Overview

URL hyttetomta.no/
IP23.236.62.147
ASNAS15169 Google Inc.
Location United States
Report completed2019-04-20 14:34:18 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-04-20 2 hyttetomta.no/ Malware
2019-04-20 2 www.hyttetomta.no/ Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 23.236.62.147

Date UQ / IDS / BL URL IP
2019-05-26 07:37:03 +0200
0 - 1 - 3 kqelements.com/1.exe 23.236.62.147
2019-05-26 07:31:50 +0200
0 - 0 - 3 liveto100.org/wp-content/themes/betheme/vc_te (...) 23.236.62.147
2019-05-26 07:17:02 +0200
0 - 0 - 3 u-buntu.com/data/mcp/bin/upload/201133.exe 23.236.62.147
2019-05-26 07:17:01 +0200
0 - 1 - 3 u-buntu.com/data/mcp/bin/upload/ses5.exe 23.236.62.147
2019-05-26 07:17:01 +0200
0 - 0 - 3 u-buntu.com/data/mcp/bin/upload/setup2793.exe 23.236.62.147
2019-05-26 07:16:59 +0200
0 - 0 - 3 u-buntu.com/data/mcp/bin/upload/setup27931.exe 23.236.62.147
2019-05-26 07:16:55 +0200
0 - 0 - 3 u-buntu.com/data/mcp/bin/upload/0043.exe 23.236.62.147
2019-05-26 07:16:46 +0200
0 - 0 - 3 u-buntu.com/data/mcp/bin/recycle.exe 23.236.62.147
2019-05-26 05:48:00 +0200
0 - 0 - 1 southshoreabstract.com/sites/default/files/up (...) 23.236.62.147
2019-05-26 01:39:07 +0200
0 - 0 - 3 lobbyarkansas.com/Xv59kM.exe 23.236.62.147

Last 10 reports on ASN: AS15169 Google Inc.

Date UQ / IDS / BL URL IP
2019-05-26 08:02:03 +0200
0 - 0 - 2 phallatio-wwwythephallusy.blogspot.no/2013/01 (...) 216.58.211.1
2019-05-26 07:47:50 +0200
0 - 0 - 0 https://censys.io 216.239.36.21
2019-05-26 07:44:56 +0200
0 - 0 - 2 passablepassage2110.blogspot.no/2011/09/demi- (...) 216.58.211.1
2019-05-26 07:44:26 +0200
0 - 0 - 2 safeguardsafety2210.blogspot.no/2011/10/ford- (...) 216.58.211.1
2019-05-26 07:44:21 +0200
0 - 0 - 2 hd-wallpapers-2011.blogspot.no/2011/06/chaska (...) 216.58.211.1
2019-05-26 07:44:09 +0200
0 - 0 - 3 sdada233s.blogspot.no/2015/06/kim-kardashian- (...) 216.58.211.1
2019-05-26 07:44:10 +0200
0 - 0 - 2 photocelebritys.blogspot.no/2010/07/maria-fer (...) 216.58.211.1
2019-05-26 07:44:02 +0200
0 - 0 - 2 passablepassage2110.blogspot.no/2011/10/happy (...) 216.58.211.1
2019-05-26 07:44:00 +0200
0 - 0 - 2 nude-boobs-girls.blogspot.no/2012/04/aryka-ly (...) 216.58.211.1
2019-05-26 07:43:58 +0200
0 - 0 - 2 oohmygee.blogspot.no/2014/12/bodohlah-bapa-em (...) 216.58.211.1

Last 10 reports on domain: hyttetomta.no

Date UQ / IDS / BL URL IP
2019-04-22 04:40:26 +0200
0 - 0 - 2 www.hyttetomta.no/ 185.230.62.177
2019-04-22 02:33:15 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147
2019-04-21 20:33:15 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147
2019-04-21 14:33:38 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147
2019-04-21 08:35:05 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147
2019-04-21 02:33:51 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147
2019-04-20 20:33:30 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147
2019-04-20 08:33:58 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147
2019-04-20 02:33:21 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147
2019-04-19 20:33:55 +0200
0 - 0 - 2 hyttetomta.no/ 23.236.62.147


JavaScript

Executed Scripts (14)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (29)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: hyttetomta.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         23.236.62.147
HTTP/1.1 301 Moved Permanently
                                        
