| | 192.64.119.76 | 302 Found | 75 B |
URL User Request GET HTTP/1.1IP192.64.119.76:80
File typeHTML document, ASCII text Hasha5ccf167ad6e6a79bb6cc02bca770739 6e61cb26af1e00d8bc9d4bc6f1a54909fccc39dd adb7f4c48b09875881a578753a6d3df816e4cb99319d1a19d37707f3a03d5117
GET / HTTP/1.1
Host: six.pacor.today
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 07 May 2024 22:10:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 75
Connection: keep-alive
Location: https://ruffledplumage.com/?a=102241&c=137163&s1=026
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
|
|
| e1.o.lencr.org/ | 23.33.119.27 | | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash3607504b05e9f9752af99e0b0286efe8 84333c971db83b579e0b26c7569f86705c3248f7 e2e439a10c1f494c1db6b6280ae67822077638dcd77e8ff429096f9c2febe088
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E2E439A10C1F494C1DB6B6280AE67822077638DCD77E8FF429096F9C2FEBE088"
Last-Modified: Mon, 06 May 2024 03:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13149
Expires: Wed, 08 May 2024 01:49:16 GMT
Date: Tue, 07 May 2024 22:10:07 GMT
Connection: keep-alive
|
|
| ruffledplumage.com/?a=102241&c=137163&s1=026 | 67.207.69.191 | 302 Found | 0 B |
URL User Request GET HTTP/1.1ruffledplumage.com/?a=102241&c=137163&s1=026 IP67.207.69.191:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectruffledplumage.com FingerprintAB:E7:3D:FB:A8:93:DE:14:7D:B2:C0:EF:40:CF:F1:34:60:F8:A4:6E ValidityMon, 15 Apr 2024 23:06:47 GMT - Sun, 14 Jul 2024 23:06:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=102241&c=137163&s1=026 HTTP/1.1
Host: ruffledplumage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 22:10:08 GMT
content-length: 0
location: https://doninio.com/?utm_campaign=FNg32Z4Ubn&s2=&aid=102241&s1=026&s3=&s4=
set-cookie: sid=9jplxYa004297FHkwo/bo5lODRcJkHQGlMu7GvYDhlMzU/RtRKwISw==; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
trk=MPKDaviabU38x3Jp2gsqJ5lODRcJkHQGlMu7GvYDhlMzU/RtRKwISw==; Max-Age=63071999; Expires=Thu, 07 May 2026 22:10:07 GMT; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
c108171=9jplxYa00425E7YslkktOr6NQDHjJESocPK8fsj4EowlhvvSlPIr6Q==; Max-Age=2591999; Expires=Thu, 06 Jun 2024 22:10:07 GMT; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
pt30=390bc0bdb0444fad8d1ceec6e50eb449; Max-Age=2592000; Expires=Thu, 06 Jun 2024 22:10:08 GMT; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
ptc=390bc0bdb0444fad8d1ceec6e50eb449; Max-Age=157680000; Expires=Sun, 06 May 2029 22:10:08 GMT; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
ptbs=390bc0bdb0444fad8d1ceec6e50eb449; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
|
|
| doninio.com/?utm_campaign=FNg32Z4Ubn&s2=&aid=102241&s1=026&s3=&s4= | 128.199.56.44 | 302 Found | 0 B |
URL User Request GET HTTP/2doninio.com/?utm_campaign=FNg32Z4Ubn&s2=&aid=102241&s1=026&s3=&s4= IP128.199.56.44:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectdoninio.com FingerprintD3:45:5F:F2:0D:1F:0D:89:EC:56:7F:C5:93:08:D6:4A:45:6E:A0:45 ValidityTue, 12 Mar 2024 03:30:24 GMT - Mon, 10 Jun 2024 03:30:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?utm_campaign=FNg32Z4Ubn&s2=&aid=102241&s1=026&s3=&s4= HTTP/1.1
Host: doninio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://youcantrackthis.com/?c=108587&s1=026&s5=ZEU-4c8eb449-d38b-4dff-ac70-4b6efe99989c&s2=&s3=&s4=&a=102241&zci=FNg32Z4Ubn
referrer-policy: no-referrer
server: nginx/1.17.2
set-cookie: sess-e77b0662344488daba9af744856b7988=MTcxNTExOTgwOHwxRjctNkxUX3hhN0xYaDFKNnRnbzhXU21kLXRqcWNoQ1RwS0xhWXBzc3BkWVE0V2xyRXFVVDVnPXyUa-6ig9RYSI3Ux-X9f-l43nQmJ9Bdkw2nEJCBSnyM2g==; Max-Age=31536000; HttpOnly
content-length: 0
date: Tue, 07 May 2024 22:10:08 GMT
X-Firefox-Spdy: h2
|
|
| youcantrackthis.com/?c=108587&s1=026&s5=ZEU-4c8eb449-d38b-4dff-ac70-4b6efe99989c&s2=&s3=&s4=&a=102241&zci=FNg32Z4Ubn | 52.207.66.72 | | 209 B |
URL youcantrackthis.com/?c=108587&s1=026&s5=ZEU-4c8eb449-d38b-4dff-ac70-4b6efe99989c&s2=&s3=&s4=&a=102241&zci=FNg32Z4Ubn IP52.207.66.72:0
File typeHTML document, ASCII text, with CRLF line terminators Hash6aef336a40720a8d5b83059557a74b45 fbf1016b223250d944bdf91e1cc9b6852861b646 245fb116311a779323895c5f8c9805b85e96a17d9c93b888885f656b66ac0b63
