Submitted URL: http://turnmonthgangdef.blo.gg/
Effective URL: https://turnmonthgangdef.blo.gg/
Submission: On December 04 via api from US — Scanned from NL

Summary

This website contacted 24 IPs in 5 countries across 22 domains to perform 67 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is turnmonthgangdef.blo.gg.
TLS certificate: Issued by WE1 on October 8th 2024. Valid for: 3 months.
This is the only time turnmonthgangdef.blo.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 188.114.97.3 13335 (CLOUDFLAR...)
3 142.250.186.34 15169 (GOOGLE)
12 172.67.73.105 13335 (CLOUDFLAR...)
1 3 188.114.96.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 216.58.206.72 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 18.245.86.8 16509 (AMAZON-02)
9 2600:9000:223... 16509 (AMAZON-02)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 142.250.186.35 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:26f0:170... 20940 (AKAMAI-AS...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 34.110.153.55 396982 (GOOGLE-CL...)
2 18.196.84.214 16509 (AMAZON-02)
2 3 3.123.94.209 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
2 2 34.1.230.247 15169 (GOOGLE)
1 52.223.40.198 16509 (AMAZON-02)
1 18.193.248.185 16509 (AMAZON-02)
67 24
Apex Domain
Subdomains
Transfer
15 blogg.se
static.blogg.se
newstats.blogg.se
833 KB
10 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 5292
api.cmp.inmobi.com — Cisco Umbrella Rank: 18916
213 KB
8 blo.gg
turnmonthgangdef.blo.gg
23 KB
5 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
473 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
208 KB
4 lifeofsvea.se
statics.lifeofsvea.se
verity.lifeofsvea.se
36 KB
3 digitalaudience.io
target.digitalaudience.io — Cisco Umbrella Rank: 42661
1 KB
3 lwadm.com
lwadm.com — Cisco Umbrella Rank: 77519
content.lwadm.com — Cisco Umbrella Rank: 132790
175 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3731
932 B
2 adnami.io
macro.adnami.io — Cisco Umbrella Rank: 13510
25 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 12293
515 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
149 B
1 loc.gov
tile.loc.gov — Cisco Umbrella Rank: 71006
292 KB
1 strossle.com
assets.strossle.com — Cisco Umbrella Rank: 105560
14 KB
1 publishme.se
publishme.se
184 B
1 cdnme.se
cdn2.cdnme.se
704 B
1 gstatic.com
fonts.gstatic.com
37 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
64 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 9019
585 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
67 22
Domain Requested by
12 static.blogg.se turnmonthgangdef.blo.gg
9 cmp.inmobi.com turnmonthgangdef.blo.gg
cmp.quantcast.com
cmp.inmobi.com
8 turnmonthgangdef.blo.gg 2 redirects turnmonthgangdef.blo.gg
5 www.googletagmanager.com turnmonthgangdef.blo.gg
www.googletagmanager.com
www.google-analytics.com
3 target.digitalaudience.io 2 redirects lwadm.com
3 newstats.blogg.se turnmonthgangdef.blo.gg
newstats.blogg.se
3 www.google-analytics.com turnmonthgangdef.blo.gg
www.google-analytics.com
3 securepubads.g.doubleclick.net turnmonthgangdef.blo.gg
securepubads.g.doubleclick.net
2 ads.creative-serving.com 2 redirects
2 lwadm.com statics.lifeofsvea.se
lwadm.com
2 macro.adnami.io www.googletagmanager.com
macro.adnami.io
2 www.google.nl turnmonthgangdef.blo.gg
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 region1.google-analytics.com www.googletagmanager.com
2 verity.lifeofsvea.se statics.lifeofsvea.se
2 statics.lifeofsvea.se turnmonthgangdef.blo.gg
1 api.cmp.inmobi.com cmp.inmobi.com
1 match.adsrvr.org turnmonthgangdef.blo.gg
1 content.lwadm.com lwadm.com
1 tile.loc.gov turnmonthgangdef.blo.gg
1 assets.strossle.com www.googletagmanager.com
1 publishme.se turnmonthgangdef.blo.gg
1 cdn2.cdnme.se 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 maxcdn.bootstrapcdn.com static.blogg.se
1 cmp.quantcast.com 1 redirects
1 fonts.googleapis.com turnmonthgangdef.blo.gg
67 28
Subject Issuer Validity Valid
blo.gg
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
lifeofsvea.se
E6
2024-10-07 -
2025-01-05
3 months crt.sh
blogg.se
WE1
2024-11-12 -
2025-02-10
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.nl
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
functions.adnami.io
R11
2024-10-23 -
2025-01-21
3 months crt.sh
strossle.com
Amazon RSA 2048 M03
2024-06-23 -
2025-07-22
a year crt.sh
loc.gov
E6
2024-11-26 -
2025-02-24
3 months crt.sh
newstats.blogg.se
WR3
2024-11-02 -
2025-01-31
3 months crt.sh
lwadm.com
Amazon RSA 2048 M02
2024-11-21 -
2025-12-20
a year crt.sh
*.digitalaudience.io
Amazon RSA 2048 M03
2024-11-17 -
2025-12-17
a year crt.sh
*.lwadm.com
Amazon RSA 2048 M02
2024-10-16 -
2025-11-15
a year crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA
2024-07-31 -
2025-07-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://turnmonthgangdef.blo.gg/
Frame ID: 9B4B2F10C60A0923A62375B75BDB6430
Requests: 66 HTTP requests in this frame

Screenshot

Page Title

turnmonthgangdef.blo.gg -

Page URL History Show full URLs

  1. http://turnmonthgangdef.blo.gg/ HTTP 307
    https://turnmonthgangdef.blo.gg/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

94 %
HTTPS

46 %
IPv6

22
Domains

28
Subdomains

24
IPs

5
Countries

2414 kB
Transfer

5554 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://turnmonthgangdef.blo.gg/ HTTP 307
    https://turnmonthgangdef.blo.gg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://cmp.quantcast.com/choice/6nBT95t9H0vM1/blogg.se/choice.js HTTP 301
  • https://cmp.inmobi.com/choice/6nBT95t9H0vM1/blogg.se/choice.js?tag_version=V2
Request Chain 33
  • https://turnmonthgangdef.blo.gg/profile.jpg HTTP 302
  • https://cdn2.cdnme.se/cdn/6-2/4918604/profile.jpg HTTP 302
  • https://publishme.se/static/img/default_avatar.png
Request Chain 51
  • https://target.digitalaudience.io/bakery/input/d?pubid=dap_210326&cart=2&c=1 HTTP 302
  • https://ads.creative-serving.com/cm?redir=https%3a%2f%2ftarget.digitalaudience.io%2fbakery%2fsync%3fcode%3d140%26pub%3ddap_210326%26daid%3db9019993847044a68315ac1dbf01beb2%26syncid%3d%24%7bUUID%7d%26gdpr%3d%26gdpr_consent%3d HTTP 302
  • https://ads.creative-serving.com/ul_cb/cm?redir=https%3a%2f%2ftarget.digitalaudience.io%2fbakery%2fsync%3fcode%3d140%26pub%3ddap_210326%26daid%3db9019993847044a68315ac1dbf01beb2%26syncid%3d%24%7bUUID%7d%26gdpr%3d%26gdpr_consent%3d HTTP 302
  • https://target.digitalaudience.io/bakery/sync?code=140&pub=dap_210326&daid=b9019993847044a68315ac1dbf01beb2&syncid=a79ee230-953e-4bda-93da-5835cf15f60a&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9no7utq&ttd_tpi=1&gdpr=&gdpr_consent=
Request Chain 64
  • https://turnmonthgangdef.blo.gg/favicon.ico HTTP 302
  • https://turnmonthgangdef.blo.gg/static/favicon.ico

67 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
turnmonthgangdef.blo.gg/
Redirect Chain
  • http://turnmonthgangdef.blo.gg/
  • https://turnmonthgangdef.blo.gg/
35 KB
10 KB
Document
General
Full URL
https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f4c132f7b41572ad7171387b79f68719a1678baa2a0c9a1c17670869c5b1df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ecbc4bf5a1a5c45-AMS
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 12:23:36 GMT
last-modified
Wed, 04 Dec 2024 12:23:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gY0k2BTDXWKLGWQDypQZO%2B3dYrH4eHjq7H6NcEdhMr3UdmQcTNS%2BCVVTn%2B7ajtGnV4lNu8Kg1bqI28eIVZKsx8eb5pbfzm87YwVMR%2F0%2Bxi%2BQ06IquX1L5f6AAE0f%2B1ss61d9kdSm1YF7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15002&min_rtt=14520&rtt_var=2864&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4490&delivery_rate=688&cwnd=12000&unsent_bytes=0&cid=3f46b6eab313fb7e&ts=473&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
via
1.1 varnish
x-blog-id
6020201bddf2b320ba134bfc
x-cache
MISS from cache3
x-cf-connecting-ip
31.204.150.147
x-client-ip
127.0.0.1
x-front-cache-server
cache3
x-https-by
cache3
x-module
pubmongo@labor2
x-passed
cache3
x-real-ip
31.204.150.147
x-served-by
labor2
x-varnish
1230961435

