e1c06bd407f36a1f4e90ea316856f60
93283247fd7c39bc558ac50282b8649e1435252498d785c0e5650de237f1a08e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1464
Cache-Control: max-age=123514
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:57 GMT
Etag: "63d7e2bb-118"
Expires: Wed, 01 Feb 2023 15:55:31 GMT
Last-Modified: Mon, 30 Jan 2023 15:31:07 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash d714c02328cbcbe224b1527be3150d5b
1aa34d489e1c06bd407f36a1f4e90ea316856f60
93283247fd7c39bc558ac50282b8649e1435252498d785c0e5650de237f1a08e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1464
Cache-Control: max-age=123514
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 05:36:57 GMT
Etag: "63d7e2bb-118"
Expires: Wed, 01 Feb 2023 15:55:31 GMT
Last-Modified: Mon, 30 Jan 2023 15:31:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 13d06e06995ab4e19c9692138853bac4
7a880dd95320a84734995969ce6d9d2baf5c5e10
54f9ad30ba5b068c7b527b6c7404cd73aed6d990e92785504f7066175108ca6e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171576
Date: Tue, 31 Jan 2023 05:36:57 GMT
Etag: "63d890ff-1d7"
Expires: Thu, 02 Feb 2023 05:16:33 GMT
Last-Modified: Tue, 31 Jan 2023 03:54:39 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6L3bpYDPmPBTz2KeqGCUmtkw_Z3_sbxgvE80ssjc1OjR94Eq-WWVsw==
Age: 4914
js.mamydirect.com/redir/clickGate.php?u=RGm1L5B5&m=1&p=4a699kWUe0&t=1bYK8dYN&st=&s=1eeh73ui0km1&url=https%3A%2F%2Fwww.scandichotels.no%2F&r=https%3A%2F%2Fwww.vipestores.com%2Fen%2Ftravel%2Fscandichotelsno
54.228.196.69302 Found 20 B URL HTTP/1.1 js.mamydirect.com/redir/clickGate.php?u=RGm1L5B5&m=1&p=4a699kWUe0&t=1bYK8dYN&st=&s=1eeh73ui0km1&url=https%3A%2F%2Fwww.scandichotels.no%2F&r=https%3A%2F%2Fwww.vipestores.com%2Fen%2Ftravel%2Fscandichotelsno
IP 54.228.196.69:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /redir/clickGate.php?u=RGm1L5B5&m=1&p=4a699kWUe0&t=1bYK8dYN&st=&s=1eeh73ui0km1&url=https%3A%2F%2Fwww.scandichotels.no%2F&r=https%3A%2F%2Fwww.vipestores.com%2Fen%2Ftravel%2Fscandichotelsno HTTP/1.1
Host: js.mamydirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipestores.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Jan 2023 05:36:57 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 31 Jan 2023 05:36:57 GMT
Location: https://de.trck.one/redir/clickGate.php?u=RGm1L5B5&m=1&p=4a699kWUe0&t=1bYK8dYN&st=&s=1eeh73ui0km1&url=https%3A%2F%2Fwww.scandichotels.no%2F&r=https%3A%2F%2Fwww.vipestores.com%2Fen%2Ftravel%2Fscandichotelsno
P3P: policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 24f94c495b0b333c1110b357d9501c4a
cd172ef366fab6a50b0135c0d42dadd16d9c6326
f313eed4ad22fdff0bbd3ae57a0681159d4efb5cced59830473369ed33ee5682
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 05:36:57 GMT
Etag: "63d7c964-1d7"
Last-Modified: Tue, 31 Jan 2023 03:57:44 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FV0_rO9N40IQXT9jGdcJMVZHhXjKGl1e82WZz2MSDLybZGJO1F50gw==
Age: 5953
de.trck.one/redir/clickGate.php?u=RGm1L5B5&m=1&p=4a699kWUe0&t=1bYK8dYN&st=&s=1eeh73ui0km1&url=https%3A%2F%2Fwww.scandichotels.no%2F&r=https%3A%2F%2Fwww.vipestores.com%2Fen%2Ftravel%2Fscandichotelsno
3.66.2.151302 Found 0 B URL HTTP/2 de.trck.one/redir/clickGate.php?u=RGm1L5B5&m=1&p=4a699kWUe0&t=1bYK8dYN&st=&s=1eeh73ui0km1&url=https%3A%2F%2Fwww.scandichotels.no%2F&r=https%3A%2F%2Fwww.vipestores.com%2Fen%2Ftravel%2Fscandichotelsno
IP 3.66.2.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redir/clickGate.php?u=RGm1L5B5&m=1&p=4a699kWUe0&t=1bYK8dYN&st=&s=1eeh73ui0km1&url=https%3A%2F%2Fwww.scandichotels.no%2F&r=https%3A%2F%2Fwww.vipestores.com%2Fen%2Ftravel%2Fscandichotelsno HTTP/1.1
Host: de.trck.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vipestores.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 31 Jan 2023 05:36:58 GMT
content-type: text/html; charset=UTF-8
location: https://www.awin1.com/cread.php?awinmid=21887&awinaffid=101248&clickref=3CehRNIREA26waeKVHt1RGL6tGhPojYuQ3lMXYaaVPqcV6&clickref3=mt105330_a108037_p133362_cNO&clickref2=https%3A%2F%2Fvipestores.com%2F
server: nginx
cache-control: no-cache, private
X-Firefox-Spdy: h2
www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
104.84.152.241200 OK 14 kB URL HTTP/2 www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8072)
Hash 5378619bff3318893e6aa75a3ea902b8
7b0c83250d3eda0b60cddb32e44afcb88a70b965
a322fe41f3ebf7739eead5a5b14de878976238529a3c7cf60f5eb8f508b77643