GET /?c=108587&s1=026&s5=ZEU-4c8eb449-d38b-4dff-ac70-4b6efe99989c&s2=&s3=&s4=&a=102241&zci=FNg32Z4Ubn HTTP/1.1
Host: youcantrackthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 209
Content-Type: text/html; charset=utf-8
Date: Tue, 07 May 2024 22:10:09 GMT
Location: https://www.bareflirt.com/landing6?pi=102241&pt1=420801307&pe=026&zci=FNg32Z4Ubn
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=9jplxYa0041UEOCj5vNvoZlODRcJkHQGu/uEgAhVjmsdfcaS2XSaBg==; domain=.youcantrackthis.com; path=/; HttpOnly
trk=MPKDaviabU297FHkwo/bo5lODRcJkHQGu/uEgAhVjmsdfcaS2XSaBg==; domain=.youcantrackthis.com; expires=Thu, 07-May-2026 22:10:09 GMT; path=/; HttpOnly
c104671=9jplxYa0040h1HlmOwCy+AXIIaZ7UOGLeObD2q2xSm0lhvvSlPIr6Q==; domain=.youcantrackthis.com; expires=Thu, 06-Jun-2024 22:10:09 GMT; path=/; HttpOnly
Connection: close
|
|
| www.bareflirt.com/landing6?pi=102241&pt1=420801307&pe=026&zci=FNg32Z4Ubn | 35.227.204.77 | | 5.5 kB |
URL www.bareflirt.com/landing6?pi=102241&pt1=420801307&pe=026&zci=FNg32Z4Ubn IP35.227.204.77:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, from Unix Hash2d715b45dae85f203751dc262070e58b 58660cf787a7779ce792bc5ee3491298074ab531 e9e34e6e0dad4d06161692f85534d4133e70c37e8cb1c7d22af05a5b4e88f113
GET /landing6?pi=102241&pt1=420801307&pe=026&zci=FNg32Z4Ubn HTTP/1.1
Host: www.bareflirt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:10:09 GMT
server: nginx/1.14.2
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: bareflirt.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 26531289
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | | 346 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash3607504b05e9f9752af99e0b0286efe8 84333c971db83b579e0b26c7569f86705c3248f7 e2e439a10c1f494c1db6b6280ae67822077638dcd77e8ff429096f9c2febe088
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E2E439A10C1F494C1DB6B6280AE67822077638DCD77E8FF429096F9C2FEBE088"
Last-Modified: Mon, 06 May 2024 03:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13146
Expires: Wed, 08 May 2024 01:49:16 GMT
Date: Tue, 07 May 2024 22:10:10 GMT
Connection: keep-alive
|
|
| ruffledplumage.com/?a=102241&c=137163&s1=026 | 67.207.69.191 | 302 Found | 0 B |
URL User Request GET HTTP/1.1ruffledplumage.com/?a=102241&c=137163&s1=026 IP67.207.69.191:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectruffledplumage.com FingerprintAB:E7:3D:FB:A8:93:DE:14:7D:B2:C0:EF:40:CF:F1:34:60:F8:A4:6E ValidityMon, 15 Apr 2024 23:06:47 GMT - Sun, 14 Jul 2024 23:06:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=102241&c=137163&s1=026 HTTP/1.1
Host: ruffledplumage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Tue, 07 May 2024 22:10:10 GMT
content-length: 0
location: https://doninio.com/?utm_campaign=FNg32Z4Ubn&s2=&aid=102241&s1=026&s3=&s4=
set-cookie: sid=QhCm19nynuWOsacGqKV9MZlODRcJkHQGNLe48q2zS9nU7dbWYX1F5g==; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
trk=aHML881e2HDFApI20HY3T5lODRcJkHQGNLe48q2zS9nU7dbWYX1F5g==; Max-Age=63071999; Expires=Thu, 07 May 2026 22:10:09 GMT; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
c108171=QhCm19nynuXQWU3m0huif13N6EsH9jr5WZEh6rsP/ZclhvvSlPIr6Q==; Max-Age=2591999; Expires=Thu, 06 Jun 2024 22:10:09 GMT; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
pt30=01ab4d552f404915b2bb9a27f089aa06; Max-Age=2592000; Expires=Thu, 06 Jun 2024 22:10:10 GMT; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
ptc=01ab4d552f404915b2bb9a27f089aa06; Max-Age=157680000; Expires=Sun, 06 May 2029 22:10:10 GMT; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
ptbs=01ab4d552f404915b2bb9a27f089aa06; Domain=ruffledplumage.com; Path=/; Secure; HttpOnly; SameSite=None
|
|
| doninio.com/?utm_campaign=FNg32Z4Ubn&s2=&aid=102241&s1=026&s3=&s4= | 128.199.56.44 | 302 Found | 0 B |
URL User Request GET HTTP/2doninio.com/?utm_campaign=FNg32Z4Ubn&s2=&aid=102241&s1=026&s3=&s4= IP128.199.56.44:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectdoninio.com FingerprintD3:45:5F:F2:0D:1F:0D:89:EC:56:7F:C5:93:08:D6:4A:45:6E:A0:45 ValidityTue, 12 Mar 2024 03:30:24 GMT - Mon, 10 Jun 2024 03:30:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?utm_campaign=FNg32Z4Ubn&s2=&aid=102241&s1=026&s3=&s4= HTTP/1.1