Redirect headers

Location
https://turnmonthgangdef.blo.gg/
Non-Authoritative-Reason
HttpsUpgrades
gpt.js
securepubads.g.doubleclick.net/tag/js/
103 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c68684e78a22728ce795a4ce787f3a45cd14ce112598275246f917a085642e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
br
etag
203 / 20061 / 31089181 / config-hash: 11279109272543883697
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33400
x-xss-protection
0
server
cafe
blogg.min.js
statics.lifeofsvea.se/production/borka/
41 KB
14 KB
Script
General
Full URL
https://statics.lifeofsvea.se/production/borka/blogg.min.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c957b5da858a6c3631e9d74d5ad1f479ce7dd32635930701decf05a9ade91ac1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1613112117
x-goog-hash
crc32c=Q7wOiQ==, md5=FcVm2ZnOPUMDRNE64aJ3gw==
cf-cache-status
HIT
etag
W/"15c566d999ce3d430344d13ae1a27783"
age
454
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q232VppQP%2FHv1Zj5VdCtHZCiXosuPlU%2FD%2B9hkkwhfWjBuuGUZT2vNMxCWQG27d6%2FuQ5M6BgYz8C%2FP%2FKkSIFKwbvlbsUllJy0%2BPyA2OFaZ2ROgdIrzctGe0ZdBoitnMsrKP6W3HKmT74%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 04 Dec 2024 12:16:02 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
41709
server-timing
cfL4;desc="?proto=QUIC&rtt=16092&min_rtt=16000&rtt_var=6066&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4078&recv_bytes=4327&delivery_rate=159854&cwnd=12000&unsent_bytes=0&cid=98060b7b16b2aa08&ts=99&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/javascript
last-modified
Fri, 12 Feb 2021 06:48:56 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7hLW5vsBtRYjuXEXtuSvU7bzWljARs6ECHNy5bxWBltqsQgAAQ4vej2_pYtgb14DF3NxWqmzciYw
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
REGIONAL
cf-ray
8ecbc4c39d1766af-AMS
x-goog-generation
1613112536595930
server
cloudflare
blogg.min.js
statics.lifeofsvea.se/production/losjs/
69 KB
20 KB
Script
General
Full URL
https://statics.lifeofsvea.se/production/losjs/blogg.min.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0499e2ed5da7c300f6e5cc6d2023808225b9e055bd9f61404a781a48ba8948ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=fGms8Q==, md5=IqntXHCeac5nARmBcHtvIg==
cf-cache-status
HIT
etag
W/"22a9ed5c709e69ce67011981707b6f22"
age
453
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h3Ue3HD0tgnNhcKkJGvPqzwqvMGAXfwEliCOypKz9zj1gFxip5VmVc0L9vBbxfn%2BZjXlg0xbJBgNzJVRDN2Pr%2FU0np7IjTnA2DtM5S2ozY1zmM89FjdBgm%2FEXLoQe3IATAUJO%2BwvOvY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 04 Dec 2024 12:16:03 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
70957
server-timing
cfL4;desc="?proto=QUIC&rtt=24482&min_rtt=16000&rtt_var=10231&sent=29&recv=18&lost=3&retrans=3&sent_bytes=22190&recv_bytes=5017&delivery_rate=246709&cwnd=8400&unsent_bytes=0&cid=98060b7b16b2aa08&ts=159&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 09:36:44 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7OVBVyLNCNBpmGfeYmoWVwRyAiu1PJXi9RPFzDFm0RB6-Po1py5Vrw_FLQPoVJN_g8YRAvodpHow
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
REGIONAL
cf-ray
8ecbc4c3ed8666af-AMS
x-goog-generation
1727775404619720
server
cloudflare
jquery-1.9.1.min.js
static.blogg.se/shared/js/
90 KB
33 KB
Script
General
Full URL
https://static.blogg.se/shared/js/jquery-1.9.1.min.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache1
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5a0c1a14-169d5"
age
2127
x-passed
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggaIB3kZ%2FfqJGo7LQkvuiIZcARMHjdaYg6AI8ARgJtEGVDDQvi3bTYocDL%2FHdYMqJkOdcgT%2BCfTG6b5NzKF6F67QdRoa5UjRZvExRBHmiuN5o3TTWBJm5VSt%2BVzQRQ3wuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
307966345 307652002
alt-svc
h3=":443"; ma=86400
x-cache
HIT from cache1
server-timing
cfL4;desc="?proto=QUIC&rtt=17930&min_rtt=15982&rtt_var=6057&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4279&recv_bytes=4417&delivery_rate=25764&cwnd=12000&unsent_bytes=0&cid=aff113662ecffc29&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/x-javascript
last-modified
Wed, 15 Nov 2017 10:42:28 GMT
vary
Accept-Encoding
x-client-ip
35.191.41.252
x-served-by
labor2
priority
u=1,i=?0
x-real-ip
217.25.247.57
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c43ddf96ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
32819
x-cf-connecting-ip
173.239.254.75
server
cloudflare
classify
verity.lifeofsvea.se/api/
74 B
700 B
Fetch
General
Full URL
https://verity.lifeofsvea.se/api/classify?url=https%3A%2F%2Fturnmonthgangdef.blo.gg
Requested by
Host: statics.lifeofsvea.se
URL: https://statics.lifeofsvea.se/production/losjs/blogg.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04df0d5c32a644f7fbdc04fed82a2057c17c9aac5f0c2d41852a8fdf92b30fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4gjtOfjkKocoxu6kRCWIPncGiLvWvhR%2BLWZdY4xypXsxMgqjb%2F1RG6G0AIy3u0AygP1kO3BrqcsHw66ufeCPW%2FrvjpNeVEJqCmb1rDOZGnLvS3RKWiyrNrgDOdO3Qxu0r73y%2FX9Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8ecbc4c4ad369f7e-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17977&min_rtt=17096&rtt_var=3181&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4823&recv_bytes=4858&delivery_rate=16781&cwnd=12000&unsent_bytes=0&cid=f09dc09e783494ad&ts=310&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
get
verity.lifeofsvea.se/api/
74 B
730 B
Fetch
General
Full URL
https://verity.lifeofsvea.se/api/get?url=https%3A%2F%2Fturnmonthgangdef.blo.gg
Requested by
Host: statics.lifeofsvea.se
URL: https://statics.lifeofsvea.se/production/losjs/blogg.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04df0d5c32a644f7fbdc04fed82a2057c17c9aac5f0c2d41852a8fdf92b30fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtkwpR89G4tUkV4Hb%2BQPuNplkvif0WDNGpR3YSrL8KeAADrCxKNuA9ZgiHXpKD8r1u69SpoxKiPpje7xH1yAovTjKLE9PpdowhCK0%2B0F8CYQMH8CXxsfiLikeQQ3HWueyjigymHWQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8ecbc4c4ad379f7e-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17706&min_rtt=17096&rtt_var=3520&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4070&recv_bytes=4814&delivery_rate=646&cwnd=12000&unsent_bytes=0&cid=f09dc09e783494ad&ts=187&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
gtm.js
www.googletagmanager.com/
217 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRFC9HS
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf9f5b24a6d460560bbb83076db9a4458120c21892fdc3f83157b0897a05d0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 04 Dec 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77540
x-xss-protection
0
server
Google Tag Manager
style.css
turnmonthgangdef.blo.gg/
4 KB
2 KB
Stylesheet
General
Full URL
https://turnmonthgangdef.blo.gg/style.css
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1144c13e382a9771c351827e31e18d6e51774f334bf80bf6181199312524212a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache1
content-encoding
gzip
cf-cache-status
MISS
etag
W/"675c1fe70aa506c17eb87a59cbc6c8db"
x-https-by
cache1
x-module
pubmongo@labor1
x-passed
cache1,cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SzG5aeplXRHdEOopm%2FW06zuP67Hi7LnEmKP0tD7l7QoFg1QIL5QXOithgDaEPU0tlS3hpjZ7J4AmJmSlb4nkt7oGK5mfQRVP0GIKFCJIlKMre6k0DYC9%2FF3BG8lpaR7mdUNvt5qRzIGVWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1230961521, 310225071
alt-svc
h3=":443"; ma=86400
x-cache
MISS from cache1, MISS from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=15219&min_rtt=14520&rtt_var=989&sent=21&recv=16&lost=0&retrans=0&sent_bytes=14484&recv_bytes=5052&delivery_rate=676500&cwnd=12000&unsent_bytes=0&cid=3f46b6eab313fb7e&ts=1139&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
last-modified
Wed, 04 Dec 2024 12:23:36 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-client-ip
127.0.0.1
x-served-by
labor1
x-blog-id
6020201bddf2b320ba134bfc
priority
u=0,i=?0
x-real-ip
31.204.150.147
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 varnish
cf-ray
8ecbc4c4cefa5c45-AMS
accept-ranges
bytes
content-length
1289
x-cf-connecting-ip
31.204.150.147
server
cloudflare
api.js
static.blogg.se/shared/js/
10 KB
4 KB
Script
General
Full URL
https://static.blogg.se/shared/js/api.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4645bb301c2a3997fe5acf4690202cb34db568d9bd538070e8936985aad96bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5ce50efb-2940"
age
4193
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sCQpB%2BBGRNbT6%2FvjgDWy%2FBa%2BP0WEqwPHWleQbXYraL7yRaryQmijbTtzAolCiliuoClAynszuf7bWd4O3wXaUbPEJhCkaOAUEGfjB0gQyOojcGursh7mJubaYdQ5PhI1lw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1230433466 1229984409
alt-svc
h3=":443"; ma=86400
x-cache
HIT from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=18804&min_rtt=15982&rtt_var=1465&sent=43&recv=26&lost=0&retrans=0&sent_bytes=38784&recv_bytes=5359&delivery_rate=929974&cwnd=27600&unsent_bytes=0&cid=aff113662ecffc29&ts=138&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/x-javascript
last-modified
Wed, 22 May 2019 08:57:31 GMT
vary
Accept-Encoding
x-client-ip
35.191.25.138
x-served-by
labor1
priority
u=1,i=?0
x-real-ip
241.6.176.217
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c4ceb196ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
3439
x-cf-connecting-ip
54.218.126.151
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/
492 KB
152 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js?cb=31089181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
br
etag
1421939719645060458
age
6706
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 10:31:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 04 Dec 2024 10:31:50 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155913
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
316 KB
106 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JVWJCF404S&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRFC9HS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec9d76a411cc98a810c61a254a615366e4509ccf5e3f4cecbeeaa7905b7efbdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108233
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