GET /?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vipestores.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
pragma: no-cache
content-type: text/html; charset=utf-8
vary: Accept-Encoding
sh-pagetype: startpage
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
x-akamai-transformed: 9 15455 0 pmb=mTOE,2mRUM,2
content-encoding: gzip
cache-control: no-cache
date: Tue, 31 Jan 2023 05:36:58 GMT
content-length: 14349
set-cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; path=/; secure; HttpOnly
awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; expires=Thu, 02-Mar-2023 05:36:58 GMT; path=/; secure
_abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; Domain=.scandichotels.no; Path=/; Expires=Wed, 31 Jan 2024 05:36:58 GMT; Max-Age=31536000; Secure
ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; Domain=.scandichotels.no; Path=/; Expires=Tue, 31 Jan 2023 07:36:58 GMT; Max-Age=7200; HttpOnly
bm_mi=0AEE31D31313D75274968375167300C1~YAAQ7ZhUaEQncPOFAQAA0BNUBhKPF0PP1pxfimO1wlepdnxyRWf3TxhlqqF++WnaGaFde9rk4r/a9c/RdM4AXL8hJgWxW9xfsgJxcrDR3qDUgFHjNqCcwrZJ5NqKvzwoBTXrHtLLtQiiVzJIFdtVg/32aXiSZcnNZ7aPhqahOeeT0ZN56ZwOLFgiLMdIMf6KHiJt8lWq0b8mt8EsfgKTnOXD4P/ukq5pFrf4IKVtvRTZ0LFd6MaTO386mGa0dA5kEzSdXj0If3Qxw7lRFYu6lL/g9MYrH/uYJymhFFB+4gN1b/PRfOzE/sEEG6RmW1AYw0S4pg==~1; Domain=.scandichotels.no; Path=/; Expires=Tue, 31 Jan 2023 05:36:58 GMT; Max-Age=0; Secure
bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326; Domain=.scandichotels.no; Path=/; Expires=Tue, 31 Jan 2023 09:36:58 GMT; Max-Age=14400
server-timing: cdn-cache; desc=MISS, edge; dur=39, origin; dur=275
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/akam/13/50e43ffb
104.84.152.241200 OK 8.8 kB URL HTTP/2 www.scandichotels.no/akam/13/50e43ffb
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (14360)
Hash d52a451eec2d21026ebeded2fe4ffeb9
940b47d8554a37e8bd44135b6164910987c11fd8
a65501eed9e219cb1904d8f8b78507bba7068fd1610a1a380ecac97812abd83c
GET /akam/13/50e43ffb HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Feb 2022 15:11:00 GMT
etag: "75a350f16afdc2b3570621d1c40483840458afdfde5dfa0f42f2bb318ffad4f6"
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
unused62: 8096267
content-length: 8768
expires: Tue, 31 Jan 2023 05:36:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2
strict-transport-security: max-age=300; includeSubDomains
set-cookie: ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEgncPOFAQAASBRUBhLPGLZtlXVocsSA4ngG9+lGcXa7wvvUCGdw6x5Yfmnov0p2OqXxM4igyACyqkY9wcXjfP3zEZPLwyNk/3v527MxEfuwK2WxpzW1f9ycCcCEchMrk14SKC0gcCq98riJ780OajNAQ0TS9mY1hIpCj/KUIQJLIzX+IZIuT9Qqsj//VQQu303LnQNb5oGO6/1qUQXsGKM39C6RKngBMpX9n7wDAQB57uLOWRHE0nX9e+Z4VTfw13SekYpli2JPvrRaV6e8+EFsHPSHBIemvpmhMeDc5HuU0/IsggBlENY3GKHwIDNlcKMG5TsVj6n7T44fOZT4uIVUoFzNdmG7JzZGD3teMj3HDrwVhErgi7C2H06KqM8/foqr9MS7Zrf0J/mwMGOU+Nq3y7SiyWs0pYsHjgzU+9Zv9VpKjm4uOjMit4IBNfjfIR7sNf3KSjH8Miwe7F84hE+USWG9sFYDezbhg5ZW; Domain=.scandichotels.no; Path=/; Expires=Tue, 31 Jan 2023 07:36:58 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www.scandichotels.no/Static/fonts/roboto/roboto-v20-latin-300.woff2
104.84.152.241200 OK 16 kB URL HTTP/2 www.scandichotels.no/Static/fonts/roboto/roboto-v20-latin-300.woff2
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15784, version 1.0\012- data
Hash ef7c6637c68f269a882e73bcb57a7f6a
65025b0cedc3b795c87ad050443c09081d1a8581
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
GET /Static/fonts/roboto/roboto-v20-latin-300.woff2 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Fri, 02 Dec 2022 14:31:18 GMT
accept-ranges: bytes
etag: "03f7cbd5a6d91:0"
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 15784
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/fonts/roboto/roboto-v20-latin-500.woff2
104.84.152.241200 OK 16 kB URL HTTP/2 www.scandichotels.no/Static/fonts/roboto/roboto-v20-latin-500.woff2
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Hash 020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
GET /Static/fonts/roboto/roboto-v20-latin-500.woff2 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Fri, 02 Dec 2022 14:31:18 GMT
accept-ranges: bytes
etag: "03f7cbd5a6d91:0"
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 15872
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/ta/citiesandhotels-no
104.84.152.241200 OK 19 kB URL HTTP/2 www.scandichotels.no/ta/citiesandhotels-no