Host: doninio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://youcantrackthis.com/?c=111906&s1=026&s5=ZEU-d77b0761-33d8-4a6b-95bc-ef8c5e41eb95&s2=&s3=&s4=&a=102241&zci=FNg32Z4Ubn
referrer-policy: no-referrer
server: nginx/1.17.2
set-cookie: sess-e77b0662344488daba9af744856b7988=MTcxNTExOTgxMHw4bFc5R1FreHV1UnhpUmF1SHNpV1ZRX25DbE5lUGlsdVFhWG9DRmlBSk5QcGpDaHJEZkVFT3JvPXwXt5Suv0dV13Bcue_MJEJ8215R1BDCUYzYrxObWttXpw==; Max-Age=31536000; HttpOnly
content-length: 0
date: Tue, 07 May 2024 22:10:10 GMT
X-Firefox-Spdy: h2
|
|
| youcantrackthis.com/?c=111906&s1=026&s5=ZEU-d77b0761-33d8-4a6b-95bc-ef8c5e41eb95&s2=&s3=&s4=&a=102241&zci=FNg32Z4Ubn | 54.208.166.52 | 302 Found | 210 B |
URL User Request GET HTTP/1.1youcantrackthis.com/?c=111906&s1=026&s5=ZEU-d77b0761-33d8-4a6b-95bc-ef8c5e41eb95&s2=&s3=&s4=&a=102241&zci=FNg32Z4Ubn IP54.208.166.52:443
CertificateIssuerGlobalSign nv-sa Subject*.youcantrackthis.com FingerprintCA:62:BB:43:52:C3:DE:F8:A9:95:61:79:8A:E4:D4:43:F9:C7:F3:BE ValidityThu, 28 Dec 2023 01:37:27 GMT - Tue, 28 Jan 2025 01:37:26 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash22a3c16446f49d93f0f3b2fc2f431e37 a311636c532f813b0580b729ac6d9283ac7b6cef 2111b21735fcca33aecbe5d8f43075345846e4e68aa41fe453b71abcc67243ec
GET /?c=111906&s1=026&s5=ZEU-d77b0761-33d8-4a6b-95bc-ef8c5e41eb95&s2=&s3=&s4=&a=102241&zci=FNg32Z4Ubn HTTP/1.1
Host: youcantrackthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 210
Content-Type: text/html; charset=utf-8
Date: Tue, 07 May 2024 22:10:11 GMT
Location: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=QhCm19nynuXmUzHEwuQ3rJlODRcJkHQGjF00UFnQM1aBkVflWhamqw==; domain=.youcantrackthis.com; path=/; HttpOnly
trk=aHML881e2HCOsacGqKV9MZlODRcJkHQGjF00UFnQM1aBkVflWhamqw==; domain=.youcantrackthis.com; expires=Thu, 07-May-2026 22:10:11 GMT; path=/; HttpOnly
c106328=QhCm19nynuVFPuYksYzRf7TRXpID/PZSilmy5IJVfdwlhvvSlPIr6Q==; domain=.youcantrackthis.com; expires=Thu, 06-Jun-2024 22:10:10 GMT; path=/; HttpOnly
Connection: close
|
|
| www.kosoghygge.com/img/logo.png | 34.149.196.159 | 200 OK | 4.9 kB |
URL GET HTTP/3www.kosoghygge.com/img/logo.png IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typePNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced Hashc1b75be98c7f9e5d3e02ad75196adace e1150e306cd385e3a282a3cc6cbbbcb7eacf8969 5b7df3cd104e71cace5988ef0e37584be81142aba4d007b6e45a1770605342de
GET /img/logo.png HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:11 GMT
server: Apache/2.4.58 (Ubuntu)
vary: X-Forwarded-Proto
last-modified: Tue, 07 May 2024 19:47:28 GMT
etag: "132c-617e274b60a75"
accept-ranges: bytes
content-length: 4908
x-ua-compatible: IE=edge,chrome=1
content-type: image/png
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.kosoghygge.com/landers/js/ad-provider.js | 34.149.196.159 | 200 OK | 512 B |
URL GET HTTP/3www.kosoghygge.com/landers/js/ad-provider.js IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeASCII text, with very long lines (979) Hashacd920e8f5657057e8003b79905c5266 cd96548060dbbc3f715cb81c3810d893eedec260 38b34bce7e5ad8268f51a16a6633c17923130b2fac9eeb6ceaca6beb50990681
GET /landers/js/ad-provider.js HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:11 GMT
server: nginx/1.14.2
content-type: application/javascript
last-modified: Thu, 02 May 2024 07:09:24 GMT
etag: "66333c24-3fb-gzip"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 26844476
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-encoding: gzip
content-length: 512
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.kosoghygge.com/landers/images/general/google-logo.svg | 34.149.196.159 | 200 OK | 688 B |
URL GET HTTP/3www.kosoghygge.com/landers/images/general/google-logo.svg IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeSVG Scalable Vector Graphics image Hash686f8efa6e3e28e96d1c08399e8d353d 4524589b0dceefb6ae6389f36634441df69152d5 0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