275 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KGM8S3RG3V&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRFC9HS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2014b1b3a2e0daf9ee9ff768af5d45aee567681be9782c07446acffea9054d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98326
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
277 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XLBWNZ3X10&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRFC9HS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2710e6a4846d6fccae52622eb0d72f8f48e46ebb3b4f267b2f6e34b03014d40c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98801
x-xss-protection
0
server
Google Tag Manager
style.css
static.blogg.se/themes/sweet-vanilla/assets/css/
142 KB
23 KB
Stylesheet
General
Full URL
https://static.blogg.se/themes/sweet-vanilla/assets/css/style.css
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329738d29aa827818a253e0a2fa2f2cd7401c37101b08cb621ea8c1422623da1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache1
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5891a451-2386f"
age
3128
x-passed
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xj3WTD1WUYyopBNe4j9lbH1PU69UDb%2FifLiPBPCwoZBc19xzmhbQV7GHX5IoGNUpeDJ9%2BJ2l75FYBn9AdbDL4qrX%2F86N10W2t16yD%2BnGGBp1nuR2PDgLrcOL4mueY6RVqg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
309217144 308727878
alt-svc
h3=":443"; ma=86400
x-cache
HIT from cache1
server-timing
cfL4;desc="?proto=QUIC&rtt=18259&min_rtt=15982&rtt_var=1767&sent=48&recv=29&lost=0&retrans=0&sent_bytes=43228&recv_bytes=5775&delivery_rate=168404&cwnd=27600&unsent_bytes=0&cid=aff113662ecffc29&ts=470&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
text/css
last-modified
Wed, 01 Feb 2017 09:03:13 GMT
vary
Accept-Encoding
x-client-ip
35.191.41.252
x-served-by
labor2
priority
u=0,i=?0
x-real-ip
94.191.153.63
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c6d9c496ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
22977
x-cf-connecting-ip
206.204.12.36
server
cloudflare
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
593cb6a99ee681518baa0300381b64e7831df168d763b0d756643372674b5cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 11:15:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JVWJCF404S&gtm=45je4bk0v9104663663z8813462672za200zb813462672&_p=1733315016433&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1372570826.1733315017&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733315016&sct=1&seg=0&dl=https%3A%2F%2Fturnmonthgangdef.blo.gg%2F&dt=turnmonthgangdef.blo.gg%20-&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1367
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JVWJCF404S&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://turnmonthgangdef.blo.gg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
text/plain
server
Golfe2
jquery.fitvids.min.js
static.blogg.se/themes/js/
2 KB
2 KB
Script
General
Full URL
https://static.blogg.se/themes/js/jquery.fitvids.min.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e707c54d9e6c4c1c4d72b6cb94027a2657b269f372d739df5dd9c4bbb886e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
content-encoding
gzip
cf-cache-status
HIT
etag
W/"589c4cc0-76b"
age
3419
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znop%2FvgRlccEfMzDUO6LsTZdEqjuDr49KlP6LAW0JikywxqwaLRs3pwRKD6gWIBCy6URi7AG6T%2B%2BPhr5oQRq%2BMfOjSwqXAGw5gBTABdvSkWR%2FG2hSUltcP6bfg8IYJ6KrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1230518795
alt-svc
h3=":443"; ma=86400
x-cache
MISS from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=20443&min_rtt=15982&rtt_var=1516&sent=70&recv=41&lost=0&retrans=0&sent_bytes=67620&recv_bytes=6558&delivery_rate=764470&cwnd=27600&unsent_bytes=0&cid=aff113662ecffc29&ts=587&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/x-javascript
last-modified
Thu, 09 Feb 2017 11:04:32 GMT
vary
Accept-Encoding
x-client-ip
35.191.13.200
x-served-by
labor3
priority
u=1,i=?0
x-real-ip
246.79.112.181
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c79ac096ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
815
x-cf-connecting-ip
246.79.112.181
server
cloudflare
jquery.slider.js
static.blogg.se/themes/js/
182 B
1 KB
Script
General
Full URL
https://static.blogg.se/themes/js/jquery.slider.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c34613a81bc68044323fd6416e745ee3adc83120629abf53aa9a7307585e0b90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache1
content-encoding
gzip
cf-cache-status
HIT
etag
W/"56389a1b-b6"
age
4269
x-passed
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyxWrhlTsw5NwVG2PkICQpaGIprSmMCzIlnhmCAcPbEULUcBujFqggclG07poQA5Aw4dkHNXJGEpwB1uD3BJrB8nH9NfBBYCXLIaQREMOOWOsuEKhUwdynoq5GEfq5HPnw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
309653891 309534006
alt-svc
h3=":443"; ma=86400
x-cache
HIT from cache1
server-timing
cfL4;desc="?proto=QUIC&rtt=19246&min_rtt=15302&rtt_var=2926&sent=74&recv=44&lost=1&retrans=0&sent_bytes=69408&recv_bytes=6954&delivery_rate=113768&cwnd=27600&unsent_bytes=0&cid=aff113662ecffc29&ts=618&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Nov 2015 11:27:23 GMT
vary
Accept-Encoding
x-client-ip
35.191.27.107
x-served-by
labor1
priority
u=1,i=?0
x-real-ip
90.143.241.42
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c7cb0c96ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
156
x-cf-connecting-ip
212.58.103.57
server
cloudflare
main-min.js
static.blogg.se/themes/sweet-vanilla/assets/js/min/
229 KB
63 KB
Script
General
Full URL
https://static.blogg.se/themes/sweet-vanilla/assets/js/min/main-min.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef25c138c9223b60ed5a068cad04ef59535694efc4b16c4869d8e5de4fca3b1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
content-encoding
gzip
cf-cache-status
HIT
etag
W/"57e5141e-394c4"
age
350
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8hkHZnqwVcq26YBNkVahkX4gxjtlxJzHOhGs8aQvOuCtlDrXLtMiM10puJXuGOqmlGgtqCyL76jqhpueQ%2FGcn3qrJCmBB7aooUUBUGK9j5bEX3uiO4BWBe0ZIOLg40dKsA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1229992929 1229954881
alt-svc
h3=":443"; ma=86400
x-cache
HIT from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=19335&min_rtt=15302&rtt_var=2372&sent=76&recv=45&lost=1&retrans=0&sent_bytes=70491&recv_bytes=7279&delivery_rate=27446&cwnd=27600&unsent_bytes=0&cid=aff113662ecffc29&ts=656&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
application/x-javascript
last-modified
Fri, 23 Sep 2016 11:38:06 GMT
vary
Accept-Encoding
x-client-ip
35.191.20.66
x-served-by
labor1
priority
u=1,i=?0
x-real-ip
94.191.153.63
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c7fb5296ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
63777
x-cf-connecting-ip
104.252.31.249
server
cloudflare
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KGM8S3RG3V&gtm=45je4bk0v9125451393z8813462672za200zb813462672&_p=1733315016433&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1372570826.1733315017&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733315016&sct=1&seg=0&dl=https%3A%2F%2Fturnmonthgangdef.blo.gg%2F&dt=turnmonthgangdef.blo.gg%20-&en=page_view&_fv=1&_ss=1&tfd=1468
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KGM8S3RG3V&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://turnmonthgangdef.blo.gg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:36 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
48 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KGM8S3RG3V&cid=1372570826.1733315017&gtm=45je4bk0v9125451393z8813462672za200zb813462672&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KGM8S3RG3V&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://turnmonthgangdef.blo.gg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.nl/ads/
42 B
107 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KGM8S3RG3V&cid=1372570826.1733315017&gtm=45je4bk0v9125451393z8813462672za200zb813462672&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=1110719283
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 04 Dec 2024 12:23:37 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XLBWNZ3X10&gtm=45je4bk0v9126186108z8813462672za200zb813462672&_p=1733315016433&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1372570826.1733315017&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733315016&sct=1&seg=0&dl=https%3A%2F%2Fturnmonthgangdef.blo.gg%2F&dt=turnmonthgangdef.blo.gg%20-&en=page_view&_fv=1&_ss=1&tfd=1491
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XLBWNZ3X10&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://turnmonthgangdef.blo.gg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
551 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XLBWNZ3X10&cid=1372570826.1733315017&gtm=45je4bk0v9126186108z8813462672za200zb813462672&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XLBWNZ3X10&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://turnmonthgangdef.blo.gg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.nl/ads/
42 B
408 B
Image
General
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XLBWNZ3X10&cid=1372570826.1733315017&gtm=45je4bk0v9126186108z8813462672za200zb813462672&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&tag_exp=101925629~102067555~102067808~102081485&z=1930936776
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 04 Dec 2024 12:23:37 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
choice.js
cmp.inmobi.com/choice/6nBT95t9H0vM1/blogg.se/
Redirect Chain
  • https://cmp.quantcast.com/choice/6nBT95t9H0vM1/blogg.se/choice.js
  • https://cmp.inmobi.com/choice/6nBT95t9H0vM1/blogg.se/choice.js?tag_version=V2
3 KB
2 KB
Script
General
Full URL
https://cmp.inmobi.com/choice/6nBT95t9H0vM1/blogg.se/choice.js?tag_version=V2
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ffe2f02a450d01ae954088390a44062095d3bec52ce8d9673394c7d14fe5a67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control
max-age=900
content-encoding
br
etag
W/"308f5916ff03f41fbe7441e8413afda5"
age
3
cross-origin-resource-policy
cross-origin
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
C8f_E_2W-x0AzAOV8KfiVQjsjrP7joKj1G5EB3ADw68UiuC0vlU_Bw==
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/javascript
last-modified
Tue, 04 Jun 2024 07:26:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
x-amz-server-side-encryption
AES256