Date: Sat, 20 Apr 2019 12:33:46 GMT
Connection: keep-alive
X-Wix-Server-Artifact-Id: wix-public-war
Expires: -1
X-Wix-Redirect-Reason: ProtocolSwitchingRedirector
X-Wix-Redirected-From: http://www.hyttetomta.no/
Location: https://www.hyttetomta.no/
X-Seen-By: BTzakfJUbU/4CBguyutVd40wt/232utGwlleyZ0qo1Y=,1wy2ILu/S4rlWT/R4rqCrak2rkv0vJrEwG04nSYjamo=,LwsIp90Tma5sliyMxJYVEqK09JXB+vAENcQeilwqEkc=
Cache-Control: no-cache
Pragma: no-cache
Content-Language: en-US
X-Wix-Request-Id: 1555763626.434763884402135579
Set-Cookie: TS01e85bed=01f0e931312ded7e36237258fce548ebba018fda64bf0fb19d334322d75ebe56e7419895a813af01bf0717397001ce3df5204ab4b7; Path=/
Transfer-Encoding: chunked


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.40
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 18 Apr 2019 06:18:31 GMT
Etag: 9485E4B7835BD8D2DA9C6BBB73620E3CCC79C067
X-OCSP-Responder-ID: mcdpcaocsp16
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=149664
Expires: Mon, 22 Apr 2019 06:08:10 GMT
Date: Sat, 20 Apr 2019 12:33:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    a07e0bf352c21ccba4f5dd4965be7c16
Sha1:   9485e4b7835bd8d2da9c6bbb73620e3ccc79c067
Sha256: e13141acee81b2da23663bf324d35afb4d7b48f633908310bdd4dc80e35a85c6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: D174BC70D749F40F1FA03BC2D0FB95CF345A38BE
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=124549
Expires: Sun, 21 Apr 2019 23:09:35 GMT
Date: Sat, 20 Apr 2019 12:33:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    38327a36c4d8cb9a592aff93448eb957
Sha1:   d174bc70d749f40f1fa03bc2d0fb95cf345a38be
Sha256: a555a1deab66b98a7a515cff29841d909e47bbb9851f88fe07622ccf18ccf2ff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: 7529265E9196DFE49BAB65E86DCB22562CCB86BE
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=124567
Expires: Sun, 21 Apr 2019 23:09:53 GMT
Date: Sat, 20 Apr 2019 12:33:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ba71aae9b0d3b8518307227d31af8f38
Sha1:   7529265e9196dfe49bab65e86dcb22562ccb86be
Sha256: 52237c311e7bb372041f964b66084ee894c60d84f3b027f256c6042368283b15
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 108
Content-Type: application/ocsp-request

                                         
                                         50.63.243.230
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 20 Apr 2019 12:35:48 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=114276, public, no-transform, must-revalidate
Last-Modified: Sat, 20 Apr 2019 10:00:39 GMT
Expires: Sun, 21 Apr 2019 22:00:39 GMT
Etag: "83aa8232f020bd0457b32c4e7c1857c3fc764027"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1778
Connection: close


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    ab1a8f81f80efb4088ff1824e340e44b
Sha1:   83aa8232f020bd0457b32c4e7c1857c3fc764027
Sha256: e403c423952982e63cd80b3def4af237ba720a4a65b9893b0a160d5ce0b2970a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         50.63.243.230
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 20 Apr 2019 12:35:25 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=75283, public, no-transform, must-revalidate
Last-Modified: Fri, 19 Apr 2019 22:36:11 GMT
Expires: Sun, 21 Apr 2019 10:36:11 GMT
Etag: "5857b73abb050d7e4486da42603dbfc51a666482"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1777
Connection: close


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    228dc71f544158c42c0c2b496f1a3a05
Sha1:   5857b73abb050d7e4486da42603dbfc51a666482
Sha256: e7f6e2e2fad189a64d6f05c9f6e2f5887e36b83bc196394e12521ed683a6cf8d
                                        
                                            GET /media/59b393_bd47032f716d4fbe9e77ae72c7b7cb47%7Emv2.png/v1/fill/w_32%2Ch_32%2Clg_1%2Cusm_0.66_1.00_0.01/59b393_bd47032f716d4fbe9e77ae72c7b7cb47%7Emv2.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         35.241.16.116
HTTP/1.1 200 OK
Content-Type: image/png
                                        