GET /landers/images/general/google-logo.svg HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:11 GMT
server: nginx/1.14.2
content-type: image/svg+xml
content-length: 688
last-modified: Thu, 02 May 2024 07:09:11 GMT
etag: "66333c17-2b0"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 41998591
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.kosoghygge.com/landers/images/loader/loading.gif | 34.149.196.159 | 200 OK | 2.9 kB |
URL GET HTTP/3www.kosoghygge.com/landers/images/loader/loading.gif IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeGIF image data, version 89a, 128 x 15 Hash62b08454087f1ef8b27bd2bcda330537 cac1914632f4c859f6176a84078f1017bad069f8 06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
GET /landers/images/loader/loading.gif HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:09:50 GMT
server: nginx/1.14.2
content-type: image/gif
content-length: 2892
last-modified: Thu, 02 May 2024 07:09:12 GMT
etag: "66333c18-b4c"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 42505948 42441623
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.kosoghygge.com/landers/css/fontawesome-all.min.css | 34.149.196.159 | 200 OK | 11 kB |
URL GET HTTP/3www.kosoghygge.com/landers/css/fontawesome-all.min.css IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typegzip compressed data, from Unix Hashc4ae33bba112329b1f3d33ec0e5c32cc 83dac47931665dfbd6d9b959a3666485b358e3e1 3f77d3d90d0a684a6a668f9571cc82cb42b8796b52845c487675fd295bd96a37
GET /landers/css/fontawesome-all.min.css HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:11 GMT
server: nginx/1.14.2
content-type: text/css
last-modified: Thu, 02 May 2024 07:09:11 GMT
etag: W/"66333c17-c970"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 9286743
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.kosoghygge.com/favicon/apple-touch-icon-180x180.png | 34.149.196.159 | 404 Not Found | 280 B |
URL GET HTTP/3www.kosoghygge.com/favicon/apple-touch-icon-180x180.png IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeHTML document, ASCII text Hashc0d3a2ffd3b8206a1dc423b1e44f7195 38096e272ccb984907da0cbcc3f65124bd92a6d7 aa04b53c21b07814e7ba8c7e4b63b3d8aa7937b567741221b3f30458addcf4f3
GET /favicon/apple-touch-icon-180x180.png HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Tue, 07 May 2024 22:10:12 GMT
server: Apache/2.4.58 (Ubuntu)
content-length: 280
content-type: text/html; charset=iso-8859-1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.kosoghygge.com/favicon/favicon.ico | 34.149.196.159 | 404 Not Found | 280 B |
URL GET HTTP/3www.kosoghygge.com/favicon/favicon.ico IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeHTML document, ASCII text Hashc0d3a2ffd3b8206a1dc423b1e44f7195 38096e272ccb984907da0cbcc3f65124bd92a6d7 aa04b53c21b07814e7ba8c7e4b63b3d8aa7937b567741221b3f30458addcf4f3
GET /favicon/favicon.ico HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Tue, 07 May 2024 22:10:12 GMT
server: Apache/2.4.58 (Ubuntu)
content-length: 280
content-type: text/html; charset=iso-8859-1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.kosoghygge.com/landers/media-registry.js | 34.149.196.159 | 200 OK | 8.8 kB |
URL GET HTTP/3www.kosoghygge.com/landers/media-registry.js IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash7db515478934022835aa54960924e1e9 108c8d1fcf00efbc2fb81cb7ac12563ac1dcc370 12d97cd754643b6f1554ffa21d1c569554fcb17eb9477724ffff5288137b8c30
GET /landers/media-registry.js HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:46:17 GMT
server: nginx/1.14.2
x-goog-generation: 1714634290467591
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 122245
x-goog-hash: crc32c=3xOWCg==, md5=fbUVR4k0Aig1qlSWCSTh6Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPpSK7YMhO34gvJIDoe8fNIO27hKu0DP9iyqldzDNneQZ9sARvwprn2Rp7ZOyaO7rJQNlX8XMpc0rA
age: 1435
last-modified: Thu, 02 May 2024 07:18:10 GMT
etag: "7db515478934022835aa54960924e1e9-gzip"
content-type: application/javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-encoding: gzip
content-length: 8780
via: 1.1 google, 1.1 google
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:11 GMT