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65201), with no line terminators
Hash 6dcd67bc2f3614fea27d481ab0a4b1ca
f75a759952674c2ec9488761eeb69729b5cf71ff
7ce5df6b4ad244d385a47fdb64292708f5ccecfcd09f2e78ba898b9209a9d3a1
GET /ta/citiesandhotels-no HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 19314
cache-control: public, max-age=600
expires: Tue, 31 Jan 2023 05:46:58 GMT
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
set-cookie: bm_sv=6830472800F1DCCAB1E86F72EA68A9D7~YAAQ7ZhUaEkncPOFAQAASRRUBhINQQFj9PpRyxyb5aG84RGSK1zzEZ3jlDBnfRu7LckQ+jOEKYXVUbi4jenchDB9PhLax71pWEwET4LHC/KkZHyguEi1sT+DYahh+nsG/3tyRaRiOD2GiVVGYCOGHR7GYt3ERLWhZc05JID/+z2KP0tu0ikHB+G9dv5bcFinHSh3reFL1hjXKTyR2CON9IHDcHRtYr65hE+kvXGw+HiBQ/+4B6M6TKq6wMbyLcs+hl4UbLc0~1; Domain=.scandichotels.no; Path=/; Expires=Tue, 31 Jan 2023 07:36:58 GMT; Max-Age=7200; Secure
X-Firefox-Spdy: h2
www.scandichotels.no/Static/img/icons/arrows/downInCircle.svg
104.84.152.241200 OK 501 B URL HTTP/2 www.scandichotels.no/Static/img/icons/arrows/downInCircle.svg
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d298cf89abb08c4892e3ebf3c44fb61a
2ac059a027ae3471ac0d79e0ade7a68a218b8d78
ef2ceaf1fb9b259b62de2497aa7e3a72d474a9edf275fcdc96a9ddfc7e353fd5
GET /Static/img/icons/arrows/downInCircle.svg HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
access-control-expose-headers: Request-Context
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: "0c9cbac5a6d91:0"
last-modified: Fri, 16 Dec 2022 05:14:34 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 501
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/img/scandic-logotype.svg
104.84.152.241200 OK 930 B URL HTTP/2 www.scandichotels.no/Static/img/scandic-logotype.svg
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 8e2da771a5b07b3832210194bca04311
ba8cf9c4176a321705ad6f1cd1292b74ed9daccd
a376559ac2105b52a4de9c11ee87896ebe47e2aa5bc3069c4ee2b7e3334b7dc2
GET /Static/img/scandic-logotype.svg HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
access-control-expose-headers: Request-Context
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: "09d9c818f8d81:0"
last-modified: Tue, 03 Jan 2023 00:33:06 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 930
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=4
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/apple-touch-icon-120x120.png
104.84.152.241200 OK 1.5 kB URL HTTP/2 www.scandichotels.no/apple-touch-icon-120x120.png
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ef40b80981a152fcdb686017fe354937
432e60f4b03f9cbd5c62407781a23ccc0fd733ce
d211f52613ef98f5488deb969b6d6fec0b4eff10b790a4bf5f7c5b5463f8ad3e
GET /apple-touch-icon-120x120.png HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Request-Context
etag: "0424b55a6d91:0"
last-modified: Mon, 12 Dec 2022 05:01:16 GMT
content-length: 1490
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Tue, 31 Jan 2023 17:36:58 GMT
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/img/icons/suitcase.svg
104.84.152.241200 OK 464 B URL HTTP/2 www.scandichotels.no/Static/img/icons/suitcase.svg
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (382)
Hash b8267812b10de4976c71ce9ac15a0f9e
07509cbf78b093374e1fe09c6688cee6e7139f74
aa369383d370eaaa8ae7591e8db106e1cf2b31a0e05e940a7cb4c97ee23c9508
GET /Static/img/icons/suitcase.svg HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
access-control-expose-headers: Request-Context
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: "0fbb1c118f8d81:0"
last-modified: Fri, 13 Jan 2023 13:10:35 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 464
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=5
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/fonts/roboto/roboto-v20-latin-regular.woff2
104.84.152.241200 OK 16 kB URL HTTP/2 www.scandichotels.no/Static/fonts/roboto/roboto-v20-latin-regular.woff2
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
GET /Static/fonts/roboto/roboto-v20-latin-regular.woff2 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Fri, 02 Dec 2022 14:31:18 GMT
accept-ranges: bytes
etag: "03f7cbd5a6d91:0"
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 15736
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/dist/css/critical/core.css
104.84.152.241200 OK 12 kB URL HTTP/2 www.scandichotels.no/Static/dist/css/critical/core.css