Redirect headers

etag
"2f11c2b4130d20ff41de73807b4ed8f5"
age
3
x-cache
Hit from cloudfront
x-amz-cf-id
0-dpmxjpIjHdLdEIM2IYSgJdiYq965Qk7uDRmGISvuxtWu1Xs-s7Yg==
date
Wed, 04 Dec 2024 12:23:35 GMT
last-modified
Wed, 15 Nov 2023 19:12:40 GMT
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control
max-age=3600
location
https://cmp.inmobi.com/choice/6nBT95t9H0vM1/blogg.se/choice.js?tag_version=V2
cross-origin-resource-policy
cross-origin
via
1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
0
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-website-redirect-location
https://cmp.inmobi.com/choice/6nBT95t9H0vM1/blogg.se/choice.js?tag_version=V2
x-amz-server-side-encryption
AES256
bg3.jpg
static.blogg.se/themes/sweet-vanilla/assets/img/
203 KB
204 KB
Image
General
Full URL
https://static.blogg.se/themes/sweet-vanilla/assets/img/bg3.jpg
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802fe282b06c838f751a28018d9626762a8b319dd3f1acbf332d60faaefc4ab8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache1
cf-bgj
imgq:85,h2pri
etag
"57e5141e-5c11d"
age
2849
cf-cache-status
HIT
x-passed
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eI9BJLMgNIoCLH7aYBYGg6GCZ4LGP%2Fy92Y7IqTaixOPA3m1ILWdYyUT8EL%2BXKBTCbtr%2Bj0Nv1Lcd6NHVqew%2BtxenqGoKkpdy2FYFTWzD%2FvaFF4jr874BXUotSrokvw1RfA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
309361942
cf-polished
qual=85, origFmt=jpeg, origSize=377117
x-cache
MISS from cache1
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
image/webp
content-disposition
inline; filename="bg3.webp"
vary
Accept
last-modified
Fri, 23 Sep 2016 11:38:06 GMT
x-client-ip
35.191.27.104
priority
u=3,i
x-served-by
labor2
server-timing
cfL4;desc="?proto=QUIC&rtt=16935&min_rtt=14711&rtt_var=837&sent=144&recv=67&lost=1&retrans=0&sent_bytes=148644&recv_bytes=9518&delivery_rate=1256296&cwnd=54000&unsent_bytes=0&cid=aff113662ecffc29&ts=728&x=1", cfExtPri, cfHdrFlush;dur=17
cache-control
public, max-age=14400
x-real-ip
188.150.74.227
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c87c3696ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
207554
x-cf-connecting-ip
188.150.74.227
server
cloudflare
bg2.jpg
static.blogg.se/themes/sweet-vanilla/assets/img/
348 KB
349 KB
Image
General
Full URL
https://static.blogg.se/themes/sweet-vanilla/assets/img/bg2.jpg
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb275fb1d85e45ab418a40afc804b7894d47b13ad2c9eb6851d596ec1f62c601

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
cf-bgj
imgq:85,h2pri
etag
"57e5141e-90de5"
age
3128
cf-cache-status
HIT
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFnhHJZRETAOhpPVczdT46euO3UOZjKMCKPKif%2FP2SwufvHXaHlNNPmQ2Jik0d7fcNnbP61wYH01Qe6SN75ShqKI0It8bMEn%2FRNfBRi3GxFSBkfRgDhi1MYgAteP95opKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1230561356 1230419028
cf-polished
degrade=85, origSize=593381, status=webp_bigger
x-cache
HIT from cache3
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
image/jpeg
last-modified
Fri, 23 Sep 2016 11:38:06 GMT
x-served-by
labor1
x-client-ip
35.191.20.66
priority
u=3,i
vary
Accept-Encoding
server-timing
cfL4;desc="?proto=QUIC&rtt=16935&min_rtt=14711&rtt_var=837&sent=179&recv=67&lost=1&retrans=0&sent_bytes=190644&recv_bytes=9518&delivery_rate=1256296&cwnd=54000&unsent_bytes=0&cid=aff113662ecffc29&ts=729&x=1", cfExtPri, cfHdrFlush;dur=17
cache-control
public, max-age=14400
x-real-ip
62.88.128.42
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c87c3996ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
355857
x-cf-connecting-ip
193.69.134.11
server
cloudflare
bg1.jpg
static.blogg.se/themes/sweet-vanilla/assets/img/
82 KB
83 KB
Image
General
Full URL
https://static.blogg.se/themes/sweet-vanilla/assets/img/bg1.jpg
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5fb71064c4a75d61a89a161ff0149c496e5e6f470619d96a3bf092254d2746

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache1
cf-bgj
imgq:85,h2pri
etag
"57e51456-28423"
age
2849
cf-cache-status
HIT
x-passed
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZ1tdjYgRKHr8TMqgekBctkpbRFAeSyZfJTLalOh5GWutXYiimpoiz5UZipfnyNxO%2FRpxYJ6smW9Kxe%2FOzDh%2BLZdf%2BcGxRV13nxGGV9EvazY%2B%2FqbW6J8dEOLNKkmwJ7ZWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
309851973
cf-polished
qual=85, origFmt=jpeg, origSize=164899
x-cache
MISS from cache1
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
image/webp
content-disposition
inline; filename="bg1.webp"
vary
Accept
last-modified
Fri, 23 Sep 2016 11:39:02 GMT
x-client-ip
35.191.14.52
priority
u=3,i
x-served-by
labor3
server-timing
cfL4;desc="?proto=QUIC&rtt=16935&min_rtt=14711&rtt_var=837&sent=134&recv=67&lost=1&retrans=0&sent_bytes=136644&recv_bytes=9518&delivery_rate=1256296&cwnd=54000&unsent_bytes=0&cid=aff113662ecffc29&ts=727&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
public, max-age=14400
x-real-ip
31.204.150.147
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c87c3a96ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
84180
x-cf-connecting-ip
31.204.150.147
server
cloudflare
Montserrat-ExtraLight.otf
static.blogg.se/themes/sweet-vanilla/fonts/
49 KB
34 KB
Font
General
Full URL
https://static.blogg.se/themes/sweet-vanilla/fonts/Montserrat-ExtraLight.otf
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559e9680afb2d507778c245eacbcb7cad8b282b7ce0f8f06721cf8a63af5b205

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://turnmonthgangdef.blo.gg
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
content-encoding
gzip
cf-cache-status
MISS
etag
W/"57e5141e-c538"
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mtM%2Fby0QCFxWFuoKbHnyRqybNfTB%2Fsoup%2BceiYUondMsQPHPb%2BFJWL1wFgvTmvjl56Y%2B%2Bz3KRqjJnEKLDMZK19wFDSjlG%2B0FIv%2B9l%2BuIA1vY2ozUeLZR%2FLET9jlZ7Cv69w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1230961587 1230917212
alt-svc
h3=":443"; ma=86400
x-cache
HIT from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=18555&min_rtt=15176&rtt_var=5910&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2259&recv_bytes=4526&delivery_rate=38348&cwnd=12000&unsent_bytes=0&cid=f5fdfd8531dfcdd8&ts=59&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/x-font-opentype
last-modified
Fri, 23 Sep 2016 11:38:06 GMT
vary
Accept-Encoding
x-client-ip
35.191.14.50
x-served-by
labor1
priority
u=0,i=?0
x-real-ip
31.204.150.147
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c8af5cd5a3-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
33523
x-cf-connecting-ip
194.47.217.109
server
cloudflare
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/
63 KB
64 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: static.blogg.se
URL: https://static.blogg.se/themes/sweet-vanilla/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://turnmonthgangdef.blo.gg
Referer
https://static.blogg.se/

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"4b5a84aaf1c9485e060c503a0ff8cadb"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat
11/11/2024 14:09:43
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d6b8dc343e94a4bdc3772cd5cebaa26a
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8ecbc4c8abd766bb-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
64464
cdn-edgestorageid
852
server
cloudflare
cdn-requestcountrycode
US
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://turnmonthgangdef.blo.gg
Referer
https://fonts.googleapis.com/

Response headers

age
78124
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 14:41:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:41:33 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
logo-small.png
static.blogg.se/themes/sweet-vanilla/assets/img/
1 KB
2 KB
Image
General
Full URL
https://static.blogg.se/themes/sweet-vanilla/assets/img/logo-small.png
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e67c153a046b0a2a7aec4e91258317153494d0669566d09cc3768723c2f539