expires: Fri, 02 May 2025 01:56:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 504841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.kosoghygge.com/landers/js/landing001.js | 34.149.196.159 | 200 OK | 17 kB |
URL GET HTTP/3www.kosoghygge.com/landers/js/landing001.js IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typegzip compressed data, from Unix Hash9caefa504c2e7316c5ce8dec756b341c bca77b0d27dd1fe472026bb4e8ee34f26531c8ac f896f885e17b126889208865a1bd854849d5b3d219e359eb5d502af463da49ad
GET /landers/js/landing001.js HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:12 GMT
server: nginx/1.14.2
content-type: application/javascript
last-modified: Thu, 02 May 2024 07:09:24 GMT
etag: W/"66333c24-f7e1"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 41582554
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.google.com/recaptcha/enterprise.js | 142.250.74.132 | 200 OK | 206 kB |
URL GET HTTP/2www.google.com/recaptcha/enterprise.js IP142.250.74.132:443
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeJavaScript source, ASCII text, with very long lines (954) Size206 kB (206388 bytes) Hashd3a36011aba5584f19c67aa56cb29f81 4c6d4eb1fa4aa35ad51fade278a3ef528171ae48 9057616442e285d66f3b9a937942c4db2dc748d048dfbd0d1e153fabfe48e0de
GET /recaptcha/enterprise.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 07 May 2024 22:10:12 GMT
date: Tue, 07 May 2024 22:10:12 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.kosoghygge.com/landers/translations/nb-no2.json | 34.149.196.159 | 200 OK | 218 kB |
URL GET HTTP/3www.kosoghygge.com/landers/translations/nb-no2.json IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
Size218 kB (218064 bytes) Hash03b5a86609e5b54a54f2d4aa9c4de6be 2b28f57afd7505c6b4daa22867970c84396dd642 459139ce69de1a12b7372c8ca54b3f68a0d6b3a24c499849f3daa892fdc25183
GET /landers/translations/nb-no2.json HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:36:36 GMT
server: nginx/1.14.2
content-length: 218064
x-goog-generation: 1712825875375555
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 218064
x-goog-hash: crc32c=ezkWSA==, md5=A7WoZgnltUpU8tSqnE3mvg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-guploader-uploadid: ABPtcPrDa7Jws_wSnz0pSHncVzmr25-ZikFtmk5y1nJYVfxVCdCJuc9T3JKKQ5Z6v7RJ6IDCPLRC0PblfA
age: 2016
last-modified: Thu, 11 Apr 2024 08:57:55 GMT
etag: "03b5a86609e5b54a54f2d4aa9c4de6be"
content-type: application/json
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google, 1.1 google
|
|
| samlesamtykke.com/cc.js?wId=7NAbiKFF1VQ7gWk99P3mAj&domain=kosoghygge.com&languageCode=nb&languageTerritory=NO&sessionId=b9c53029b7ab4ae484fef2ec3ae737f1 | 35.195.163.35 | 200 OK | 14 kB |
URL GET HTTP/2samlesamtykke.com/cc.js?wId=7NAbiKFF1VQ7gWk99P3mAj&domain=kosoghygge.com&languageCode=nb&languageTerritory=NO&sessionId=b9c53029b7ab4ae484fef2ec3ae737f1 IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
File typeJavaScript source, ASCII text Hasha925dc66522ebc63e767d7c9404e420d b1e30d3bf55e75b2871d95a9c0d149e62b2296fe 1d36eb969b242f7bd32add8cbfdd80887c33c31cecd1e00aed9f543bdacf6f3f
GET /cc.js?wId=7NAbiKFF1VQ7gWk99P3mAj&domain=kosoghygge.com&languageCode=nb&languageTerritory=NO&sessionId=b9c53029b7ab4ae484fef2ec3ae737f1 HTTP/1.1
Host: samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:12 GMT
content-type: application/javascript
content-length: 14213
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.kosoghygge.com/landers/css/theme/pornhub.css | 34.149.196.159 | 200 OK | 27 kB |
URL GET HTTP/3www.kosoghygge.com/landers/css/theme/pornhub.css IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeASCII text, with very long lines (50007) Hashfa70f59d25f8e9890f1fe64ec3e0f30a 1f35ca2258e32cf0cba18ac12ad7706f978f8a5b 1db5c38ba5d3b8aaa20988294f2c515f1120d1d3dea1ef9c2437cd58f9965a2e
GET /landers/css/theme/pornhub.css HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:12 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: kosoghygge.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 26328296
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:11 GMT