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash fcb15daf0fec2db9dec7792317449571
656c0c686a2145b7b86a9378db46db6908b70367
27ec2cfa438a15594b4a5d9fe2b43152e947c8651cbc212cde76b462ec5759ca
GET /Static/dist/css/critical/core.css HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-expose-headers: Request-Context
content-encoding: br
content-security-policy: frame-ancestors 'self'
etag: "05db34c3ae8d81:0"
last-modified: Thu, 27 Oct 2022 09:29:10 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:02ea2806-234b-4a2c-96b9-f147b748ca7e
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 12326
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=27
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/fonts/roboto/roboto-v20-latin-700.woff2
104.84.152.241200 OK 16 kB URL HTTP/2 www.scandichotels.no/Static/fonts/roboto/roboto-v20-latin-700.woff2
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
GET /Static/fonts/roboto/roboto-v20-latin-700.woff2 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Mon, 14 Nov 2022 11:04:06 GMT
accept-ranges: bytes
etag: "0170d018f8d81:0"
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 15816
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/img/tripadvisor_logo_white_160x24.png
104.84.152.241200 OK 1.0 kB URL HTTP/2 www.scandichotels.no/Static/img/tripadvisor_logo_white_160x24.png
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type PNG image data, 160 x 24, 8-bit colormap, non-interlaced\012- data
Hash 505929176ee78000b1d3a7fe88d7f60e
2458675db86732a36d0d69bb5b78935d159cb15c
7a9966c55577aea4f10333f17c202128b9256be7fa91bdc913153db94ff85d1e
GET /Static/img/tripadvisor_logo_white_160x24.png HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 02 Dec 2022 14:31:04 GMT
accept-ranges: bytes
etag: "0424b55a6d91:0"
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 1016
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/imageVault/publishedmedia/i744peso0pw2dpss4lqs/android_norwegian.png
104.84.152.241200 OK 2.6 kB URL HTTP/2 www.scandichotels.no/imageVault/publishedmedia/i744peso0pw2dpss4lqs/android_norwegian.png
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3b57fb25597dd24c50dfc75ee34c972e
38ce41d364239034463c5edb055bdef5c2149680
53c3c432392c94eba4445fa50ae073f1db5bef90faf29c42b5abfdaba5affdcb
GET /imageVault/publishedmedia/i744peso0pw2dpss4lqs/android_norwegian.png HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Request-Context
last-modified: Thu, 10 Dec 2020 14:46:35 GMT
content-length: 2634
content-type: image/webp
cache-control: private, no-transform, max-age=280097
expires: Fri, 03 Feb 2023 11:25:15 GMT
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/img/icons/shared/removeCircle.svg
104.84.152.241200 OK 460 B URL HTTP/2 www.scandichotels.no/Static/img/icons/shared/removeCircle.svg
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cc77c1059f976502b3fa39218d752e41
1fcf618604d95888422f31f35b6cf9e1b88b9a13
7077e5202c4d31ab284f923d1e539a13ac7c93ac1091769060f2d44d2bb4717c
GET /Static/img/icons/shared/removeCircle.svg HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
access-control-expose-headers: Request-Context
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: "0c9cbac5a6d91:0"
last-modified: Tue, 03 Jan 2023 01:10:11 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 460
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/img/scandic-logotype-white.svg
104.84.152.241200 OK 970 B URL HTTP/2 www.scandichotels.no/Static/img/scandic-logotype-white.svg
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash ebc9e7954e31dcde13870ab65aeffb29
f692398162fc26564436948a40b04e86241aef52
9e543f713bc511051cecdb52cf2e9d0e118bdd2a6052caf1559b98dd82d43976
GET /Static/img/scandic-logotype-white.svg HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
access-control-expose-headers: Request-Context
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: "043a1168ac3d81:0"
last-modified: Sat, 15 Oct 2022 01:12:28 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 970
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/fonts/brandon/brandontextweb-bold-webfont.woff2
104.84.152.241200 OK 28 kB URL HTTP/2 www.scandichotels.no/Static/fonts/brandon/brandontextweb-bold-webfont.woff2
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27584, version 1.131\012- data
Hash 1f68c9358ee19fe1d5f01fbb7b038f0d
581cf1c2c41014be6213f4d489471b97ac95903f