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache1
cf-bgj
imgq:85,h2pri
etag
"57e5141e-5d6"
age
1396
cf-cache-status
HIT
x-passed
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ko54DYB8c7zpQZdxwOmzlRatliXg5xRLTFs8Kflb1c9MqjqwqRj0i4ix7%2B9Dop1J0fz24LfiNvDTgxivNGwR8bbWgX40WN8lQiE8o4xvNqYC2Q5aPYZsHm%2FtWhpgermcww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
307194754
cf-polished
origFmt=png, origSize=1494
x-cache
MISS from cache1
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
image/webp
content-disposition
inline; filename="logo-small.webp"
vary
Accept
last-modified
Fri, 23 Sep 2016 11:38:06 GMT
x-client-ip
35.191.25.138
priority
u=3,i
x-served-by
labor1
server-timing
cfL4;desc="?proto=QUIC&rtt=16935&min_rtt=14711&rtt_var=837&sent=179&recv=67&lost=1&retrans=0&sent_bytes=190644&recv_bytes=9518&delivery_rate=1256296&cwnd=54000&unsent_bytes=0&cid=aff113662ecffc29&ts=741&x=1", cfExtPri, cfHdrFlush;dur=5
cache-control
public, max-age=14400
x-real-ip
248.236.36.44
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c87c4b96ec-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
1264
x-cf-connecting-ip
248.236.36.44
server
cloudflare
default_avatar.png
publishme.se/static/img/
Redirect Chain
  • https://turnmonthgangdef.blo.gg/profile.jpg
  • https://cdn2.cdnme.se/cdn/6-2/4918604/profile.jpg
  • https://publishme.se/static/img/default_avatar.png
184 B
184 B
Image
General
Full URL
https://publishme.se/static/img/default_avatar.png
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Server
2606:4700:20::681a:5ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95fd93151c6d11425c4f0bde946f59870bc13f1c5587c132cc8ddbfda97cd02c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7NHnZRVOF6cjG9cuhPZUh3Ir5G6iL%2Bmiw1%2Fz8nExb3%2Fo1a%2FX0OKQqtRH5llyZWCe7YxDlrqMyaqdt1a58s4U06YoOaSUKXQ9Q3xDzvTSj8KG0H%2FEA1%2FRnCx2kq4JEXKpCmcthzQjhXpCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ecbc4ca9efab746-AMS
server-timing
cfL4;desc="?proto=TCP&rtt=16090&min_rtt=14799&rtt_var=4417&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3988&recv_bytes=2269&delivery_rate=261035&cwnd=252&unsent_bytes=0&cid=36784da358bac1ea&ts=37&x=0"
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://publishme.se/static/img/default_avatar.png
cf-cache-status
BYPASS
x-https-by
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fJYxxCp5z7Ry8Vks1zsiHr3vYlhhTDuIrOl2u8b%2F%2BgUFYTKTkao%2BhI2W2e7KwUCEaeBISC4fY9h1qGBFk8jar79TzWF7VguydTxYvN%2FPEGqJMdo4fBkotCh31OhjRtk"}],"group":"cf-nel","max_age":604800}
cf-ray
8ecbc4c95a42b91a-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20220&min_rtt=17187&rtt_var=8698&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4038&recv_bytes=4449&delivery_rate=685&cwnd=12000&unsent_bytes=0&cid=e9deafa98844e02a&ts=156&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
adsm.macro.841e04b3-8417-407f-bc19-65f9be2759ea.js
macro.adnami.io/macro/spec/
16 KB
4 KB
Script
General
Full URL
https://macro.adnami.io/macro/spec/adsm.macro.841e04b3-8417-407f-bc19-65f9be2759ea.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRFC9HS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a190 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
9e91b8d1c29290d2d75e4c7f59de2d36da934c480770c24da6560560ffc776e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-md5
6k10zli+7t72dwjVM58DxQ==
cache-control
max-age=6127
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DABB71CA1762DC
content-encoding
gzip
x-ms-request-id
2d25a22f-801e-00a5-79b8-405b3c000000
access-control-allow-origin
*
content-length
4155
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/javascript
last-modified
Mon, 31 Oct 2022 18:57:42 GMT
vary
Accept-Encoding
x-ms-blob-type
BlockBlob
strossle-widget-sdk.js
assets.strossle.com/strossle-widget-sdk/1/
52 KB
14 KB
Script
General
Full URL
https://assets.strossle.com/strossle-widget-sdk/1/strossle-widget-sdk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRFC9HS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d600:19:1c05:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0ebaf8961b53231380502930d6564c243452a2763691bd66167a1c9d62062eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

vary
Accept-Encoding
cache-control
max-age=1800
content-encoding
gzip
x-amz-version-id
4pBwDwp_1BjlRG4vTMQfC4L6.iZ6Psqb
etag
W/"c9bbca5f6ae3644a74b995f44d934e14"
age
1283
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
z4B8zFGrdyG6Ne2Fb68QGeIsOgtEyutem0oZN0sb3BmGofH2h5wbOw==
date
Wed, 04 Dec 2024 12:02:15 GMT
content-type
application/javascript
last-modified
Tue, 17 Sep 2024 11:55:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
default.jpg
tile.loc.gov/image-services/iiif/service:ndnp:dlc:batch_dlc_juneberry_ver01:data:sn83030313:00271743609:1867120101:0664/full/pct:12.5/0/
291 KB
292 KB
Image
General
Full URL
https://tile.loc.gov/image-services/iiif/service:ndnp:dlc:batch_dlc_juneberry_ver01:data:sn83030313:00271743609:1867120101:0664/full/pct:12.5/0/default.jpg
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3278ede14d358fb4e478adbf7c458d1f1b0fb7052682703855f22b592ed2da
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https://loc.gov/ https://*.loc.gov/ 'unsafe-inline' 'self'; frame-ancestors https://loc.gov/ https://*.loc.gov/; upgrade-insecure-requests;
Strict-Transport-Security max-age=3600; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-storage
static
x-nearside-cache
MISS
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 12:23:37 GMT
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
image/jpeg
content-disposition
inline; filename=iiif-service_ndnp_dlc_batch_dlc_juneberry_ver01_data_sn83030313_00271743609_1867120101_0664-full-pct_12.5-0-default.jpg
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 12:23:37 GMT
strict-transport-security
max-age=3600; preload
content-security-policy
block-all-mixed-content; default-src https://loc.gov/ https://*.loc.gov/ 'unsafe-inline' 'self'; frame-ancestors https://loc.gov/ https://*.loc.gov/; upgrade-insecure-requests;
cache-control
no-transform, max-age=31536000
x-grace
none
referrer-policy
no-referrer-when-downgrade
cf-ray
8ecbc4c8dca565fd-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
297855
server
cloudflare
x-nearside-cache-hits
0
likes.js
turnmonthgangdef.blo.gg/static/widgets/
12 KB
4 KB
Script
General
Full URL
https://turnmonthgangdef.blo.gg/static/widgets/likes.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d885285d04230143c93c5c4fed7d0ea898cae29677ec3796ef0686f21a1479

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
content-encoding
gzip
cf-cache-status
MISS
etag
W/"flask-1694162010.0-12202-2946243238"
x-https-by
cache3
x-module
pubmongo@labor2
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kee%2BJelfWUaBHSRR0IaiZ6DdLE4tMYZOA9QUn7p4ln7Wt7sYYLOeYA9M8i07ZHE7aw5TZdMCRNeH54MyQu7QXZ6tgG2bSCOEJzvyfMt90TMQPGaFx60drX%2FkResKyoy4rAfUNaJNaDHivA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 11 Dec 2024 12:23:37 GMT
x-varnish
1230961586
alt-svc
h3=":443"; ma=86400
x-cache
MISS from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=16837&min_rtt=14520&rtt_var=2566&sent=28&recv=22&lost=2&retrans=3&sent_bytes=19406&recv_bytes=6219&delivery_rate=4426&cwnd=8400&unsent_bytes=0&cid=3f46b6eab313fb7e&ts=1547&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/javascript
vary
Accept-Encoding
x-served-by
labor2
last-modified
Wed, 04 Dec 2024 12:23:37 GMT
x-client-ip
127.0.0.1
priority
u=3,i=?0
cache-control
public, max-age=604800
x-real-ip
31.204.150.147
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
cf-ray
8ecbc4c87aa35c45-AMS
accept-ranges
bytes
content-length
3272
x-cf-connecting-ip
31.204.150.147
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
gzip
age
2398
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 13:43:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 11:43:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
logger.js
newstats.blogg.se/
1 KB
1 KB
Script
General
Full URL
https://newstats.blogg.se/logger.js?6020201bddf2b320ba134bfc
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.153.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.153.110.34.bc.googleusercontent.com
Software
nginx/1.8.0 /
Resource Hash
e5d922ae0a1623e596607a703309d98004b8ce83762a30b6c79a97c09504ab2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-session-id
69dwrQjwQKKbSgfO6cQcsw
x-served-by
foxglove2
x-request-id
Z1BJyZoIuAArKZZa
content-encoding
gzip
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:37 GMT
x-fox-hash
dyKcam4QxD0lF4BZOsRoBVc-WX7O5d3EVKkFFoD3oDc
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx/1.8.0
access-control-allow-headers
None
Montserrat-Light.otf
static.blogg.se/themes/sweet-vanilla/fonts/
50 KB
34 KB
Font
General
Full URL
https://static.blogg.se/themes/sweet-vanilla/fonts/Montserrat-Light.otf
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b0e99087810c74eef12a76e819274671fa626ac1de4653e49f98e04c25ac82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://turnmonthgangdef.blo.gg
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
content-encoding
gzip
cf-cache-status
MISS
etag
W/"57e5141e-c8b0"
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YOqlJc2Mdm3iStc2EkLzQRgB5wej5gpKqBZlwWsqzpSuGqIgUqC1opmSIwFPXFXv8ejBOu%2Fu4IpFitHtie3shp9%2B%2BSKI%2BU0NBD59xgwxkH%2B9PXFbCvKg3er1%2BAL50WJCrg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
1230961588 1230944127
alt-svc
h3=":443"; ma=86400
x-cache
HIT from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=18555&min_rtt=15176&rtt_var=5910&sent=20&recv=9&lost=0&retrans=0&sent_bytes=14231&recv_bytes=4526&delivery_rate=38348&cwnd=12000&unsent_bytes=0&cid=f5fdfd8531dfcdd8&ts=70&x=1", cfExtPri, cfHdrFlush;dur=7
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/x-font-opentype
last-modified
Fri, 23 Sep 2016 11:38:06 GMT
vary
Accept-Encoding
x-client-ip
35.191.32.49
x-served-by
labor2
priority
u=0,i=?0
x-real-ip
31.204.150.147
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish, 1.1 google
cf-ray
8ecbc4c8af59d5a3-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
34400
x-cf-connecting-ip
20.163.64.196
server
cloudflare
pbjs
lwadm.com/lw/
90 KB
33 KB
Script
General
Full URL
https://lwadm.com/lw/pbjs?pid=e8ba0dbd-b980-4fba-bbd4-bfe7856a2639
Requested by
Host: statics.lifeofsvea.se
URL: https://statics.lifeofsvea.se/production/losjs/blogg.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.84.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-84-214.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
795f1627bddcfc998a51b34160a5a5e3b220a929fd1df47ea249a56d2b0c2c10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
private,no-cache
content-encoding
gzip
etag
"|2|B989A528555175F5A7BF6203C1E7A672"
access-control-allow-credentials
true
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412030101/
64 KB
23 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412030101/gpt
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e33cff2da607ed34049c949ac59d671b34ce321369629f45ed5462131f6b0a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7798723742105243693
age
73348
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 16:01:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 03 Dec 2024 16:01:09 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23021
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412030101"
collector.js
newstats.blogg.se/
0
0
Preflight
General
Full URL
https://newstats.blogg.se/collector.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.153.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.153.110.34.bc.googleusercontent.com
Software
nginx/1.8.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://turnmonthgangdef.blo.gg
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-requested-with
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 12:23:37 GMT
server
nginx/1.8.0
via
1.1 google
x-fox-hash
HzPIjypNq-M2yb4JJNMpAjEaz44gI-lNBa7dwAIPnz4
x-served-by
foxglove2
collector.js
newstats.blogg.se/
0
16 B
XHR
General
Full URL
https://newstats.blogg.se/collector.js
Requested by
Host: newstats.blogg.se
URL: https://newstats.blogg.se/logger.js?6020201bddf2b320ba134bfc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.153.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.153.110.34.bc.googleusercontent.com
Software
nginx/1.8.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://turnmonthgangdef.blo.gg/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json

