urlscan.io logo urlscan.io
SecurityTrails logo

www.kosevenner.com Open in urlscan Pro
34.111.159.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clicktracker.net/xNRsw
Effective URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Submission: On July 11 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 13 domains to perform 56 HTTP transactions. The main IP is 34.111.159.168, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.kosevenner.com.
TLS certificate: Issued by GTS CA 1D4 on July 5th 2023. Valid for: 3 months.
This is the only time www.kosevenner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.196.84.70 16509 (AMAZON-02)
2 2 52.49.101.188 16509 (AMAZON-02)
2 2 18.203.53.203 16509 (AMAZON-02)
1 1 3.126.25.249 16509 (AMAZON-02)
30 34.111.159.168 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
10 35.195.163.35 396982 (GOOGLE-CL...)
2 35.227.234.99 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
56 7
1    2606:4700:3031::6815:7b3 (United States)

ASN13335 (CLOUDFLARENET, US)
clicktracker.net
1    18.196.84.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-84-70.eu-central-1.compute.amazonaws.com
requestlistional.com
2    52.49.101.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-101-188.eu-west-1.compute.amazonaws.com
bluefieldshop.com
greenplacetech.com
2    18.203.53.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-53-203.eu-west-1.compute.amazonaws.com
thefieldpoint.com
1    3.126.25.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-25-249.eu-central-1.compute.amazonaws.com
coogleoffition.com
30    34.111.159.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.159.111.34.bc.googleusercontent.com
www.kosevenner.com
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
10    35.195.163.35 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 35.163.195.35.bc.googleusercontent.com
samlesamtykke.com
api.samlesamtykke.com
2    35.227.234.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.234.227.35.bc.googleusercontent.com
landers.cdnware.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Domain Requested by
30 www.kosevenner.com www.kosevenner.com
8 api.samlesamtykke.com samlesamtykke.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.kosevenner.com
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com www.kosevenner.com
www.googletagmanager.com
2 landers.cdnware.com www.kosevenner.com
2 samlesamtykke.com www.kosevenner.com
samlesamtykke.com
2 thefieldpoint.com 2 redirects
1 greenplacetech.com 1 redirects
1 coogleoffition.com 1 redirects
1 bluefieldshop.com 1 redirects
1 requestlistional.com 1 redirects
1 clicktracker.net 1 redirects
56 15

This site contains links to these domains. Also see Links.

Domain
api.midsummeronlinesignon.com
Subject Issuer Validity Valid
kosevenner.com
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
samlesamtykke.com
R3		 2023-07-02 -
2023-09-30		 3 months crt.sh
landers.cdnware.com
GTS CA 1D4		 2023-06-18 -
2023-09-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Frame ID: 2D949C22E7CFE0A0D03FEB7801FAEDDB
Requests: 45 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zZXZlbm5lci5jb206NDQz&hl=no&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=6qjojhudm05u
Frame ID: 00DED2D6F0AA045069964D211B142183
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kosevenner.com

Page URL History Show full URLs

  1. https://clicktracker.net/xNRsw HTTP 301
    https://requestlistional.com/42482a1a-3272-4a24-8cbb-f9e74e996330?ss9 HTTP 302
    https://bluefieldshop.com/?a=9598&c=77104&s2=wru7q72jgdqshk2qisihaqao HTTP 302
    https://thefieldpoint.com/?a=9598&c=77104&s2=wru7q72jgdqshk2qisihaqao&ckmguid=fd2ab59f-e4c1-4e82-a5b2-... HTTP 302
    https://coogleoffition.com/411c1b47-25a6-41d0-9816-1b40ab74d60d?s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=... HTTP 302
    https://thefieldpoint.com/?a=9598&c=67575&s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=&s5= HTTP 302
    https://greenplacetech.com/?a=9598&c=67575&s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=&s5=&ckmguid=f04375e5... HTTP 302
    https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