a5eb184b7e6074ede1306469eb1e47394f19aaecab777eba4cc98670fe6c6c40
GET /Static/fonts/brandon/brandontextweb-bold-webfont.woff2 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Fri, 02 Dec 2022 14:31:24 GMT
accept-ranges: bytes
etag: "0c6fc15a6d91:0"
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 27584
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/dist/css/scandic.css?6c42d5f91d990a3954c0
104.84.152.241200 OK 76 kB URL HTTP/2 www.scandichotels.no/Static/dist/css/scandic.css?6c42d5f91d990a3954c0
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash ca58cb8536b45d420cb502edf78826f4
740b6e798df7745a68ae0c7ad4211b5515c8278b
7f1390a62ecfa002639cea30547205cf08e24f88c2fae6a12221db72237a8ea7
GET /Static/dist/css/scandic.css?6c42d5f91d990a3954c0 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-expose-headers: Request-Context
content-encoding: br
content-security-policy: frame-ancestors 'self'
etag: "0aac1b25a6d91:0"
last-modified: Thu, 08 Dec 2022 04:52:51 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:02ea2806-234b-4a2c-96b9-f147b748ca7e
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 76545
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/fonts/brandon/brandontextweb-black-webfont.woff2
104.84.152.241200 OK 27 kB URL HTTP/2 www.scandichotels.no/Static/fonts/brandon/brandontextweb-black-webfont.woff2
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27168, version 1.131\012- data
Hash c3e19e4bd39a1c633a04ba7d9e759c34
19a5253282d80fbdf70a45d1bdcfd4756c607cc7
bb9f7b4ab5d2fba76a449b2808d47f94b76e8abb47976fce562316d53d383cb9
GET /Static/fonts/brandon/brandontextweb-black-webfont.woff2 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Fri, 02 Dec 2022 14:31:24 GMT
accept-ranges: bytes
etag: "0c6fc15a6d91:0"
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 27168
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/imageVault/publishedmedia/1rve7i2lmavehwvz69t3/Cross_country_skiing.jpg
104.84.152.241200 OK 90 kB URL HTTP/2 www.scandichotels.no/imageVault/publishedmedia/1rve7i2lmavehwvz69t3/Cross_country_skiing.jpg
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type ISO Media, AVIF Image\012- data
Hash 1f6de8ecc50cb135c420fb98e4356bca
381ddf6b82d2540ec7e472e9344321886e898b2d
3fbc1cb75586ceb7e43bc1222f474b2bd0cf943b66d939c578be93283e4ba6bf
GET /imageVault/publishedmedia/1rve7i2lmavehwvz69t3/Cross_country_skiing.jpg HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Request-Context
last-modified: Fri, 13 Jan 2023 15:44:12 GMT
content-length: 90501
content-type: image/avif
cache-control: private, no-transform, max-age=1073223
expires: Sun, 12 Feb 2023 15:44:01 GMT
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/-__VKVMvzKpYpKoWQ_2W_Fh9/akfatNNp/K3IUUwE/LRU4BE/YibhE
104.84.152.241200 OK 73 kB URL HTTP/2 www.scandichotels.no/-__VKVMvzKpYpKoWQ_2W_Fh9/akfatNNp/K3IUUwE/LRU4BE/YibhE
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
Hash c6dd15c3ee5a4bcd9d8e8a0c3d52fd41
ebba299bae409a0681ee4e00cc72c1458f73e049
ead22de7b5e9317ca777f867211c757f63e6efee96eab3baa6f9126e39a78659
GET /-__VKVMvzKpYpKoWQ_2W_Fh9/akfatNNp/K3IUUwE/LRU4BE/YibhE HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Dec 2022 18:21:50 GMT
etag: "c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 72934
date: Tue, 31 Jan 2023 05:36:58 GMT
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=4
strict-transport-security: max-age=300; includeSubDomains
set-cookie: _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEoncPOFAQAAWhRUBglKf8jfiVoKs5PanFfrPij2sZ9TaYGItmOKBXao0A8XjNohmvAk8Wxgmho+y5pG5/hakMXroGqx+0BgD1EczOwONH+p3r/KRjJv5AymLa2auvhaJDsznJ0nLC1+r2zlXdghgTrQHBN60M2EUv0JRwFdGcd+/gJ9kpoCpJkDA3Pr0WxChzq9Nw/wc7QElR0WymYnzbrvGDZwGRmuxif0m95G0GOKJRTteriq2fwBafdjmcQ81Xg7bRYyUXDeuh2vuuUqZSEYVDvQxSMJ7t6Ni7HDjgcvvOOESQ3FRT+OTRfq7KAj70Svo2MBi4/ZqnC6FyyrmEvXMadhkuGliuQmA5XryC3IQr7lx7L/KR4t6PTpdHyd9qlWBVItnCHm1uE=~-1~-1~-1; Domain=.scandichotels.no; Path=/; Expires=Wed, 31 Jan 2024 05:36:58 GMT; Max-Age=31536000; Secure
X-Firefox-Spdy: h2
www.scandichotels.no/imageVault/publishedmedia/0tafgfwoub4e11f1ruxe/app_store_norwegian.png
104.84.152.241200 OK 1.7 kB URL HTTP/2 www.scandichotels.no/imageVault/publishedmedia/0tafgfwoub4e11f1ruxe/app_store_norwegian.png
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type PNG image data, 135 x 45, 8-bit grayscale, non-interlaced\012- data