Response headers

via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/html; charset=utf-8
x-served-by
foxglove2
server
nginx/1.8.0
x-fox-hash
iBnKNmd5zaZc9J_9KG-i-kAhg7pvdkcRm464M96yufw
access-control-allow-headers
None
collect
www.google-analytics.com/j/
15 B
440 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1885617175&t=pageview&_s=1&dl=https%3A%2F%2Fturnmonthgangdef.blo.gg%2F&ul=nl-nl&de=UTF-8&dt=turnmonthgangdef.blo.gg%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1983622774&gjid=1566496949&cid=1372570826.1733315017&tid=UA-116481816-1&_gid=939087820.1733315017&_r=1&_slc=1&z=777508135
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
87c742a4352b88bd2ad5f20b377dc9fe2d2ba2e54ee5bc79d4a1b72ed39615d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://turnmonthgangdef.blo.gg/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:37 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://turnmonthgangdef.blo.gg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
www.google-analytics.com/j/
3 B
73 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1885617175&t=pageview&_s=1&dl=https%3A%2F%2Fturnmonthgangdef.blo.gg%2F&ul=nl-nl&de=UTF-8&dt=turnmonthgangdef.blo.gg%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1307149307&gjid=1098075767&cid=1372570826.1733315017&tid=UA-2043206-12&_gid=939087820.1733315017&_r=1&_slc=1&cd1=6020201bddf2b320ba134bfc&z=913316617
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://turnmonthgangdef.blo.gg/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:37 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://turnmonthgangdef.blo.gg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
likewidget.css
turnmonthgangdef.blo.gg/static/widgets/
7 KB
2 KB
Stylesheet
General
Full URL
https://turnmonthgangdef.blo.gg/static/widgets/likewidget.css
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/static/widgets/likes.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1178694303f7fbd1b73062bc59bddd5ce18db35bac75c67c128518412eb94e32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache1
content-encoding
gzip
cf-cache-status
MISS
etag
W/"flask-1694162010.0-6938-1495407907"
x-https-by
cache1
x-module
pubmongo@labor2
x-passed
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWorUxywRa484lsatY0bm3OwuOuPzydjDatvgZxyRoeF%2BKRuJwUKeUvCjqI9pf0Vgsj6d%2FVYW29c%2F%2FL0fBsoFWAsyQtpW4i7xYo7RF9xK1lee3LFXsQSKeEsO45sNswEbVHfwQ7RGSvDvw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 11 Dec 2024 12:23:37 GMT
x-varnish
310225160
alt-svc
h3=":443"; ma=86400
x-cache
MISS from cache1
server-timing
cfL4;desc="?proto=QUIC&rtt=26670&min_rtt=14520&rtt_var=14690&sent=40&recv=29&lost=6&retrans=7&sent_bytes=29371&recv_bytes=7046&delivery_rate=74617&cwnd=5880&unsent_bytes=0&cid=3f46b6eab313fb7e&ts=1653&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-served-by
labor2
last-modified
Wed, 04 Dec 2024 12:23:37 GMT
x-client-ip
127.0.0.1
priority
u=0,i=?0
cache-control
public, max-age=604800
x-real-ip
31.204.150.147
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
cf-ray
8ecbc4c93b4d5c45-AMS
accept-ranges
bytes
content-length
1335
x-cf-connecting-ip
31.204.150.147
server
cloudflare
js
www.googletagmanager.com/gtag/
281 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XLBWNZ3X10&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ba8b6d93bf49bf513afa0a42d1d8df2aa310f157b9156c04ae1716f245990d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 12:23:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100580
x-xss-protection
0
server
Google Tag Manager
v
target.digitalaudience.io/bakery/pix/
0
160 B
Script
General
Full URL
https://target.digitalaudience.io/bakery/pix/v?cid=70329200&itid=100
Requested by
Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=e8ba0dbd-b980-4fba-bbd4-bfe7856a2639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.94.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-94-209.eu-central-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
0
date
Wed, 04 Dec 2024 12:23:37 GMT
x-xss-protection
1
content-type
application/javascript
server
Kestrel
prebid.js
content.lwadm.com/prebid/8.15.0/3c078d23-9dd4-4144-9f4c-205c9ae11a0c/
434 KB
140 KB
Script
General
Full URL
https://content.lwadm.com/prebid/8.15.0/3c078d23-9dd4-4144-9f4c-205c9ae11a0c/prebid.js
Requested by
Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=e8ba0dbd-b980-4fba-bbd4-bfe7856a2639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c000:1b:7f5c:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7360484f8b3e63ae72b032c4f764ef6158ba30792fe5128628225523f9a03237

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
x-amz-version-id
L1y8KEHsfFXwyVMod1ndRpSFqSlSViuC
etag
W/"4c90a61dbe7e078272aa06d8c88c24c4"
age
57015
access-control-allow-methods
GET, HEAD
expires
0
x-cache
Hit from cloudfront
x-amz-cf-id
ciBDi6Pyi9IF8cMtWcUWF5qcj_q1g7l7HynrtdZTXNdV0cS5Cn6Y0Q==
date
Tue, 03 Dec 2024 20:33:23 GMT
content-type
application/x-javascript
vary
accept-encoding
last-modified
Mon, 14 Oct 2024 11:22:28 GMT
cache-control
public, max-age=604800, immutable
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://target.digitalaudience.io/bakery/input/d?pubid=dap_210326&cart=2&c=1
  • https://ads.creative-serving.com/cm?redir=https%3a%2f%2ftarget.digitalaudience.io%2fbakery%2fsync%3fcode%3d140%26pub%3ddap_210326%26daid%3db9019993847044a68315ac1dbf01beb2%26syncid%3d%24%7bUUID%7d%...
  • https://ads.creative-serving.com/ul_cb/cm?redir=https%3a%2f%2ftarget.digitalaudience.io%2fbakery%2fsync%3fcode%3d140%26pub%3ddap_210326%26daid%3db9019993847044a68315ac1dbf01beb2%26syncid%3d%24%7bUU...
  • https://target.digitalaudience.io/bakery/sync?code=140&pub=dap_210326&daid=b9019993847044a68315ac1dbf01beb2&syncid=a79ee230-953e-4bda-93da-5835cf15f60a&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9no7utq&ttd_tpi=1&gdpr=&gdpr_consent=
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=9no7utq&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-length
70
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
image/gif
server
Kestrel

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=9no7utq&ttd_tpi=1&gdpr=&gdpr_consent=
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
0
date
Wed, 04 Dec 2024 12:23:37 GMT
x-xss-protection
1
content-type
text/plain; charset=utf-8
server
Kestrel
pbjs
lwadm.com/
5 KB
2 KB
Fetch
General
Full URL
https://lwadm.com/pbjs?71420121
Requested by
Host: lwadm.com
URL: https://lwadm.com/lw/pbjs?pid=e8ba0dbd-b980-4fba-bbd4-bfe7856a2639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.84.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-84-214.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e6ddc0c70cbdf9ac03e4aa8fe3eca68263387b5e3ea5ef36c40f1f5bc69e4114

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache,no-store,max-age=0,must-revalidate,private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://turnmonthgangdef.blo.gg
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
adsm.macro.rmb.js
macro.adnami.io/macro/gen/
72 KB
20 KB
Script
General
Full URL
https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by
Host: macro.adnami.io
URL: https://macro.adnami.io/macro/spec/adsm.macro.841e04b3-8417-407f-bc19-65f9be2759ea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a190 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
6cd4e713f504cfe8e9515ed47880f2c14b9fd00649c4b1703221ebeb7200f005

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

content-md5
RLnACp7GBoZRdwRhFvdHlA==
cache-control
max-age=2033
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DD138C94DEBF47
x-ms-lease-status
unlocked
x-ms-request-id
e9e49a89-201e-0046-5a75-45beb3000000
access-control-allow-origin
*
content-length
20633
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 11:21:07 GMT
x-ms-blob-type
BlockBlob
cmp2.js
cmp.inmobi.com/tcfv2/53/
167 KB
47 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=blogg.se
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6nBT95t9H0vM1/blogg.se/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
W/"db6c513b7a9d1bf38b36047c185655a2"
age
103358
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-meta-qc-ineu
True
x-cache
Hit from cloudfront
x-amz-cf-id
w5woeQZrA5g8di7SqQMVSghmun_txY1YUn2U33w1ljNZWVrDO3p6-Q==
date
Tue, 03 Dec 2024 07:41:04 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 03 Jun 2024 09:45:41 GMT
cache-control
max-age=172800
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
geoip
cmp.inmobi.com/
50 B
332 B
XHR
General
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=blogg.se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
41e2f985d191b75b09fba2322cd9b6fd126d1e72664bd8aa2d30d8c04c846534