expires: Fri, 02 May 2025 01:56:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 504841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.kosoghygge.com/landers/images/landing001/default/default/serie01_01.jpg?geo=no | 34.149.196.159 | 200 OK | 37 kB |
URL GET HTTP/3www.kosoghygge.com/landers/images/landing001/default/default/serie01_01.jpg?geo=no IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 467x682, components 3 Hash8580663a886d4a298da70883f173ef5c b042633a4dfbaeb33a97c4efc53b85a000730f5d a7b257fe27ccec06bf741eaed652f72bb556ae31b548648aa7e6b07c4e38a417
GET /landers/images/landing001/default/default/serie01_01.jpg?geo=no HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:12 GMT
server: nginx/1.14.2
content-type: image/jpeg
content-length: 36626
last-modified: Thu, 02 May 2024 07:09:11 GMT
etag: "66333c17-8f12"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 26328305
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f | 142.250.74.132 | 200 OK | 101 kB |
URL GET HTTP/3www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f IP142.250.74.132:443
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Size101 kB (101061 bytes) Hash1d13967b5cad92aa6dbd1e4ad27ab864 f72dd064301fe5edd79e765de0118c7945d8c29d 918a1726d04970a2202a12be6995516cd434af0ec8993ca024e58347ee9e3fc6
GET /recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 22:10:12 GMT
content-security-policy: script-src 'nonce-MCfGX2nEfUlitqIyOUW8Hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 May 2024 18:37:19 GMT
expires: Mon, 05 May 2025 18:37:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 185574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:11 GMT
expires: Fri, 02 May 2025 01:56:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 504842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.163:443
Requested byhttps://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:23 GMT
expires: Sat, 03 May 2025 03:22:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 413270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:54:07 GMT
expires: Thu, 09 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 501366
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js | 142.250.74.132 | 200 OK | 7.5 kB |
URL GET HTTP/3www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js IP142.250.74.132:443
Requested byhttps://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (17588) Hash81965d03d416a0601f29281d353056f3 e3d92db7e0287b8cc16ef71877d276e7ee0030d6 a406382608bcdae48012bda3220a48d9f71b1286743116cd00db4cafd06e7487
GET /js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:15:50 GMT
expires: Fri, 02 May 2025 02:15:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 503663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 95 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hashfdcd36c913f0238f15636f1a14c37412 0408c032e65aa08ebb5b49d3b080aed0a7c6b9db e242e10e470f1b0933e9c96a5e7dad12f6aa48ae4e681988997bc6eb4d35cb7a
GET /gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 22:10:13 GMT
expires: Tue, 07 May 2024 22:10:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| samlesamtykke.com/cc.css | 35.195.163.35 | 200 OK | 3.9 kB |
IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
File typeassembler source, ASCII text Hashddb6776d9e0b9844c9f57355d7492805 da918eb4fefa9d625e5858496c2c4a20ad893619 9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
GET /cc.css HTTP/1.1
Host: samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:13 GMT
content-type: text/css
content-length: 3892
last-modified: Thu, 15 Oct 2020 08:07:25 GMT
etag: "6073-5b1b123761e40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.samlesamtykke.com/consent/collector | 35.195.163.35 | 200 OK | 0 B |
URL OPTIONS HTTP/2api.samlesamtykke.com/consent/collector IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/collector HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.kosoghygge.com/
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:13 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.kosoghygge.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.samlesamtykke.com/consent/collector | 35.195.163.35 | 200 OK | 4.7 kB |