Hash 4fb2227b7238dd5642bb55cadafca13f
b828105badbbb4b513d35eb705bd027055ae7202
5565d779444a7bcfc17b0a190a47b008886ca6cf43d48da1c30d795a970ae7bd
GET /imageVault/publishedmedia/0tafgfwoub4e11f1ruxe/app_store_norwegian.png HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Request-Context
last-modified: Mon, 14 Dec 2020 12:52:35 GMT
unused62: 8096267
content-length: 1706
content-type: image/png
cache-control: private, no-transform, max-age=553243
expires: Mon, 06 Feb 2023 15:17:41 GMT
date: Tue, 31 Jan 2023 05:36:58 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=19
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/js/tracking/adobe-perf-track.js
104.84.152.241200 OK 517 B URL HTTP/2 www.scandichotels.no/Static/js/tracking/adobe-perf-track.js
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
Hash 976bc11bc2e6730e1ee5df5f6990680e
9a0d026d4258ad3ddf1c65a585d0b379e085a0cd
9a985dc76a71dd9a422cbf5687bc9d798caaa9aa6fe96f432005837f66de209c
GET /Static/js/tracking/adobe-perf-track.js HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 12:57:56 GMT
accept-ranges: bytes
etag: "0a25e7d8526d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:02ea2806-234b-4a2c-96b9-f147b748ca7e
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 517
cache-control: public, max-age=372
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=74
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/js/vendor/ai-init.js
104.84.152.241200 OK 763 B URL HTTP/2 www.scandichotels.no/Static/js/vendor/ai-init.js
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (772)
Hash f7f6c4f8b74c1bacd141bc2db6b4eb56
9d6cb7dda8c2f0a41bdc7cec45d446c86d8f0507
61f1c7eae6f7164f43f4ee8c9941f64ad0c792c3fa8adea8d22f8d0d6d9f1369
GET /Static/js/vendor/ai-init.js HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 12:57:56 GMT
accept-ranges: bytes
etag: "0a25e7d8526d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:02ea2806-234b-4a2c-96b9-f147b748ca7e
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 763
cache-control: public, max-age=274
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=61
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/js/init/sw-init.js
104.84.152.241200 OK 386 B URL HTTP/2 www.scandichotels.no/Static/js/init/sw-init.js
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
Hash 87d907d0f5c7a8843676d36cf9bd46f4
5826057073da4bf64cb1110e552b7050c0c225ea
786b81c41379f46cacff62894f145a630ad3871be86bb1b57080040b454099db
GET /Static/js/init/sw-init.js HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 12:57:50 GMT
accept-ranges: bytes
etag: "01bcb798526d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:02ea2806-234b-4a2c-96b9-f147b748ca7e
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 386
cache-control: public, max-age=170
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=58
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/img/icons/shared/addCircle.svg
104.84.152.241200 OK 471 B URL HTTP/2 www.scandichotels.no/Static/img/icons/shared/addCircle.svg
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 903e99b2acb07948b2cdef2ee38d6da9
b1d3208dad040e6513f867a2fea4126f2e332698
8428fac2f122193bf2cd6866170117d002461b745c69ded0582cc2d148171c72
GET /Static/img/icons/shared/addCircle.svg HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
access-control-expose-headers: Request-Context
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
etag: "0bcd61dc7a8d81:0"
last-modified: Tue, 13 Sep 2022 13:56:47 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 471
cache-control: public, max-age=900
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=66
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
assets.adobedtm.com/c1bd08b1e4e7/6afeb07ba92f/launch-9c8295a21538.min.js
23.38.200.237200 OK 82 kB URL HTTP/2 assets.adobedtm.com/c1bd08b1e4e7/6afeb07ba92f/launch-9c8295a21538.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32759)
Hash 815f06fe93815e78186c33b80cf0f8a5
d35d5dc74a00f547e05748421f6d803f584f85cf
b43180cf59dea084b41a59eccac5de323406b18844df5bb92ca3be7bd19d3f9b
GET /c1bd08b1e4e7/6afeb07ba92f/launch-9c8295a21538.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "cdc04175f12e7259943b8db6476fd244:1674814038.991623"
last-modified: Fri, 27 Jan 2023 10:07:19 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 31 Jan 2023 06:36:59 GMT
date: Tue, 31 Jan 2023 05:36:59 GMT