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-expose-headers
*
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
50
x-amz-cf-id
1oPaUcybNRno6sIrM2wyDpzst6cvi8TtcNztS0_OlAcdEIabL3mcTA==
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P3
server
CloudFront
cmp-list.json
cmp.inmobi.com/GVL-v2/
20 KB
4 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=blogg.se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a0227c2693ce79652227e3166ff014f64bded690c258d227756b35fcecfe0c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"aac57402ad990d22827415a83c28457a"
age
33774
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
pQGqYPrfskG95GNjwYOvWH2lH24bfjGiVXcNEDek4ec26Lyf9gCzfQ==
date
Wed, 04 Dec 2024 03:00:44 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Wed, 04 Dec 2024 03:00:42 GMT
cache-control
max-age=172800
access-control-allow-credentials
true
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
cmp2ui-sv.js
cmp.inmobi.com/tcfv2/53/
316 KB
80 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2ui-sv.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=blogg.se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4277e4fe8e0011cc54affd4706df36437c01dbed9470853595d2ec140fce82de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-max-age
86400
content-encoding
gzip
etag
W/"68f9aea86419eda906ca6955267f369a"
age
103357
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
p-d13jvGrpWKrkADREcVQnruFGlMaT1tfdRJCmRxxgJw8n6_oovv1g==
date
Tue, 03 Dec 2024 07:41:04 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 03 Jun 2024 09:45:47 GMT
cache-control
max-age=172800
cross-origin-resource-policy
cross-origin
via
1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v2/
360 KB
43 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=blogg.se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"e2bcee663677e0a88f6ed90c9cd0c496"
age
44653
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Brw-omycRR_GIpnizlCZcsLh-nOsswrkxazMh5kDTgf4n7TxDvnaZg==
date
Tue, 03 Dec 2024 23:59:25 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Thu, 28 Nov 2024 23:59:17 GMT
cache-control
max-age=86400
access-control-allow-credentials
true
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
google-atp-list.json
cmp.inmobi.com/tcfv2/
140 KB
33 KB
XHR
General
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=blogg.se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02783f81e6d5497e7efba350ba2a0cf3ab683ee711e2c6f6dc636b9ef6c32427

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"45f51a68f17a056971afffb18ca38d60"
age
33792
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
gz2Hc2so-UNkJLoEYRrt1EJqdQ4UdCwEUHfuDHchrwC_PPhcoYNZ_w==
date
Wed, 04 Dec 2024 03:00:26 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Wed, 04 Dec 2024 03:00:25 GMT
cache-control
max-age=172800
access-control-allow-credentials
true
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
purposes-sv.json
cmp.inmobi.com/GVL-v2/
31 KB
5 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v2/purposes-sv.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=blogg.se
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
771dcdaaea277c12dc21a0a4efd0c9f7b434fb0b653a9ddbbaade6a017ce51f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"9a6242e61001a90f54502154637fb009"
age
44618
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
pnp7s_8vOuX3mxt316y1pkcHVEHqKyXcQNVh6rs8rgg2zYvvQokG7A==
date
Wed, 04 Dec 2024 00:03:32 GMT
content-type
application/json
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Thu, 28 Nov 2024 23:59:20 GMT
cache-control
max-age=86400
access-control-allow-credentials
true
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
/
api.cmp.inmobi.com/
2 B
101 B
XHR
General
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%226nBT95t9H0vM1%22%2C%22domain%22%3A%22turnmonthgangdef.blo.gg%22%2C%22publisher%22%3A%22Blogg.se%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22FAZ2QG1IcavBw7acnC1rqA%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A2%2C%22clientTimestamp%22%3A1733315017499%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-f3eevqrotgzfj57umasu%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-sv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.248.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-248-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-allow-origin
*
content-length
2
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/plain; charset=utf-8
geoip
cmp.inmobi.com/
50 B
333 B
XHR
General
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-sv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
41e2f985d191b75b09fba2322cd9b6fd126d1e72664bd8aa2d30d8c04c846534

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://turnmonthgangdef.blo.gg/

Response headers

access-control-expose-headers
*
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
FunctionGeneratedResponse from cloudfront
content-length
50
x-amz-cf-id
vrRrpYXUxOsuoSmJyWrJPd_UOsjhq1HaYjojzf6UED-fHiIJdeARyQ==
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P3
server
CloudFront
1638281276
turnmonthgangdef.blo.gg/_mobile/likes/2021/11/
58 B
1012 B
XHR
General
Full URL
https://turnmonthgangdef.blo.gg/_mobile/likes/2021/11/1638281276
Requested by
Host: turnmonthgangdef.blo.gg
URL: https://turnmonthgangdef.blo.gg/static/widgets/likes.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3756a2a79feb87b9e7942a9f267e1caa2422e7e15182659a0549bbf5fd4e40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"702f225d5e69941cbfe1faf3eca65f53"
age
0
x-https-by
cache3
x-module
pubmongo@labor3
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NbX96atCdWAIf26m%2BOzvHNbmW9nNFrvKyanShxd4DDvjOJFEzWBIlIu7EB1N2CF3DA3SI5tv68x0zTmpkjHukfPF7WkV8%2BNvNsHbVhrsOf1PTeb6EADjrQ3Q8%2B7VtwXFX7Wp8Sy5uIeviQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 04 Dec 2024 12:28:37 GMT
x-varnish
1230961679
alt-svc
h3=":443"; ma=86400
x-cache
MISS from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=25437&min_rtt=14520&rtt_var=13484&sent=44&recv=32&lost=6&retrans=7&sent_bytes=31756&recv_bytes=8218&delivery_rate=27303&cwnd=5880&unsent_bytes=0&cid=3f46b6eab313fb7e&ts=2353&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
application/json
vary
Accept-Encoding
x-served-by
labor3
last-modified
Wed, 04 Dec 2024 12:23:37 GMT
x-client-ip
127.0.0.1
x-blog-id
6020201bddf2b320ba134bfc
priority
u=1,i
x-real-ip
31.204.150.147
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
cf-ray
8ecbc4cd8f495c45-AMS
accept-ranges
bytes
content-length
69
x-cf-connecting-ip
31.204.150.147
server
cloudflare
favicon.ico
turnmonthgangdef.blo.gg/static/
Redirect Chain
  • https://turnmonthgangdef.blo.gg/favicon.ico
  • https://turnmonthgangdef.blo.gg/static/favicon.ico
622 B
1 KB
Other
General
Full URL
https://turnmonthgangdef.blo.gg/static/favicon.ico
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8d03dba97a19a4dd0bf455000da022f5d73b798ef6b6c869deb706ec45905c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

x-front-cache-server
cache3
content-encoding
zstd
cf-cache-status
MISS
etag
W/"flask-1694162032.0-622-763631788"
x-https-by
cache3
x-module
pubmongo@labor3
x-passed
cache3
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xFWRvi709WXdJ3iSnNE9BL8BHx7TLNZE638NHKriNaOozzijthJiqZ2ZBobRbaIOVC%2Fa2d33g5FEIHGsFpZ00dWp3lcnt7ugJqqaNb8LeuSqn01rELLQIt30QiEcUnvJuiyKWZsuJvUEg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 11 Dec 2024 12:23:37 GMT
x-varnish
1230961693
alt-svc
h3=":443"; ma=86400
x-cache
MISS from cache3
server-timing
cfL4;desc="?proto=QUIC&rtt=27055&min_rtt=14520&rtt_var=13350&sent=48&recv=35&lost=6&retrans=7&sent_bytes=34023&recv_bytes=8897&delivery_rate=23257&cwnd=5880&unsent_bytes=0&cid=3f46b6eab313fb7e&ts=2455&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:38 GMT
content-type
image/vnd.microsoft.icon
last-modified
Wed, 04 Dec 2024 12:23:37 GMT
x-served-by
labor3
x-client-ip
127.0.0.1
priority
u=1,i
vary
Accept-Encoding
cache-control
public, max-age=604800
x-real-ip
31.204.150.147
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
cf-ray
8ecbc4ce28295c45-AMS
x-cf-connecting-ip
31.204.150.147
server
cloudflare