X-Seen-By: generic-zone-wiximage2-6b56f9dc9c-zcrkc-dispatcher_dsp
X-GUploader-UploadID: AEnB2Uq8vQI99ohe7EVtMt-VGEupU7Gk1nUm9a-2aPiHICX40kI3E85UhpZCJIgta6La3zwAn_lPlTugK2sMMXXcqTaefwzNyXtT4dTRrLb3ucYl3E37NzY
Expires: Wed, 16 Oct 2019 16:51:05 GMT
Date: Fri, 19 Apr 2019 16:51:05 GMT
Last-Modified: Tue, 12 Mar 2019 08:00:22 GMT
Etag: "664e8a3210bfbe5ece5c10dd9ff19df6"
x-goog-generation: 1552377622977631
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5572
x-goog-hash: crc32c=TOTsag==, md5=Zk6KMhC/vl7OXBDdn/Gd9g==
x-goog-expiration: Mon, 10 Jun 2019 08:00:22 GMT
x-goog-storage-class: REGIONAL
Accept-Ranges: bytes
Content-Length: 5572
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Server: UploadServer
Timing-Allow-Origin: *
Via: 1.1 google
Cache-Control: public, max-age=15552000, immutable
Age: 70962
Alt-Svc: clear


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   5572
Md5:    664e8a3210bfbe5ece5c10dd9ff19df6
Sha1:   e6ac8fcaa91e3e2af4d86c23e857880a6aea6d9e
Sha256: 6151ab912dc70b98ea0fe5e5301bfc3d65504ee157c68b37fc73349c0e21e529
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 20 Apr 2019 12:33:48 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e3785258e0da046858ac80ceab5630e1
Sha1:   8a253d7cefbff4b32330e790f49a7d684deb2d08
Sha256: 772e6e01ea48efe635dad348dbe01bd940260cc3ec981f89ebbf4cc85adf4da1
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 20 Apr 2019 12:33:48 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    5be872b3fe0bb6f31385f91f811e9586
Sha1:   1192231bcb9ee73e9f619d433cdb66dddd9ae7f7
Sha256: db0ad6191770bff9043482b68acf62a4e25d4390a03274cfbe413675dd8c9cf5
                                        
                                            GET / HTTP/1.1 
Host: www.hyttetomta.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.230.62.177
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Date: Sat, 20 Apr 2019 12:33:47 GMT
Connection: keep-alive
X-Wix-Server-Artifact-Id: wix-public-war, wix-public-html-renderer-webapp
Set-Cookie: XSRF-TOKEN=1555763627|uXk9P38-9wB1;Path=/;Domain=www.hyttetomta.no svSession=7e105e8f3db2b34241986278f0eb26a13a6409057c21063d9a6c2e1dcb9abc30745d9e21a0a35344dfa437142bb5a19d1e60994d53964e647acf431e4f798bcd354401aa883ba5682d6262b00efbfd4b9f4815b81a942aa9c9b4c0f95dafffa7;Path=/;Domain=www.hyttetomta.no;Expires=Tue, 20-Apr-2021 12:33:46 GMT hs=221961232;Path=/;Domain=www.hyttetomta.no;HttpOnly requestId=1555763627.066633838864195820;Expires=Sat, 20-Apr-2019 12:34:07 GMT TS01e85bed=0141ccf485860442cfa0a3863a1262f8e2a99ab862d81fb120a148f6206cbb29ae8eb39e673d0e01ccc6c5875ca1927f633c02d46c; Path=/ TS01600b00=0141ccf485860442cfa0a3863a1262f8e2a99ab862d81fb120a148f6206cbb29ae8eb39e673d0e01ccc6c5875ca1927f633c02d46c; path=/; domain=www.hyttetomta.no
Expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Accel-Buffering: no, no
Content-Language: en-US
Vary: User-Agent
X-Seen-By: BTzakfJUbU/4CBguyutVd//gOAxkwa8VLjqvfjcGX78=,1wy2ILu/S4rlWT/R4rqCraICCbCu9e5QAYpujBjtv74=,LwsIp90Tma5sliyMxJYVEgh80SLUBYvHReWj6zrzSPA=,I2ZOrNA1LIowGTY6Ll7mx+vhI/meCohDY7RevwAJ7JU=,1wy2ILu/S4rlWT/R4rqCrW2xsDiUcp/yjknffHlloRk=,Tw2AanFDQ+Wwo8Xxk6ZL7rHKeAJXtkPxqn+uc4aMlOC/o2j/F33JHWiwHz6WtCLS,1wy2ILu/S4rlWT/R4rqCrWJnc24GrqJRUfiJx3GyM+8=,CU5GbgCT5nWPaA3tUS4mLEhTlBv2qf1fPTt8fjyPN6k=
Cache-Control: no-store, no-cache, no-cache
viewerVersion: 1.2304.0
Pragma: no-cache, no-cache
X-NewRelic-App-Data: PxQFUlJRABABXVdRBQcOREgTYVYAMhEDXhFZAUxRW1xvSmoRQwhdBSdZWRUUDFRfVRY9TWRFRQMFXF9dBTQGDFQHSgdKe1tcRxdWDV0EQT5LRFIPAgZKERxUT1IbARlWUQMACldRUE4BVAhRDhQWVwNcXwRQVwFWXA9UVVFSCBEcAgAORFRq
Link: <https://static.parastorage.com/>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://static.wixstatic.com/>; rel=preconnect;,<https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js>; rel=preload; as=script;,<https://static.parastorage.com/unpkg/lodash@4.17.11/lodash.min.js>; rel=preload; as=script ; crossorigin=anonymous;,<https://static.parastorage.com/unpkg/zepto@1.2.0/dist/zepto.min.js>; rel=preload; as=script ; crossorigin=anonymous;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/services/wix-bolt/1.2304.0/bolt-main/app/main-r.min.js>; rel=preload; as=script ; crossorigin=anonymous;
X-Wix-Request-Id: 1555763627.066633838864195820
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   76026
Md5:    07b26fed30169bfaf81182f7f1194489
Sha1:   20ec1752a65c6bfc8257149fc088b293598f05ec
Sha256: acbfb091df56e849f3dab568d999910fa3d37c754f7d4cb8bd0ccdb5548e76da