56
Requests

100 %
HTTPS

42 %
IPv6

13
Domains

15
Subdomains

7
IPs

4
Countries

2143 kB
Transfer

3279 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicktracker.net/xNRsw HTTP 301
    https://requestlistional.com/42482a1a-3272-4a24-8cbb-f9e74e996330?ss9 HTTP 302
    https://bluefieldshop.com/?a=9598&c=77104&s2=wru7q72jgdqshk2qisihaqao HTTP 302
    https://thefieldpoint.com/?a=9598&c=77104&s2=wru7q72jgdqshk2qisihaqao&ckmguid=fd2ab59f-e4c1-4e82-a5b2-a8a06c2daafd HTTP 302
    https://coogleoffition.com/411c1b47-25a6-41d0-9816-1b40ab74d60d?s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=&s5=&aid=9598 HTTP 302
    https://thefieldpoint.com/?a=9598&c=67575&s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=&s5= HTTP 302
    https://greenplacetech.com/?a=9598&c=67575&s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=&s5=&ckmguid=f04375e5-2510-42f9-bc6a-4086df48afe7 HTTP 302
    https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request landing97
www.kosevenner.com/
Redirect Chain
  • https://clicktracker.net/xNRsw
  • https://requestlistional.com/42482a1a-3272-4a24-8cbb-f9e74e996330?ss9
  • https://bluefieldshop.com/?a=9598&c=77104&s2=wru7q72jgdqshk2qisihaqao
  • https://thefieldpoint.com/?a=9598&c=77104&s2=wru7q72jgdqshk2qisihaqao&ckmguid=fd2ab59f-e4c1-4e82-a5b2-a8a06c2daafd
  • https://coogleoffition.com/411c1b47-25a6-41d0-9816-1b40ab74d60d?s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=&s5=&aid=9598
  • https://thefieldpoint.com/?a=9598&c=67575&s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=&s5=
  • https://greenplacetech.com/?a=9598&c=67575&s1=&s2=wru7q72jgdqshk2qisihaqao&s3=&s4=&s5=&ckmguid=f04375e5-2510-42f9-bc6a-4086df48afe7
  • https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
0d9d0c8095de54c349700e5b6b995eec17fa01ffc2f07f1755cb3b8dc7058236

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=300
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 11 Jul 2023 12:51:36 GMT
server
nginx/1.14.2
vary
Accept-Encoding
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cache
MISS
x-cacheable
YES
x-host
kosevenner.com
x-powered-by
PHP/7.2.34
x-varnish
4655426
xkey
lander

Redirect headers

Cache-Control
private
Connection
close
Content-Length
199
Content-Type
text/html; charset=utf-8
Date
Tue, 11 Jul 2023 12:51:36 GMT
Location
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
landing097.css
www.kosevenner.com/landers/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kosevenner.com/landers/css/landing097.css
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
81fba30f9170dc3946abdd66df2aad4b01b34fb46776e6bf12b653c7657a5de9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:37 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
MISS
x-host
kosevenner.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-varnish
4722426
cache-control
max-age=300
accept-ranges
bytes
pornhub.css
www.kosevenner.com/landers/css/theme/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kosevenner.com/landers/css/theme/pornhub.css
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
eaa9f0c56c4d7f63c8329f2ea88da13993ee42adab24b60c155b4c77c907ff2f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:37 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
MISS
x-host
kosevenner.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-varnish
4180098
cache-control
max-age=300
accept-ranges
bytes
fontawesome-all.min.css
www.kosevenner.com/landers/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kosevenner.com/landers/css/fontawesome-all.min.css
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:21 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Mon, 10 Jul 2023 11:28:58 GMT
server
nginx/1.14.2
etag
W/"64abeb7a-c970"
vary
Accept-Encoding
content-type
text/css
x-varnish
4626901 4689654
cache-control
max-age=300
accept-ranges
bytes
enterprise.js
www.google.com/recaptcha/ 		974 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc2c922ead972f265d71c66b926bc0e63df262f8dc891157a705b0a40a35c6a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
616
x-xss-protection
1; mode=block
expires
Tue, 11 Jul 2023 12:51:37 GMT
enterprise.js
www.google.com/recaptcha/ 		940 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
926df5b3a03f2812fe0c5f12bd06406ff22150e5b4adfcefd8c4a8b380d4ffc6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
583
x-xss-protection
1; mode=block
expires
Tue, 11 Jul 2023 12:51:37 GMT
google-logo.svg
www.kosevenner.com/landers/images/general/ 		688 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/landers/images/general/google-logo.svg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:21:16 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Mon, 10 Jul 2023 11:28:59 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"64abeb7b-2b0"
x-cache
HIT
content-type
image/svg+xml
x-varnish
4084680 4398523
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
688
loading.gif
www.kosevenner.com/landers/images/loader/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/landers/images/loader/loading.gif
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 11:30:05 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Mon, 10 Jul 2023 11:29:00 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"64abeb7c-b4c"
x-cache
HIT
content-type
image/gif
x-varnish
2509835 2906883
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2892
vendor.js
www.kosevenner.com/landers/js/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kosevenner.com/landers/js/vendor.js
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
7bcbb9db027f56b18fc2cd63f02d8109a2f5dcf1e227f988847d69c815d13fff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:22 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Mon, 10 Jul 2023 11:29:10 GMT
server
nginx/1.14.2
etag
W/"64abeb86-1e2ae"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
4393113 4303639
cache-control
max-age=300
accept-ranges
bytes
recaptcha__no.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 		430 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__no.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8db9a874a212c3fbb7a9efa056c1c8bb3c08d0b0508d2bf83c0c51ca14a5a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kosevenner.com/
Origin
https://www.kosevenner.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 21:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176831
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 21:13:22 GMT
cc.js
samlesamtykke.com/ 		118 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samlesamtykke.com/cc.js?wId=6w0jnaNoOPaEK8Y5Vwwd1D&domain=kosevenner.com&languageCode=nb&languageTerritory=NO&sessionId=961e5e380d0a4a3ba58a980023a5ba97
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2ec2a7b0afe14cd6b30ef80f3bdfdeefee77210164f0cfeb4f215bedd589817b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
content-length
14216
landing097.js
www.kosevenner.com/landers/js/ 		68 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kosevenner.com/landers/js/landing097.js
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
257c2013446398ee91557ed07b40b426070e397029a462f2f0baa11402227c7b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:37 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Mon, 10 Jul 2023 11:29:09 GMT
server
nginx/1.14.2
etag
W/"64abeb85-10f08"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
4184584
cache-control
max-age=300
accept-ranges
bytes
media-registry.js
landers.cdnware.com/ 		115 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landers.cdnware.com/media-registry.js
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.234.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.234.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4a703ad00348f8b8807e75ced058b8665620e2a2810bf0a1c1e8b350e4d2f008