URL OPTIONS HTTP/2api.samlesamtykke.com/consent/collector IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
Hash8c1258f41bc396970cde5c88a3246960 2da5e77b585b86993b64346a510e5d5d1e11fac3 4880615bc787c017b313ee0e67a0be2c7e7cf58c512f4d1f7a0daefac21273e0
POST /consent/collector HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 169
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:13 GMT
content-type: application/vnd.api+json
content-length: 4654
access-control-allow-origin: https://www.kosoghygge.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.samlesamtykke.com/consent/loadSegment | 35.195.163.35 | 200 OK | 0 B |
URL OPTIONS HTTP/2api.samlesamtykke.com/consent/loadSegment IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.kosoghygge.com/
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:13 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.kosoghygge.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.samlesamtykke.com/consent/loadSegment | 35.195.163.35 | 200 OK | 371 B |
URL OPTIONS HTTP/2api.samlesamtykke.com/consent/loadSegment IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
Hashaad76f926b6c219e918916e6f25e4129 4823643373db875486f8ac895ea532106e6798d4 0b9d369937e417796e17001b773fd61884a8993ea967ad4841a472e83f83292d
POST /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 224
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:13 GMT
content-type: application/vnd.api+json
content-length: 371
access-control-allow-origin: https://www.kosoghygge.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.samlesamtykke.com/consent/loadSegment | 35.195.163.35 | 200 OK | 0 B |
URL OPTIONS HTTP/2api.samlesamtykke.com/consent/loadSegment IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.kosoghygge.com/
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:13 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.kosoghygge.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.samlesamtykke.com/consent/loadSegment | 35.195.163.35 | 200 OK | 354 B |
URL OPTIONS HTTP/2api.samlesamtykke.com/consent/loadSegment IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
Hashf3306f051731bcce1d98a030b8a2d9cf ada4a5bb07ee1872a579a651298774329b036f43 cbbae4d9daeed7c435cb09233298534b86c9c159ff6960ace74e223e460a75c5
POST /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 225
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:14 GMT
content-type: application/vnd.api+json
content-length: 354
access-control-allow-origin: https://www.kosoghygge.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.samlesamtykke.com/consent/confirmExplicit | 35.195.163.35 | 200 OK | 0 B |
URL POST HTTP/2api.samlesamtykke.com/consent/confirmExplicit IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/confirmExplicit HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.kosoghygge.com/
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:14 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.kosoghygge.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.samlesamtykke.com/consent/confirmExplicit | 35.195.163.35 | 200 OK | 0 B |
URL POST HTTP/2api.samlesamtykke.com/consent/confirmExplicit IP35.195.163.35:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerLet's Encrypt Subjectsamlesamtykke.com FingerprintBC:52:E4:6C:A2:17:85:C6:FD:90:28:C0:D4:FD:54:2C:22:B2:16:C4 ValiditySat, 27 Apr 2024 20:10:54 GMT - Fri, 26 Jul 2024 20:10:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /consent/confirmExplicit HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 515
Origin: https://www.kosoghygge.com
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 07 May 2024 22:10:14 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.kosoghygge.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s | 142.250.74.132 | 200 OK | 1.0 kB |
URL GET HTTP/2www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s IP142.250.74.132:443