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Anton:n,b,i,bi|Basic:n,b,i,bi|Caudex:n,b,i,bi|Chelsea+Market:n,b,i,bi|Corben:n,b,i,bi|EB+Garamond:n,b,i,bi|Enriqueta:n,b,i,bi|Forum:n,b,i,bi|Fredericka+the+Great:n,b,i,bi|Jockey+One:n,b,i,bi|Josefin+Slab:n,b,i,bi|Jura:n,b,i,bi|Kelly+Slab:n,b,i,bi|Marck+Script:n,b,i,bi|Lobster:n,b,i,bi|Mr+De+Haviland:n,b,i,bi|Niconne:n,b,i,bi|Noticia+Text:n,b,i,bi|Overlock:n,b,i,bi|Patrick+Hand:n,b,i,bi|Play:n,b,i,bi|Sarina:n,b,i,bi|Signika:n,b,i,bi|Spinnaker:n,b,i,bi|Monoton:n,b,i,bi|Sacramento:n,b,i,bi|Cookie:n,b,i,bi|Raleway:n,b,i,bi|Open+Sans+Condensed:300:n,b,i,bi|Amatic+SC:n,b,i,bi|Cinzel:n,b,i,bi|Sail:n,b,i,bi|Playfair+Display:n,b,i,bi|Libre+Baskerville:n,b,i,bi|Roboto:n,b,i,bi|Roboto:n,b,i,bi|Roboto:n,b,i,bi|Work+Sans:n,b,i,bi|Work+Sans:n,b,i,bi|Poppins:n,b,i,bi|Poppins:n,b,i,bi|Barlow:n,b,i,bi|Barlow:n,b,i,bi|Oswald:n,b,i,bi|Oswald:n,b,i,bi|Oswald:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Playfair+Display:n,b,i,bi|Dancing+Script:n,b,i,bi|Damion:n,b,i,bi|Suez+One:n,b,i,bi|Rozha+One:n,b,i,bi|Raleway:n,b,i,bi|Lato:n,b,i,bi|Questrial:n,b,i,bi|Montserrat:n,b,i,bi|&subset=hebrew,arabic,latin HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/

                                         
                                         172.217.20.42
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sat, 20 Apr 2019 12:33:48 GMT
Date: Sat, 20 Apr 2019 12:33:48 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3635
Md5:    d3449b64b29716b364a73d3104cdfd05
Sha1:   8799133362e2046764ddf8e2dccd9eff77fb3557
Sha256: 686293debe52ea9dd61c7ec3c90037e8b06a31d2240966188e786fadc26bd153
                                        
                                            GET /unpkg/requirejs-bolt@2.3.6/requirejs.min.js HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 15:30:40 GMT
Vary: Accept-Encoding
Last-Modified: Thu, 24 Jan 2019 14:24:53 GMT
Etag: W/"18823f6a6d208ee1e361bb266ab794d5"
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: public, max-age=7776000
Content-Length: 6434
Age: 75788
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6434
Md5:    44fb3268d00ba5a6b0564e4f95688f64
Sha1:   cb3bb54378789271edd9fbaab57dac79bdd8440d
Sha256: 67e9330abeb4c43f777ff0ff413eebcd179fbedaf1c2e33b4e0a2151e72b1e90
                                        