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:00:29 GMT
age
3068
x-guploader-uploadid
ADPycdsgaRQ8DOo7l_Sj_9Vm3G2FSAi0Ky6SUASBXXLIahSY0LWH1c0J9DNQXGPgWN6i2y5g_e8JwbSjxXADER0gSEA45A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117427
last-modified
Mon, 10 Jul 2023 11:31:56 GMT
server
UploadServer
etag
"bfab729f9bf73528fe4095b1cca2c0dd"
x-goog-generation
1688988716369485
x-goog-hash
crc32c=LMQAxw==, md5=v6tyn5v3NSj+QJWxzKLA3Q==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
117427
accept-ranges
bytes
expires
Tue, 11 Jul 2023 13:00:29 GMT
nb-no2.json
landers.cdnware.com/translations/ 		206 KB
207 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://landers.cdnware.com/translations/nb-no2.json
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landers/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.234.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.234.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ba819139f9cc4371be249f975bc305f7692887f70ce1d306b4d1e982ab719e48

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kosevenner.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:12:01 GMT
age
2376
x-guploader-uploadid
ADPycdsVlf7XHWI9YAljYHc0Kbu-VHlsOmbg4GS-5CjvucAsoHEC4zkKNa952XR3gj70egomPEaH6ovQbcGqPPO6BuAHeA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211155
last-modified
Wed, 05 Jul 2023 09:45:31 GMT
server
UploadServer
etag
"4ef89a6eb8e0cb7fa3beb1676622c07b"
x-goog-generation
1688550330938516
x-goog-hash
crc32c=2BVjvg==, md5=Tviabrjgy3+jvrFnZiLAew==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
211155
accept-ranges
bytes
content-type
application/json
expires
Tue, 11 Jul 2023 13:12:01 GMT
gtm.js
www.googletagmanager.com/ 		116 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landers/js/landing097.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e95ee2ccc3b6e9b75b65565d54936582baa69d72e137f9b6a9ee13d2207695c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45871
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jul 2023 12:51:38 GMT
search
www.kosevenner.com/json/profile/ 		54 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kosevenner.com/json/profile/search
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landers/js/vendor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
b1fa2e1256cc993c98231aec33d1dea468fcdea8d765a1fce990829b8f1d8086