content-length: 81891
access-control-allow-origin: https://www.scandichotels.no
timing-allow-origin: *
X-Firefox-Spdy: h2
www.scandichotels.no/Static/js/tracking/tracking-data-init.js
104.84.152.241200 OK 1.2 kB URL HTTP/2 www.scandichotels.no/Static/js/tracking/tracking-data-init.js
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
Hash d58b709da760468805cf97c68b3513ce
363fcf5df01ed0111e8596e0aad05262ab3bc70d
05642bd8791a93f7ea399b1d25d42f014f1feb1c5bb8e943d2be6ba316ab745e
GET /Static/js/tracking/tracking-data-init.js HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 12:57:56 GMT
accept-ranges: bytes
etag: "0a25e7d8526d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:02ea2806-234b-4a2c-96b9-f147b748ca7e
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 1245
cache-control: public, max-age=290
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=277
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/dist/js/ng/runtime.js?1673528215518
104.84.152.241200 OK 941 B URL HTTP/2 www.scandichotels.no/Static/dist/js/ng/runtime.js?1673528215518
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1252)
Hash 3836162651fb145ec6852eaa527a8ed5
93759c58c834024201419f0906a08ba069e88306
6c328018b26a67b3f0b22db4b4553e3ef7f9607bb1b4545197dc58f3c82a7963
GET /Static/dist/js/ng/runtime.js?1673528215518 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 12:57:48 GMT
accept-ranges: bytes
etag: "0ee99788526d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 941
expires: Tue, 31 Jan 2023 05:36:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=198, origin; dur=129
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/dist/js/inline.js
104.84.152.241200 OK 1.0 kB URL HTTP/2 www.scandichotels.no/Static/dist/js/inline.js
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1669)
Hash 33d9e16295ab2d9417b589e81347c86a
56c018bc757133bbeb8d46ba99b6b0307d831d1b
7b699eba909791bea663c94a2036926664c39f4825d6bfe4bd60836a0409397b
GET /Static/dist/js/inline.js HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 12:57:48 GMT
accept-ranges: bytes
etag: "0ee99788526d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 1006
expires: Tue, 31 Jan 2023 05:36:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=204, origin; dur=124
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/dist/js/main-ng.js?83f8551a5ce6ca64839c
104.84.152.241200 OK 156 kB URL HTTP/2 www.scandichotels.no/Static/dist/js/main-ng.js?83f8551a5ce6ca64839c
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65282)
Size 156 kB (156251 bytes)
Hash c8f0166c388be9f2c0ad842b6d1c20c6
e1cd1d40e0f1875b5d751d29a94c9f0f7fa17320
82a80cf5cf2121ec9cdc4402e5395258363fe1bf9f69c8a6f7e90c6f38bca9c9
GET /Static/dist/js/main-ng.js?83f8551a5ce6ca64839c HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 12:57:54 GMT
accept-ranges: bytes
etag: "0752d7c8526d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 156251
expires: Tue, 31 Jan 2023 05:36:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=176, origin; dur=129
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
www.scandichotels.no/Static/dist/js/ng/polyfills.js?1673528215518
104.84.152.241200 OK 36 kB URL HTTP/2 www.scandichotels.no/Static/dist/js/ng/polyfills.js?1673528215518
IP 104.84.152.241:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 83abfe7b5835fa9d8992970c15285ef0
08e9fbc72f2f8376480e0ee36b784de6fb422df4
fe42200311883304bb29631f45e0114fd66aae3f3c9871d00c27d234558335eb
GET /Static/dist/js/ng/polyfills.js?1673528215518 HTTP/1.1
Host: www.scandichotels.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.scandichotels.no/?utm_campaign=affiliate&utm_source=adgoal+GmbH+-+Content&utm_medium=awin&utm_content=101248%20&awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136
Connection: keep-alive