                                            GET /services/wix-bolt/1.2304.0/node_modules/wix-santa/static/css/viewer.min.css HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 15:23:04 GMT
Vary: Accept-Encoding
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 17 Apr 2019 14:20:58 GMT
Etag: W/"2b5686e2d82fa7f31badcfc232e9e48a"
x-amz-version-id: .l1LA3HG6xDWsvcd9XEp7fPAOsUTFXRJ
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: public, max-age=7776000
Content-Length: 3165
Age: 76244
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3165
Md5:    69bf0ea8472c9918656970b42ae92947
Sha1:   3ede6640d65e769b132ebcadda52cd854e6ddce9
Sha256: 831d9fd4b188e6590ec9f31c5a16914cdc08efd4d60a6713de7afc5c3b512ea0
                                        
                                            GET /services/santa-resources/resources/viewer/user-site-fonts/v5/languages.css HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 01:45:53 GMT
Vary: Accept-Encoding
Last-Modified: Wed, 27 Feb 2019 13:22:11 GMT
Etag: W/"1ebf08bf116ea9f0e944eecb27c8c8a1-1"
x-amz-version-id: j61dncxK_fvSIWYOhqUwdqQoYzHT2Z4O
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Content-Length: 20635
Age: 125275
Cache-Control: public, max-age=7776000
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20635
Md5:    969d28bae2b01f1bcce1d077ebd8d26f
Sha1:   f94a67f6be68619287bbc01afa951d7a1d0f505c
Sha256: e4bb2473f0ca266f67b0eaacbd30750f9738b0444ce74131d3a67caa94c0c7d8
                                        
                                            GET /media/59b393_ab703ed5ac7d4fd19b7d7ca3f983d76d~mv2.jpg/v1/fill/w_294,h_147,al_c,q_80,usm_0.66_1.00_0.01,blur_2/59b393_ab703ed5ac7d4fd19b7d7ca3f983d76d~mv2.jpg HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/

                                         
                                         35.241.16.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
X-Seen-By: generic-zone-wiximage2-6b56f9dc9c-rnwmz-dispatcher_dsp
X-GUploader-UploadID: AEnB2Uq2A1zy6riTxIgecWekLi-Vw2ccFp6UYjA6B3-m-R5ARb9V6cvuFjM6V0F6RW1ydPfdkvicTTRBbpAHxUoInWZ1JmFOgA
Expires: Wed, 16 Oct 2019 16:29:20 GMT
Date: Fri, 19 Apr 2019 16:29:20 GMT
Last-Modified: Sun, 07 Apr 2019 06:59:32 GMT
Etag: "e7109ccd381128a5000a3c82c3e8dc59"
x-goog-generation: 1554620372198244
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 22135
x-goog-hash: crc32c=XVC7aQ==, md5=5xCczTgRKKUACjyCw+jcWQ==
x-goog-expiration: Sat, 06 Jul 2019 06:59:32 GMT
x-goog-storage-class: REGIONAL
Accept-Ranges: bytes
Content-Length: 22135
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Server: UploadServer
Timing-Allow-Origin: *
Via: 1.1 google
Cache-Control: public, max-age=15552000, immutable
Age: 72268
Alt-Svc: clear


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   22135
Md5:    e7109ccd381128a5000a3c82c3e8dc59
Sha1:   4082cdde965f69871a5f1738787c5c6deba281cd
Sha256: e3d31085383068138b61ad889694f9a0fdf07618ede4ef51036ac056fde72c34
                                        
                                            GET /polyfill/v2/polyfill.min.js?features=Object.values,Object.entries,IntersectionObserver,es2015,es2016,es2017,fetch&flags=always,gated&unknown=polyfill&rum=0&callback=polyfillsAreLoaded HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx/1.13.6
Date: Sat, 20 Apr 2019 12:33:48 GMT
Content-Length: 20355
Cache-Control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, public, max-age=7776000
Content-Encoding: gzip
Etag: W/"4f83-+FSG5RokEda5yHhpJvjfRaFnEC4"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS, GET, OPTIONS, POST
Server-Timing: HIT, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
Request_Came_From_Shield: BWI
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Referrer-Policy: origin-when-cross-origin
Timing-Allow-Origin: *, *
Normalized-User-Agent: firefox/3.6.0
Detected-User-Agent: Firefox/3.6.13
Age: 2504885
Vary: User-Agent
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Via: 1.1 google
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   20355
Md5:    99d9e6c42caa658818a90a11da2cb142
Sha1:   f85486e51a2411d6b9c8786926f8df45a167102e
Sha256: 206cb889e732293551d3d9261c25cd05b4d39226b678ff81d4fa708a713c41f7
                                        