Request headers

Accept
*/*
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
date
Tue, 11 Jul 2023 12:51:37 GMT
via
1.1 google
server
Apache/2.4.54 (Ubuntu)
vary
X-Forwarded-Proto
content-type
application/json
access-control-allow-origin
https://www.kosevenner.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-ua-compatible
IE=edge,chrome=1
3.jpg
www.kosevenner.com/landers/images/backgrounds/default/default/ 		301 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/landers/images/backgrounds/default/default/3.jpg?geo=no
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
27e13538a8d1280153d02e58805cf90a5bacc4f57f315890ec3e2f9a98b6a1b5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:37 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Mon, 10 Jul 2023 11:28:58 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"64abeb7a-4b51d"
x-cache
MISS
content-type
image/jpeg
x-varnish
4200681
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
308509
anchor
www.google.com/recaptcha/enterprise/ Frame 00DE 		52 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zZXZlbm5lci5jb206NDQz&hl=no&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=6qjojhudm05u
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__no.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d0297f6654601cab029edd4738d740c8bf869c92fef2cbb37df25b9bb361746
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hQJWN9u117eSwr6yEzqnsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kosevenner.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
29164
content-security-policy
script-src 'report-sample' 'nonce-hQJWN9u117eSwr6yEzqnsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 12:51:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
545423.jpg
www.kosevenner.com/content/6/692081/fotos/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/6/692081/fotos/545423.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
12149b633a4c4700a785f37d60871857312f1a89e6f0e3912f648612afb42de1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Thu, 10 Mar 2022 17:39:10 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"1086b-5d9e0b1185cf8"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67691
x-ua-compatible
IE=edge,chrome=1
613355.jpg
www.kosevenner.com/content/8/852597/fotos/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/852597/fotos/613355.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
4992e82f3d14625ca9a151ae23ccac7b9576cdf6822b633eae3a4712326d9df4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Sun, 09 Jul 2023 19:54:10 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"6cca-600133ac31062"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27850
x-ua-compatible
IE=edge,chrome=1
613351.jpg
www.kosevenner.com/content/8/852593/fotos/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/852593/fotos/613351.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
bb6acf3191c31c1406b3e005ebaab7fd06d7573e89f9ef226db25a5076269d40

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Sun, 09 Jul 2023 19:54:08 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"101e1-600133aa6bd43"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66017
x-ua-compatible
IE=edge,chrome=1
613313.jpg
www.kosevenner.com/content/8/852389/fotos/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/852389/fotos/613313.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
478091e0f6a98a1b8d6cb83e41a0faf8e3045f621a4cce59da1f7b7ba235c65a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Sun, 09 Jul 2023 06:59:11 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"8f5e-60008672fad01"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36702
x-ua-compatible
IE=edge,chrome=1
613311.jpg
www.kosevenner.com/content/8/852387/fotos/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/852387/fotos/613311.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
59c6c7d43be78cd806e529d26ccc0c8b1d122488bf3e9ca691fc1bda8e0d5597

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Sun, 09 Jul 2023 06:59:10 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"7115-6000867250dd5"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28949
x-ua-compatible
IE=edge,chrome=1
613237.jpg
www.kosevenner.com/content/8/851925/fotos/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851925/fotos/613237.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
cc97cf34970b506da9115aba0e073efdd907be30b1f1a256e69777ecbe0edc71

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Fri, 07 Jul 2023 13:39:08 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"9dd9-5ffe5c1dfe738"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40409
x-ua-compatible
IE=edge,chrome=1
613221.jpg
www.kosevenner.com/content/8/851915/fotos/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851915/fotos/613221.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
f7b9dc5039c01166d3058d2564887d3ac0c4bacc9b0895d56251f30c3f68a3dd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Fri, 07 Jul 2023 13:29:11 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"a6e6-5ffe59e3e402e"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42726
x-ua-compatible
IE=edge,chrome=1
613219.jpg
www.kosevenner.com/content/8/851913/fotos/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851913/fotos/613219.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
c037a648902c9948fc3a649fe9ade62d5dfa3496f399945aba7d69e1de280ddc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Fri, 07 Jul 2023 13:29:10 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"e80d-5ffe59e319d4e"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59405
x-ua-compatible
IE=edge,chrome=1
613201.jpg
www.kosevenner.com/content/8/851867/fotos/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851867/fotos/613201.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
17497550a5da56d907a2a61d6302d71d0965a7513b5eef32a33c807d0f4b60cd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Fri, 07 Jul 2023 09:44:09 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"76b4-5ffe27977d984"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30388
x-ua-compatible
IE=edge,chrome=1
613193.jpg
www.kosevenner.com/content/8/851859/fotos/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851859/fotos/613193.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
61d9e87ef7b2d74fddac6a4a67b4baa3116e239f28dbe6276f35c7d612abbb33

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Fri, 07 Jul 2023 09:39:10 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"81f8-5ffe267abe82b"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33272
x-ua-compatible
IE=edge,chrome=1
613185.jpg
www.kosevenner.com/content/8/851849/fotos/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851849/fotos/613185.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
dbba65c9cfa96b8e656a7fe76469102b24b209c7d4e313ad52360c10adf673a6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Fri, 07 Jul 2023 09:29:11 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"6200-5ffe243f9b60d"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25088
x-ua-compatible
IE=edge,chrome=1
613171.jpg
www.kosevenner.com/content/8/851835/fotos/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851835/fotos/613171.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
f7fe5e3869e949aad14ed3e1c98bb115ae97f6e48532fd3b447622ad730d2660