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeJavaScript source, ASCII text, with very long lines (1033), with no line terminators Hashbd927622e1c40d420b32be0dc022e336 35f4a129b447f6d914420e59b3bbf5a7512f549f afb5abaa561bb823a0c386906899eddac8ce791e2bcb9056f57b0364d341a829
GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 07 May 2024 22:10:12 GMT
date: Tue, 07 May 2024 22:10:12 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB | 142.250.74.168 | 200 OK | 210 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB IP142.250.74.168:443
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3484) Size210 kB (209466 bytes) Hash8b4f9952a632a5ed7609c07706d86ff1 f76c99088028b9c049af2659b543ff9bbab0b395 9d66f23448718d7645db70e1183eab9b86b59a83bff76888b194775222e88d6e
GET /gtm.js?id=GTM-KBRH6NB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.kosoghygge.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 22:10:13 GMT
expires: Tue, 07 May 2024 22:10:13 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.kosoghygge.com/landers/css/landing001.css | 34.149.196.159 | 200 OK | 20 kB |
URL GET HTTP/3www.kosoghygge.com/landers/css/landing001.css IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
Hash9d6ad2f3b8f2c32cfce63f882bfa9632 8cbd995b6a5fd87c24486e1d1783e595508b8f88 b69db03dc337c9c26fcf545b1f57cefa35c47f362f1d8e3342e82883108bb022
GET /landers/css/landing001.css HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:12 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: kosoghygge.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 26531310
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css | 142.250.74.35 | 200 OK | 56 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:09:29 GMT
expires: Sat, 03 May 2025 01:09:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 421243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn | 34.149.196.159 | 200 OK | 20 kB |
URL User Request GET HTTP/2www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
File typeHTML document, ASCII text, with very long lines (2091) Hash5d96a2c587e7ea5260e7071af463750c 08eb3690b3a821d25284c3b7d38402a85ec5479e 1f1d460c98641178c08c1350ea41a86de9a3d4a82280fd553d67203d78f14c36
GET /landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 22:10:11 GMT
server: nginx/1.14.2
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: kosoghygge.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 42163880
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
|
|
| www.kosoghygge.com/landers/js/vendor.js | 34.149.196.159 | 200 OK | 124 kB |
URL GET HTTP/3www.kosoghygge.com/landers/js/vendor.js IP34.149.196.159:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn CertificateIssuerGoogle Trust Services LLC Subjectkosoghygge.com Fingerprint0A:84:9E:5D:91:F6:43:86:01:22:4E:21:F5:1A:81:93:03:D3:77:26 ValidityThu, 11 Apr 2024 21:13:49 GMT - Wed, 10 Jul 2024 22:06:42 GMT
Size124 kB (123566 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /landers/js/vendor.js HTTP/1.1
Host: www.kosoghygge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.kosoghygge.com/landing1?pi=102241&pt1=420801312&pe=026&zci=FNg32Z4Ubn
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:10:12 GMT
server: nginx/1.14.2
content-type: application/javascript
last-modified: Thu, 02 May 2024 07:09:24 GMT
etag: W/"66333c24-1e2ae"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 8939771
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
|
|
| www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m | 142.250.74.132 | 200 OK | 102 B |
URL GET HTTP/3www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m IP142.250.74.132:443
Requested byhttps://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeASCII text, with no line terminators Hash284b36421a1cf446f32cb8f7987b1091 eb14d6298c9da3fb26d75b54c087ea2df9f3f05f 94ab2be973685680d0be9c08d4e1a7465f3c09053cf631126bd33f49cc2f939b
GET /recaptcha/enterprise/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua29zb2doeWdnZS5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=gwr0kguoaq1f
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 May 2024 22:10:13 GMT
date: Tue, 07 May 2024 22:10:13 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|