Redirect headers

x-front-cache-server
cache1
cf-cache-status
BYPASS
x-https-by
cache1
x-module
pubmongo@labor3
x-passed
cache1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31HYXFcLXb233ouTTPB5qW%2BzMtRDGpC3t2xdZFuYiU1TzWJrzhX9WuJM2zifX%2FJukQzLoksixmdFht44J9%2FaLbbBTrRHowmGpGZFqDonXR9To82T9piAVg2owoehb9vDmkryS4Sqt%2Bs6xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
310225238
alt-svc
h3=":443"; ma=86400
x-cache
MISS from cache1
server-timing
cfL4;desc="?proto=QUIC&rtt=25437&min_rtt=14520&rtt_var=13484&sent=45&recv=32&lost=6&retrans=7&sent_bytes=32791&recv_bytes=8218&delivery_rate=27303&cwnd=5880&unsent_bytes=0&cid=3f46b6eab313fb7e&ts=2376&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 12:23:37 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 04 Dec 2024 12:23:37 GMT
x-served-by
labor3
x-client-ip
127.0.0.1
priority
u=1,i
x-blog-id
6020201bddf2b320ba134bfc
vary
Accept-Encoding
x-real-ip
31.204.150.147
location
https://turnmonthgangdef.blo.gg/static/favicon.ico
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 varnish
cf-ray
8ecbc4cd9f4f5c45-AMS
x-cf-connecting-ip
31.204.150.147
server
cloudflare
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JVWJCF404S&gtm=45je4bk0v9104663663za200zb813462672&_p=1733315016433&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1372570826.1733315017&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733315016&sct=1&seg=0&dl=https%3A%2F%2Fturnmonthgangdef.blo.gg%2F&dt=turnmonthgangdef.blo.gg%20-&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6373
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JVWJCF404S&l=dataLayer&cx=c&gtm=45He4bk0v813462672za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://turnmonthgangdef.blo.gg/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://turnmonthgangdef.blo.gg
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 12:23:41 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| _borkaTimerStart object| googletag object| lwhb object| borka object| losjs object| regeneratorRuntime number| _losjsTimerStart string| $ function| jQuery object| dataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| google_reactive_ads_global_state function| onYouTubeIframeAPIReady object| gaGlobal function| initJQuery number| loadThreshold function| loadMoreContent function| moreEntries function| moreArchiveEntries function| moreCategoryEntries function| moreComments function| loadMoreComments function| contentLoader function| _doCheckLoadMore function| _doCheckOnResize function| bindContentLoader function| bindClickLoader function| bindCommentLoader function| showPic string| d string| domain function| setCookie function| getCookie function| deleteCookie function| populateFormValues function| unPopulateFormValues function| doSubmit function| doCheck function| doChange function| waitForJquery function| _classCallCheck function| _createClass object| Foundation function| __tcfapi function| __uspapi string| _ function| strossle string| bloggId string| host object| split string| GoogleAnalyticsObject function| ga function| ajax function| serialize object| viewport_size string| orientation object| screen_size string| fg_request_id object| payload object| x object| gaplugins object| gaData object| BSELikes object| livewrapped object| pbjs boolean| lwanalytic boolean| pbjslspbjs object| adsmtag object| Strossle object| StrossleStorage object| adsm object| adnmBridgeServer function| __tcfapiui function| gtag object| pbjsChunk object| invibes string| entry string| month

12 Cookies

Domain/Path Name / Value
turnmonthgangdef.blo.gg/ Name: losjs
Value: 205d80d1-3922-450d-95c7-cd9744a63445
.blo.gg/ Name: _ga_JVWJCF404S
Value: GS1.1.1733315016.1.0.1733315016.0.0.0
.blo.gg/ Name: _ga_KGM8S3RG3V
Value: GS1.1.1733315016.1.0.1733315016.60.0.0
.blo.gg/ Name: _ga_XLBWNZ3X10
Value: GS1.1.1733315016.1.0.1733315016.60.0.0
.blo.gg/ Name: _ga
Value: GA1.2.1372570826.1733315017
.blo.gg/ Name: _gid
Value: GA1.2.939087820.1733315017
.blo.gg/ Name: _gat_global
Value: 1
.blo.gg/ Name: _gat_bloggse
Value: 1
.creative-serving.com/ Name: tuuid
Value: a79ee230-953e-4bda-93da-5835cf15f60a
.creative-serving.com/ Name: c
Value: 1733315017
.creative-serving.com/ Name: tuuid_lu
Value: 1733315017
.target.digitalaudience.io/ Name: digitalAudience
Value: H4sIAAAAAAAAA2XKMQ7CMBBE0btMvYXX3jg7vgqi8MZESg1dlLtDEFVofvPfjtG3gYZgUpLFbU5mvXrRqS86Yk0aj8gQBFotXp2qrnNRnlLwRLvtZ9WS4PWHJlKwfPYhX5b1qqyyMttP3Y83xvYLS5UAAAA%3D

1 Console Messages

Source Level URL
Text
network error URL: https://publishme.se/static/img/default_avatar.png
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.creative-serving.com
api.cmp.inmobi.com
assets.strossle.com
cdn2.cdnme.se
cmp.inmobi.com
cmp.quantcast.com
content.lwadm.com
fonts.googleapis.com
fonts.gstatic.com
lwadm.com
macro.adnami.io
match.adsrvr.org
maxcdn.bootstrapcdn.com
newstats.blogg.se
publishme.se
region1.analytics.google.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.blogg.se
statics.lifeofsvea.se
stats.g.doubleclick.net
target.digitalaudience.io
tile.loc.gov
turnmonthgangdef.blo.gg
verity.lifeofsvea.se
www.google-analytics.com
www.google.nl
www.googletagmanager.com
104.18.10.207
142.250.186.34
142.250.186.35
172.67.73.105
18.193.248.185
18.196.84.214
18.245.86.8
188.114.96.3
188.114.97.3
2001:4860:4802:34::36
216.58.206.72
2600:9000:223d:1a00:1b:cadc:ef40:93a1
2600:9000:225e:d600:19:1c05:a1c0:93a1
2600:9000:2490:c000:1b:7f5c:2c80:93a1
2606:4700:20::681a:5ba
2606:4700::6812:4052
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:828::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9d
2a02:26f0:1700:6::17d5:a190
3.123.94.209
34.1.230.247
34.110.153.55
52.223.40.198
02783f81e6d5497e7efba350ba2a0cf3ab683ee711e2c6f6dc636b9ef6c32427
0499e2ed5da7c300f6e5cc6d2023808225b9e055bd9f61404a781a48ba8948ec
0a0227c2693ce79652227e3166ff014f64bded690c258d227756b35fcecfe0c7
1144c13e382a9771c351827e31e18d6e51774f334bf80bf6181199312524212a
1178694303f7fbd1b73062bc59bddd5ce18db35bac75c67c128518412eb94e32
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2014b1b3a2e0daf9ee9ff768af5d45aee567681be9782c07446acffea9054d89
2710e6a4846d6fccae52622eb0d72f8f48e46ebb3b4f267b2f6e34b03014d40c
329738d29aa827818a253e0a2fa2f2cd7401c37101b08cb621ea8c1422623da1
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3ffe2f02a450d01ae954088390a44062095d3bec52ce8d9673394c7d14fe5a67
41e2f985d191b75b09fba2322cd9b6fd126d1e72664bd8aa2d30d8c04c846534
4277e4fe8e0011cc54affd4706df36437c01dbed9470853595d2ec140fce82de
4c8d03dba97a19a4dd0bf455000da022f5d73b798ef6b6c869deb706ec45905c
52f4c132f7b41572ad7171387b79f68719a1678baa2a0c9a1c17670869c5b1df
559e9680afb2d507778c245eacbcb7cad8b282b7ce0f8f06721cf8a63af5b205
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
593cb6a99ee681518baa0300381b64e7831df168d763b0d756643372674b5cee
6cd4e713f504cfe8e9515ed47880f2c14b9fd00649c4b1703221ebeb7200f005
7360484f8b3e63ae72b032c4f764ef6158ba30792fe5128628225523f9a03237
771dcdaaea277c12dc21a0a4efd0c9f7b434fb0b653a9ddbbaade6a017ce51f9
795f1627bddcfc998a51b34160a5a5e3b220a929fd1df47ea249a56d2b0c2c10
802fe282b06c838f751a28018d9626762a8b319dd3f1acbf332d60faaefc4ab8
83b0e99087810c74eef12a76e819274671fa626ac1de4653e49f98e04c25ac82
87c742a4352b88bd2ad5f20b377dc9fe2d2ba2e54ee5bc79d4a1b72ed39615d3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5fb71064c4a75d61a89a161ff0149c496e5e6f470619d96a3bf092254d2746
95fd93151c6d11425c4f0bde946f59870bc13f1c5587c132cc8ddbfda97cd02c
9e91b8d1c29290d2d75e4c7f59de2d36da934c480770c24da6560560ffc776e8
b0d885285d04230143c93c5c4fed7d0ea898cae29677ec3796ef0686f21a1479
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
ba8b6d93bf49bf513afa0a42d1d8df2aa310f157b9156c04ae1716f245990d59
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c34613a81bc68044323fd6416e745ee3adc83120629abf53aa9a7307585e0b90
c68684e78a22728ce795a4ce787f3a45cd14ce112598275246f917a085642e5d
c957b5da858a6c3631e9d74d5ad1f479ce7dd32635930701decf05a9ade91ac1
cd3278ede14d358fb4e478adbf7c458d1f1b0fb7052682703855f22b592ed2da
cf3756a2a79feb87b9e7942a9f267e1caa2422e7e15182659a0549bbf5fd4e40
cf9f5b24a6d460560bbb83076db9a4458120c21892fdc3f83157b0897a05d0bf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ebaf8961b53231380502930d6564c243452a2763691bd66167a1c9d62062eb
e2e707c54d9e6c4c1c4d72b6cb94027a2657b269f372d739df5dd9c4bbb886e8
e33cff2da607ed34049c949ac59d671b34ce321369629f45ed5462131f6b0a83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d922ae0a1623e596607a703309d98004b8ce83762a30b6c79a97c09504ab2b
e6ddc0c70cbdf9ac03e4aa8fe3eca68263387b5e3ea5ef36c40f1f5bc69e4114
ec9d76a411cc98a810c61a254a615366e4509ccf5e3f4cecbeeaa7905b7efbdc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef25c138c9223b60ed5a068cad04ef59535694efc4b16c4869d8e5de4fca3b1c
f04df0d5c32a644f7fbdc04fed82a2057c17c9aac5f0c2d41852a8fdf92b30fc
f2e67c153a046b0a2a7aec4e91258317153494d0669566d09cc3768723c2f539
f4645bb301c2a3997fe5acf4690202cb34db568d9bd538070e8936985aad96bc
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112
fb275fb1d85e45ab418a40afc804b7894d47b13ad2c9eb6851d596ec1f62c601
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1