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Fri, 07 Jul 2023 09:24:09 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"a7ec-5ffe231f7416a"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42988
x-ua-compatible
IE=edge,chrome=1
602809.jpg
www.kosevenner.com/content/8/824159/fotos/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/824159/fotos/602809.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
f17621fbf7153843fcd3a6ef97162dc2cd675384097dfb09ad3f1261ea03eb7d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Sun, 23 Apr 2023 17:09:08 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"7d5c-5fa03f2c92072"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32092
x-ua-compatible
IE=edge,chrome=1
612881.jpg
www.kosevenner.com/content/8/851193/fotos/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851193/fotos/612881.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
e7062eac7188d9be49e715e2a82dde8ba39c159632a303db8a0987572cd3290e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Wed, 05 Jul 2023 09:59:09 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"7f9b-5ffba737a5a93"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32667
x-ua-compatible
IE=edge,chrome=1
612981.jpg
www.kosevenner.com/content/8/851449/fotos/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851449/fotos/612981.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
0c72d02f313b546984a0c7e17819d6e89aaa7893c7c3a535f7df9bc787c351f9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Wed, 05 Jul 2023 21:34:09 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"62e4-5ffc428fad2eb"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25316
x-ua-compatible
IE=edge,chrome=1
612977.jpg
www.kosevenner.com/content/8/851445/fotos/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851445/fotos/612977.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
70fd4da285205d73772d01745f5a4477293df9ace0cd95093bb572619ed5ef8f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Wed, 05 Jul 2023 21:34:08 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"5d2b-5ffc428e0c202"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23851
x-ua-compatible
IE=edge,chrome=1
612967.jpg
www.kosevenner.com/content/8/851431/fotos/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851431/fotos/612967.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
f40c3ae81232417fac4d6faccd3d927ddfecc205cd47e22144140d4a8bc37964

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Wed, 05 Jul 2023 21:19:09 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"a343-5ffc3f34b1e0f"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41795
x-ua-compatible
IE=edge,chrome=1
612961.jpg
www.kosevenner.com/content/8/851423/fotos/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851423/fotos/612961.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
c7c9eb413d5054d3cae2732ef7b8dd1fe9fdf1d28ed9f3d3ffb3fa021552c1dc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Wed, 05 Jul 2023 21:14:12 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"ff0b-5ffc3e1991e64"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65291
x-ua-compatible
IE=edge,chrome=1
612955.jpg
www.kosevenner.com/content/8/851417/fotos/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851417/fotos/612955.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
140346138bd391d3fca203fadccf39af63e0acf179ecac4d941111287d9532d6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Wed, 05 Jul 2023 21:14:09 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"d874-5ffc3e1731682"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55412
x-ua-compatible
IE=edge,chrome=1
612951.jpg
www.kosevenner.com/content/8/851411/fotos/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kosevenner.com/content/8/851411/fotos/612951.jpg
Requested by
Host: www.kosevenner.com
URL: https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.159.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.159.111.34.bc.googleusercontent.com
Software
Apache/2.4.54 (Ubuntu) /
Resource Hash
8888e1b2114c61b4b32632556e774d435b0dbc7271f572c74ab5a61a8672c795