                                            GET /media/59b393_1d6bec8956f44cd38ba0866456391f83~mv2_d_6016_4016_s_4_2.jpg/v1/fill/w_245,h_164,al_c,q_80,usm_0.66_1.00_0.01,blur_2/59b393_1d6bec8956f44cd38ba0866456391f83~mv2_d_6016_4016_s_4_2.jpg HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/

                                         
                                         35.241.16.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
X-Seen-By: generic-zone-wiximage2-6b56f9dc9c-hv4bp-dispatcher_dsp
X-GUploader-UploadID: AEnB2UrDSX0i7yXmohf88zwCBMNtiymXMwm5waqIdmpCQ49bm3jTqYCuSY4t-O-IXC2SEu9iBoqTyhzRfDj_I3QWh85SaXTzzoIcpOH1_aVP_72X7VffzSA
Expires: Wed, 16 Oct 2019 15:40:35 GMT
Date: Fri, 19 Apr 2019 15:40:35 GMT
Last-Modified: Sun, 07 Apr 2019 06:59:36 GMT
Etag: "219cf0574b60817ce19cb552ef3ee0f4"
x-goog-generation: 1554620376019590
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 40925
x-goog-hash: crc32c=JkuaKg==, md5=IZzwV0tggXzhnLVS7z7g9A==
x-goog-expiration: Sat, 06 Jul 2019 06:59:36 GMT
x-goog-storage-class: REGIONAL
Accept-Ranges: bytes
Content-Length: 40925
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Server: UploadServer
Timing-Allow-Origin: *
Via: 1.1 google
Cache-Control: public, max-age=15552000, immutable
Age: 75193
Alt-Svc: clear


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   40925
Md5:    219cf0574b60817ce19cb552ef3ee0f4
Sha1:   49090a342557853bd4a40f50066ea34ff5915419
Sha256: 182cb7c87e778da9f97d93cc289819ae4bf8c80742d8b844717347030f6e20d7
                                        
                                            GET /media/59b393_410ad1a29e1041cda4787aac45cb8750~mv2.png/v1/fill/w_149,h_24,al_c,usm_0.66_1.00_0.01,blur_2/59b393_410ad1a29e1041cda4787aac45cb8750~mv2.png HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/

                                         
                                         35.241.16.116
HTTP/1.1 200 OK
Content-Type: image/png
                                        
X-Seen-By: generic-zone-wiximage2-6b56f9dc9c-dlkw2-dispatcher_dsp
X-GUploader-UploadID: AEnB2UrrLGFAVMss5DqGTLEcun9m0cPv_e2JTLM-ExrBrvCVfuEe-EwY7GbPXldDgtXEaJp_9pP99VacKhUVxWCRn9IAQFQYLA
Expires: Wed, 16 Oct 2019 16:29:20 GMT
Date: Fri, 19 Apr 2019 16:29:20 GMT
Last-Modified: Sun, 07 Apr 2019 06:59:40 GMT
Etag: "a05db36d7f9b36ed84e22fff53c7a3bd"
x-goog-generation: 1554620380464486
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5458
x-goog-hash: crc32c=gY3U9Q==, md5=oF2zbX+bNu2E4i//U8ejvQ==
x-goog-expiration: Sat, 06 Jul 2019 06:59:40 GMT
x-goog-storage-class: REGIONAL
Accept-Ranges: bytes
Content-Length: 5458
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Server: UploadServer
Timing-Allow-Origin: *
Via: 1.1 google
Cache-Control: public, max-age=15552000, immutable
Age: 72268
Alt-Svc: clear


--- Additional Info ---
Magic:  PNG image, 149 x 24, 8-bit/color RGBA, interlaced
Size:   5458
Md5:    a05db36d7f9b36ed84e22fff53c7a3bd
Sha1:   e8b7388f072b47dc6cb87afc578162d93d726c58
Sha256: ebdd89f645c7d94e5b40d791614fde28c47d0bab4694ecf7cf02a98b16ba9343
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 20 Apr 2019 12:33:48 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    91dd3ad50dbbee4036be3060fc705a46
Sha1:   8ab212468d6aced6b8e6a6984d971a24a117c7f4
Sha256: fc2c569590b9ce0585b7611fa01b70388bd92fa99ed81769d4a05b7d550a1a42
                                        
                                            GET /s/barlow/v1/ZqlneECqpsd9SXlmAsD2Ez8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v5/languages.css
Origin: https://www.hyttetomta.no