Cookie: ASP.NET_SessionId=z20fyazegnubkmh2e4joeyzm; awc=21887_1675143418_2b1c35db9284e06cf711c3283ae29136; _abck=5C6F2E63BF48F72461FFAE9327341877~-1~YAAQ7ZhUaEIncPOFAQAA0BNUBgkTPsXp2TUIkJGhu1oGEMrxt/CBLYJAyiQ9860HHD+dJaz2BzUvUwXsRhewfJLYeRlnuyB7jBfi0Zny1EfAqKNwosgNsJJzP1Ml7+8xSBG9oawum+2fB6t755/E8P8XBtnXwJheYH5ScQGj49GzCsejOt4Hyy2Z4gEmTB312bF5L0jD8B3eyfnWlPS8rnE1br0gocaNf2KBOl+L58zMCrAGkg6EyqqrTISE/ql5t1EyVwQ5+jFOW725TJJrtUgRTzFVFSK0Tf/pCtIlWCFg/19q+qQF4NvgPrjWTV7CtZyetzVQdPtLrTE6EMmtnmNFd/NN6KLnkczLQR/dTy0bXf1NWLIP13yRheZz+SF8PPK+~-1~-1~-1; ak_bmsc=6B8FF4292FCEA617C29AA80FFCB7C90D~000000000000000000000000000000~YAAQ7ZhUaEMncPOFAQAA0BNUBhLgWzeADEbS2/FMiD2PN+l3Xu32nVw1yRCpWJRUzxGTO8uUndokheTIi1IOgFW54X4QcpwMJnMtmukQgWno2lWo7o5Tl/EMVVRhIuQ4bn6fcF2AfjIrpCa78WDKaOh2Afayjgq0XIfM2zIF6pTBLkhoVpCL5QRar/sim5dG6CbyaH7rWIZN7vFik53pQqQIgEZLSK0pDpqEjL+fn9Pdqn/qxDQkE26W5UtnBUIuLmbrXOh5JjkILLCVDn14FQVDu5/Ylao5wlgcnQEFxk9ae8owy4N6rzyy8XnDlGCMm8ze/Xc5DEJIH/haooK8zaVhWN8Wsj0+FowYF4F18g3r56JQq5ydVPes8F20sILBrVyda00U8XkJmDqhbknQ; bm_sz=80FC31EE9A784C00D814C18ED8AE2995~YAAQ7ZhUaEUncPOFAQAA0BNUBhLpc2aRsrf+/HSMIS1+Vgyr4LxWO7SnXpBi4BbV0YMH8jDmhUz4+yP4lcmhUaEER63WhtXigWxkJlguAI3bXsKQq8TG4kTZDLYJrtH5znEpeLELQJ0emkZ2NA7rs3PmEKH8neJ+jqrU5FBmQijfKeGkcM/+Sz4kyguPTbLX3xVOCOoQzfTgUiMpYDu9Ss3CQCVqBeJelkMtCJEN+52O2zlPb/G7SM//LxcfKJ4k1wPI1rG+/MAfggtI+NZtDgPUJBGIPSlLzS4AWv3M4kryLyxXq3LifFw=~4338744~4342326
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 12 Jan 2023 12:57:48 GMT
accept-ranges: bytes
etag: "0ee99788526d91:0"
vary: Accept-Encoding
request-context: appId=cid-v1:4fd93b87-2fbc-4ae7-9657-e982d0ff5a55
access-control-expose-headers: Request-Context
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
content-length: 35707
expires: Tue, 31 Jan 2023 05:36:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 31 Jan 2023 05:36:59 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=276, origin; dur=125
strict-transport-security: max-age=300; includeSubDomains
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Slab:400,700,300,100&ver=3.9.2
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Slab:400,700,300,100&ver=3.9.2
IP 142.250.74.74:0
GET /css?family=Roboto+Slab:400,700,300,100&ver=3.9.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 05:36:52 GMT
date: Tue, 31 Jan 2023 05:36:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
104.18.10.207200 OK 0 B URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
IP 104.18.10.207:0
GET /font-awesome/4.0.3/css/font-awesome.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 05:36:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-08-03 04:14:00
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6358afe6e12aefed963ad27f3935d6d1
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 20590097
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792017947bd5b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Biryani
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Biryani
IP 142.250.74.74:0
GET /css?family=Biryani HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 05:36:52 GMT
date: Tue, 31 Jan 2023 05:36:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vipestores.com/links?ids=5559&subid=1eeh73ui0km1
188.114.96.1200 OK 0 B URL HTTP/2 vipestores.com/links?ids=5559&subid=1eeh73ui0km1
IP 188.114.96.1:0
GET /links?ids=5559&subid=1eeh73ui0km1 HTTP/1.1
Host: vipestores.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 05:36:57 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ik9pK2N4bkRoUlBrVDdzTGJTM1l3RFE9PSIsInZhbHVlIjoicWRieHNnMitROUM5Y3hiTlFlQ21UOTNHQmVHekJsNkhHK2tNZkFRQ09xSi85YklodG9RMXVFdjZ5UW53TTVVVyIsIm1hYyI6ImUxMGQ5MmQ3ZGMzYjQ3Nzc0OTdhZjZiM2E2MTM0ZWJkM2Y4Njk1NTU0NmNiMGU4NzEzMmEyZDg5NWJhNDM5MTAifQ%3D%3D; expires=Tue, 31-Jan-2023 07:36:57 GMT; Max-Age=7200; path=/; samesite=lax
vipstores_session=eyJpdiI6ImlNYmRVbmF1TElSalc3b2x0ZDdqYVE9PSIsInZhbHVlIjoicmhMcmF4MHpkMGZGK0tSRG5QUTVSQmI5eUpiYm1lZjhJSGxpc2laamQ3Z0FMVjVvMENLeGRMY0xTcjV3Lzk4RSIsIm1hYyI6IjAzNThmYmI1Y2I2NDBmZjAyZTI4MGE2ZjYzZjhlODIyNzM1ZTUwYTBmMTFjODkxNmRlZDI4YzI4ZjA4NDg3M2MifQ%3D%3D; expires=Tue, 31-Jan-2023 07:36:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHzTuq9he%2BXtyv%2B7raOjofyEA42NaiwudFkxNZlH1MzPN%2FC6c5j6WWr3zha3OaCB1O5%2BzUrPX5MxO5JIWCfgUieD6XQxl6yW333CyBhOZYwZvUH2Q9IFFRizEk0LP3ZdlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792017b4ca69b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,400italic,500italic,700,700italic,900,900italic&ver=3.9.2
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,500,400italic,500italic,700,700italic,900,900italic&ver=3.9.2
IP 142.250.74.74:0
GET /css?family=Roboto:400,100,100italic,300,300italic,500,400italic,500italic,700,700italic,900,900italic&ver=3.9.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://christianeka-images.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 05:36:51 GMT
date: Tue, 31 Jan 2023 05:36:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2