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/landing97?cat=milf&pi=9598&pt1=35371359&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
via
1.1 google
last-modified
Wed, 05 Jul 2023 21:09:11 GMT
server
Apache/2.4.54 (Ubuntu)
etag
"8091-5ffc3cfaade75"
vary
X-Forwarded-Proto
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32913
x-ua-compatible
IE=edge,chrome=1
styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 00DE 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zZXZlbm5lci5jb206NDQz&hl=no&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=6qjojhudm05u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 10:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Jul 2024 10:44:10 GMT
recaptcha__no.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 00DE 		430 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__no.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zZXZlbm5lci5jb206NDQz&hl=no&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=6qjojhudm05u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8db9a874a212c3fbb7a9efa056c1c8bb3c08d0b0508d2bf83c0c51ca14a5a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 21:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176831
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 15:59:54 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 09 Jul 2024 21:13:22 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab8f5b33989d9e6ac59f6f6e52ddc8efb7b0a6a2d9437836dc153da76d45b8d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87340
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jul 2023 12:51:38 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QXFHHE16V3&gtm=45je37a0&_p=308694675&cid=544871053.1689079898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689079898&sct=1&seg=0&dl=https%3A%2F%2Fwww.kosevenner.com%2Flanding97%3Fcat%3Dmilf%26pi%3D9598%26pt1%3D35371359%26pe%3D&dt=kosevenner.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 12:51:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kosevenner.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 00DE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 15:17:24 GMT
x-content-type-options
nosniff
age
336854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 14 Jul 2023 15:17:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 00DE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zZXZlbm5lci5jb206NDQz&hl=no&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=6qjojhudm05u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 00:06:15 GMT
x-content-type-options
nosniff
age
564323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jul 2024 00:06:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 00DE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zZXZlbm5lci5jb206NDQz&hl=no&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=6qjojhudm05u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 17:47:45 GMT
x-content-type-options
nosniff
age
241433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 17:47:45 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 00DE 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=no&v=khH7Ei3klcvfRI74FvDcfuOo
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zZXZlbm5lci5jb206NDQz&hl=no&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=6qjojhudm05u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8eee5760a34cbac7b1f49be711b481677c080d1442b062130458078f610efd09
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zZXZlbm5lci5jb206NDQz&hl=no&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=6qjojhudm05u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 11 Jul 2023 12:51:38 GMT
collector
api.samlesamtykke.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.samlesamtykke.com/consent/collector
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kosevenner.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kosevenner.com
content-length
0
content-type
application/vnd.api+json
date
Tue, 11 Jul 2023 12:51:38 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
cc.css
samlesamtykke.com/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://samlesamtykke.com/cc.css
Requested by
Host: samlesamtykke.com
URL: https://samlesamtykke.com/cc.js?wId=6w0jnaNoOPaEK8Y5Vwwd1D&domain=kosevenner.com&languageCode=nb&languageTerritory=NO&sessionId=961e5e380d0a4a3ba58a980023a5ba97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;
last-modified
Thu, 15 Oct 2020 08:07:25 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"6073-5b1b123761e40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3892
collector
api.samlesamtykke.com/consent/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.samlesamtykke.com/consent/collector
Requested by
Host: samlesamtykke.com
URL: https://samlesamtykke.com/cc.js?wId=6w0jnaNoOPaEK8Y5Vwwd1D&domain=kosevenner.com&languageCode=nb&languageTerritory=NO&sessionId=961e5e380d0a4a3ba58a980023a5ba97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b872e21729880566aaf85038fdf0f59b35c715aafc9bcda5e13aecb760ece0fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kosevenner.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 11 Jul 2023 12:51:38 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
content-type
application/vnd.api+json
access-control-allow-origin
https://www.kosevenner.com
access-control-allow-credentials
true
content-length
4421
loadSegment
api.samlesamtykke.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.samlesamtykke.com/consent/loadSegment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kosevenner.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kosevenner.com
content-length
0
content-type
application/vnd.api+json
date
Tue, 11 Jul 2023 12:51:39 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
loadSegment
api.samlesamtykke.com/consent/ 		284 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.samlesamtykke.com/consent/loadSegment
Requested by
Host: samlesamtykke.com
URL: https://samlesamtykke.com/cc.js?wId=6w0jnaNoOPaEK8Y5Vwwd1D&domain=kosevenner.com&languageCode=nb&languageTerritory=NO&sessionId=961e5e380d0a4a3ba58a980023a5ba97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
4927caed672e4a6ab0dec07adfb90e5c15213e562a6873e0943699d82cca467e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kosevenner.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 11 Jul 2023 12:51:39 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
content-type
application/vnd.api+json
access-control-allow-origin
https://www.kosevenner.com
access-control-allow-credentials
true
content-length
284
loadSegment
api.samlesamtykke.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.samlesamtykke.com/consent/loadSegment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kosevenner.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kosevenner.com
content-length
0
content-type
application/vnd.api+json
date
Tue, 11 Jul 2023 12:51:39 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
loadSegment
api.samlesamtykke.com/consent/ 		360 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.samlesamtykke.com/consent/loadSegment
Requested by
Host: samlesamtykke.com
URL: https://samlesamtykke.com/cc.js?wId=6w0jnaNoOPaEK8Y5Vwwd1D&domain=kosevenner.com&languageCode=nb&languageTerritory=NO&sessionId=961e5e380d0a4a3ba58a980023a5ba97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d4e02dfa1bd03cd275a801d83acadb1c3fdaced7f6ff26abdf36addaeda5d714
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kosevenner.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 11 Jul 2023 12:51:39 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
content-type
application/vnd.api+json
access-control-allow-origin
https://www.kosevenner.com
access-control-allow-credentials
true
content-length
360
confirmExplicit
api.samlesamtykke.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.samlesamtykke.com/consent/confirmExplicit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kosevenner.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kosevenner.com
content-length
0
content-type
application/vnd.api+json
date
Tue, 11 Jul 2023 12:51:39 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
confirmExplicit
api.samlesamtykke.com/consent/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.samlesamtykke.com/consent/confirmExplicit
Requested by
Host: samlesamtykke.com
URL: https://samlesamtykke.com/cc.js?wId=6w0jnaNoOPaEK8Y5Vwwd1D&domain=kosevenner.com&languageCode=nb&languageTerritory=NO&sessionId=961e5e380d0a4a3ba58a980023a5ba97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kosevenner.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 11 Jul 2023 12:51:39 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
content-type
application/vnd.api+json
access-control-allow-origin
https://www.kosevenner.com
access-control-allow-credentials
true
content-length
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QXFHHE16V3&gtm=45je37a0&_p=308694675&cid=544871053.1689079898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1689079898&sct=1&seg=0&dl=https%3A%2F%2Fwww.kosevenner.com%2Flanding97%3Fcat%3Dmilf%26pi%3D9598%26pt1%3D35371359%26pe%3D&dt=kosevenner.com&en=scroll&epn.percent_scrolled=90&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.kosevenner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 12:51:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kosevenner.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Lander function| $ function| jQuery function| url object| setRegister object| isMobile object| getUrl object| setInit object| setFmMapper object| setPhoenixMapper object| setMapper object| setApi object| geoDataService object| setTimer object| setImage object| setSearch object| setProfiles object| setEmailPassing object| setAgeSearch object| setBirthDate object| setCity object| setConditions object| setEmail object| setGender object| setLength object| setPassword object| setRegion object| setUsername object| setSso function| startLander object| mediaRegistry object| CollectConsent object| dataLayer boolean| hasSteps boolean| hasMultiStep boolean| hasPopup object| recaptcha object| closure_lm_622296 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