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 30692
Date: Fri, 19 Apr 2019 15:32:34 GMT
Expires: Sat, 18 Apr 2020 15:32:34 GMT
Last-Modified: Tue, 07 Nov 2017 15:25:36 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 75674
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   30692
Md5:    c0728deb5be59eb08dc59bcc3266425a
Sha1:   8ae997c633b5551cf9ce7b91ca71a9b9d4eafe9a
Sha256: 0750de99d0438319df81bdb0e0962b8d2780e6ce57f631d26c626c6737ae3a0a
                                        
                                            GET /ufonts/59b393_7c153ea7f41742ab8e06632ff4243cd9/woff/file.woff HTTP/1.1 
Host: static.wixstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.hyttetomta.no/
Origin: https://www.hyttetomta.no

                                         
                                         35.241.16.116
HTTP/1.1 200 OK
Content-Type: None
                                        
X-Seen-By: generic-zone-wiximage2-6b56f9dc9c-ffvzh-dispatcher_dsp
X-GUploader-UploadID: AEnB2UqqxfgSxdP2NcDTC_of7JPBJ-xLOwgX9OTi8-XutaPlB-o27VLDN4H9kWzwUxkLGzVb9-s6x36Lc-6nftqzvytu3j6OBA
Expires: Wed, 16 Oct 2019 15:40:47 GMT
Date: Fri, 19 Apr 2019 15:40:47 GMT
Last-Modified: Fri, 29 Jun 2018 19:07:07 GMT
Etag: "cea437647f0f51228fe78fa89692fd1e"
x-goog-generation: 1530299227897490
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 58616
x-goog-meta-origin: wpm-v-tr
x-goog-hash: crc32c=85gKSw==, md5=zqQ3ZH8PUSKP54+olpL9Hg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 58616
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
Server: UploadServer
Timing-Allow-Origin: *
Via: 1.1 google
Cache-Control: public, max-age=15552000, immutable
Age: 75181
Alt-Svc: clear


--- Additional Info ---
Magic:  data
Size:   58616
Md5:    cea437647f0f51228fe78fa89692fd1e
Sha1:   9ac7b044294ab11ba82c8e705a18f60eac7875db
Sha256: 3e38f02b04f85584eae23b4f5cefe838879ea5e10e395d0f26fc8b2a86aab856
                                        
                                            GET /s/poppins/v5/p0A1C4_gK5NzKtuGSwNurQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v5/languages.css
Origin: https://www.hyttetomta.no

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 13884
Date: Fri, 19 Apr 2019 15:06:27 GMT
Expires: Sat, 18 Apr 2020 15:06:27 GMT
Last-Modified: Wed, 11 Oct 2017 18:22:49 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 77241
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   13884
Md5:    257009726ee9341c25d0a8bb00f6c8a5
Sha1:   64c95424e461f4a63601eec710efe5306927bab0
Sha256: 0b6feb27c57dc7ef150f46323c1909c8a53450bcbb68b27c6fcf40514b79a450
                                        
                                            GET /s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlEw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Anton:n,b,i,bi|Basic:n,b,i,bi|Caudex:n,b,i,bi|Chelsea+Market:n,b,i,bi|Corben:n,b,i,bi|EB+Garamond:n,b,i,bi|Enriqueta:n,b,i,bi|Forum:n,b,i,bi|Fredericka+the+Great:n,b,i,bi|Jockey+One:n,b,i,bi|Josefin+Slab:n,b,i,bi|Jura:n,b,i,bi|Kelly+Slab:n,b,i,bi|Marck+Script:n,b,i,bi|Lobster:n,b,i,bi|Mr+De+Haviland:n,b,i,bi|Niconne:n,b,i,bi|Noticia+Text:n,b,i,bi|Overlock:n,b,i,bi|Patrick+Hand:n,b,i,bi|Play:n,b,i,bi|Sarina:n,b,i,bi|Signika:n,b,i,bi|Spinnaker:n,b,i,bi|Monoton:n,b,i,bi|Sacramento:n,b,i,bi|Cookie:n,b,i,bi|Raleway:n,b,i,bi|Open+Sans+Condensed:300:n,b,i,bi|Amatic+SC:n,b,i,bi|Cinzel:n,b,i,bi|Sail:n,b,i,bi|Playfair+Display:n,b,i,bi|Libre+Baskerville:n,b,i,bi|Roboto:n,b,i,bi|Roboto:n,b,i,bi|Roboto:n,b,i,bi|Work+Sans:n,b,i,bi|Work+Sans:n,b,i,bi|Poppins:n,b,i,bi|Poppins:n,b,i,bi|Barlow:n,b,i,bi|Barlow:n,b,i,bi|Oswald:n,b,i,bi|Oswald:n,b,i,bi|Oswald:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Playfair+Display:n,b,i,bi|Dancing+Script:n,b,i,bi|Damion:n,b,i,bi|Suez+One:n,b,i,bi|Rozha+One:n,b,i,bi|Raleway:n,b,i,bi|Lato:n,b,i,bi|Questrial:n,b,i,bi|Montserrat:n,b,i,bi|&subset=hebrew,arabic,latin
Origin: https://www.hyttetomta.no