16 Cookies

Domain/Path Name / Value
clicktracker.net/ Name: PHPSESSID
Value: 8b7c72655b05c6ef94323e63b4b036d6
clicktracker.net/ Name: short_9626
Value: 1
.requestlistional.com/ Name: 42482a1a-3272-4a24-8cbb-f9e74e996330-v4
Value: k_50fXRIgDynGVp8JFUgz2R3pJdjShe5dc9ZgJcelBw
.requestlistional.com/ Name: cc-v4
Value: VDiXGSee9OKr5oxsB4avAWMP6FUE%2BINKpgaV6FKOtLaOeq%2BlACdx7xPCw9LbSe4104CEqFwx6%2FNyo7WKOUBIJcViVW%2Fv9SFBNs6be67CrItnxX7HBd26jv2XpJcLE0dgAiRC8W4bk0VkBV26FGxCgw%3D%3D
.thefieldpoint.com/ Name: sid
Value: BYD8BDW2iAKZ9I3KtHUy1sTj2bc6QFtbLkRprJXwivFQSQazE8jnlw==
.thefieldpoint.com/ Name: trk
Value: O6SxVqD/mvmZ9I3KtHUy1sTj2bc6QFtbLkRprJXwivFQSQazE8jnlw==
.thefieldpoint.com/ Name: c4624
Value: BYD8BDW2iAKgKB6hexHnN6LiBiyC/IuxBqyEkDUhAHHAlb2ayWGeZg==
.coogleoffition.com/ Name: 411c1b47-25a6-41d0-9816-1b40ab74d60d-v4
Value: GQbO4IeGy0BUR49jSOrXBnIGyfd2qEkaqueG5LhmdPQ
.coogleoffition.com/ Name: cc-v4
Value: 0qIpWBJNdEA%2B%2FILCZZY8trkmp%2FzFtDsDTurPY3GHMn%2BEiPjWsq%2BfpKzk%2BR0A7GOqxKfJ4mHqMtBxWCvExaq%2BLzraDGomoqfXdxODi8tWEhc5RFgYbylJ%2Bkji9ra0am%2FHIFDDVIVOwilG8V6dJyEMHA%3D%3D
.greenplacetech.com/ Name: sid
Value: 688aPgIyYPWZ9I3KtHUy1sTj2bc6QFtbGtONK28SW410eXz3+3ySlw==
.greenplacetech.com/ Name: trk
Value: en0Rviw0nO+Z9I3KtHUy1sTj2bc6QFtbGtONK28SW410eXz3+3ySlw==
.greenplacetech.com/ Name: c4500
Value: 688aPgIyYPUMMNDtR8NElz7NqYyvzrZS5k+k8uq9GGbAlb2ayWGeZg==
.kosevenner.com/ Name: PHPSESSID
Value: mebev00r6q248aa15iv3guij5a
.kosevenner.com/ Name: system
Value: sessionId%3D61qYHpOpMx017hSzxDgbT%26p%3D1017817%26pi%3Dtypein
.kosevenner.com/ Name: _ga
Value: GA1.1.544871053.1689079898
.kosevenner.com/ Name: _ga_QXFHHE16V3
Value: GS1.1.1689079898.1.0.1689079898.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.samlesamtykke.com
bluefieldshop.com
clicktracker.net
coogleoffition.com
fonts.gstatic.com
greenplacetech.com
landers.cdnware.com
region1.google-analytics.com
requestlistional.com
samlesamtykke.com
thefieldpoint.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.kosevenner.com
18.196.84.70
18.203.53.203
2001:4860:4802:32::36
2606:4700:3031::6815:7b3
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2008
3.126.25.249
34.111.159.168
35.195.163.35
35.227.234.99
52.49.101.188
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
0c72d02f313b546984a0c7e17819d6e89aaa7893c7c3a535f7df9bc787c351f9
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
0d9d0c8095de54c349700e5b6b995eec17fa01ffc2f07f1755cb3b8dc7058236
12149b633a4c4700a785f37d60871857312f1a89e6f0e3912f648612afb42de1
140346138bd391d3fca203fadccf39af63e0acf179ecac4d941111287d9532d6
17497550a5da56d907a2a61d6302d71d0965a7513b5eef32a33c807d0f4b60cd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
257c2013446398ee91557ed07b40b426070e397029a462f2f0baa11402227c7b
27e13538a8d1280153d02e58805cf90a5bacc4f57f315890ec3e2f9a98b6a1b5
2ec2a7b0afe14cd6b30ef80f3bdfdeefee77210164f0cfeb4f215bedd589817b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
478091e0f6a98a1b8d6cb83e41a0faf8e3045f621a4cce59da1f7b7ba235c65a
4927caed672e4a6ab0dec07adfb90e5c15213e562a6873e0943699d82cca467e
4992e82f3d14625ca9a151ae23ccac7b9576cdf6822b633eae3a4712326d9df4
4a703ad00348f8b8807e75ced058b8665620e2a2810bf0a1c1e8b350e4d2f008
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
59c6c7d43be78cd806e529d26ccc0c8b1d122488bf3e9ca691fc1bda8e0d5597
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61d9e87ef7b2d74fddac6a4a67b4baa3116e239f28dbe6276f35c7d612abbb33
70fd4da285205d73772d01745f5a4477293df9ace0cd95093bb572619ed5ef8f
7bcbb9db027f56b18fc2cd63f02d8109a2f5dcf1e227f988847d69c815d13fff
81fba30f9170dc3946abdd66df2aad4b01b34fb46776e6bf12b653c7657a5de9
8888e1b2114c61b4b32632556e774d435b0dbc7271f572c74ab5a61a8672c795
8eee5760a34cbac7b1f49be711b481677c080d1442b062130458078f610efd09
926df5b3a03f2812fe0c5f12bd06406ff22150e5b4adfcefd8c4a8b380d4ffc6
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9d0297f6654601cab029edd4738d740c8bf869c92fef2cbb37df25b9bb361746
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
ab8f5b33989d9e6ac59f6f6e52ddc8efb7b0a6a2d9437836dc153da76d45b8d3
b1fa2e1256cc993c98231aec33d1dea468fcdea8d765a1fce990829b8f1d8086
b872e21729880566aaf85038fdf0f59b35c715aafc9bcda5e13aecb760ece0fb
ba819139f9cc4371be249f975bc305f7692887f70ce1d306b4d1e982ab719e48
bb6acf3191c31c1406b3e005ebaab7fd06d7573e89f9ef226db25a5076269d40
c037a648902c9948fc3a649fe9ade62d5dfa3496f399945aba7d69e1de280ddc
c7c9eb413d5054d3cae2732ef7b8dd1fe9fdf1d28ed9f3d3ffb3fa021552c1dc
cc97cf34970b506da9115aba0e073efdd907be30b1f1a256e69777ecbe0edc71
d4e02dfa1bd03cd275a801d83acadb1c3fdaced7f6ff26abdf36addaeda5d714
dbba65c9cfa96b8e656a7fe76469102b24b209c7d4e313ad52360c10adf673a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7062eac7188d9be49e715e2a82dde8ba39c159632a303db8a0987572cd3290e
e8db9a874a212c3fbb7a9efa056c1c8bb3c08d0b0508d2bf83c0c51ca14a5a3d
e95ee2ccc3b6e9b75b65565d54936582baa69d72e137f9b6a9ee13d2207695c2
eaa9f0c56c4d7f63c8329f2ea88da13993ee42adab24b60c155b4c77c907ff2f
f17621fbf7153843fcd3a6ef97162dc2cd675384097dfb09ad3f1261ea03eb7d
f40c3ae81232417fac4d6faccd3d927ddfecc205cd47e22144140d4a8bc37964
f7b9dc5039c01166d3058d2564887d3ac0c4bacc9b0895d56251f30c3f68a3dd
f7fe5e3869e949aad14ed3e1c98bb115ae97f6e48532fd3b447622ad730d2660
fc2c922ead972f265d71c66b926bc0e63df262f8dc891157a705b0a40a35c6a1