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 10400
Date: Fri, 19 Apr 2019 15:12:41 GMT
Expires: Sat, 18 Apr 2020 15:12:41 GMT
Last-Modified: Tue, 19 Feb 2019 22:26:40 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 76867
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   10400
Md5:    bc1e47a3976358aa868a72de5a85de5a
Sha1:   c2ade4e853a1ba3174c8baec8f442dd76540eb95
Sha256: 36d3e15547ed77f976ebccf230bf53f7e8a2addcb4219570291c7c3d5dd52278
                                        
                                            GET /s/poppins/v5/h3r77AwDsldr1E_2g4qqGBsxEYwM7FgeyaSgU71cLG0.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v5/languages.css
Origin: https://www.hyttetomta.no

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 13896
Date: Fri, 19 Apr 2019 15:36:35 GMT
Expires: Sat, 18 Apr 2020 15:36:35 GMT
Last-Modified: Wed, 11 Oct 2017 18:22:09 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 75434
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   13896
Md5:    a153ca2993058e5bbac75f3dd8070c68
Sha1:   5d0b3afb660133803eaa071bea9dd2fca39b1a9b
Sha256: 6da00dfd19eab11c602459854e31500b7d9c88b257aca6830d8a00d23401dacc
                                        
                                            GET /s/poppins/v5/9VWMTeb5jtXkNoTv949NpRsxEYwM7FgeyaSgU71cLG0.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v5/languages.css
Origin: https://www.hyttetomta.no

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 13852
Date: Fri, 19 Apr 2019 15:17:50 GMT
Expires: Sat, 18 Apr 2020 15:17:50 GMT
Last-Modified: Wed, 11 Oct 2017 18:22:42 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 76559
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   13852
Md5:    042ec28693dc5cd2190a749cb6f92d47
Sha1:   0348de0805c215fa9f01202a513d67d066e4fa62
Sha256: ed460536d9acc117f49011af0dddcd3f3249a3133a13c0f7650910a2881f9a76
                                        
                                            GET /s/barlow/v1/51v0xj5VPw1cLYHNhfd8ND8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v5/languages.css
Origin: https://www.hyttetomta.no

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 28856
Date: Fri, 19 Apr 2019 15:04:23 GMT
Expires: Sat, 18 Apr 2020 15:04:23 GMT
Last-Modified: Tue, 07 Nov 2017 15:24:53 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 77366
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   28856
Md5:    b3ba5ff677077c47cf1d323476a333f7
Sha1:   19b6aa054dbfd776f5eeac23f9a95933004f7c73
Sha256: 5ec8cdd7c5cbdbd52f1035f3353ea7c16370b41d5926af4ec6dd3f94c5f229f2
                                        
                                            GET /s/barlow/v3/7cHpv4kjgoGqM7E_DMs_.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Anton:n,b,i,bi|Basic:n,b,i,bi|Caudex:n,b,i,bi|Chelsea+Market:n,b,i,bi|Corben:n,b,i,bi|EB+Garamond:n,b,i,bi|Enriqueta:n,b,i,bi|Forum:n,b,i,bi|Fredericka+the+Great:n,b,i,bi|Jockey+One:n,b,i,bi|Josefin+Slab:n,b,i,bi|Jura:n,b,i,bi|Kelly+Slab:n,b,i,bi|Marck+Script:n,b,i,bi|Lobster:n,b,i,bi|Mr+De+Haviland:n,b,i,bi|Niconne:n,b,i,bi|Noticia+Text:n,b,i,bi|Overlock:n,b,i,bi|Patrick+Hand:n,b,i,bi|Play:n,b,i,bi|Sarina:n,b,i,bi|Signika:n,b,i,bi|Spinnaker:n,b,i,bi|Monoton:n,b,i,bi|Sacramento:n,b,i,bi|Cookie:n,b,i,bi|Raleway:n,b,i,bi|Open+Sans+Condensed:300:n,b,i,bi|Amatic+SC:n,b,i,bi|Cinzel:n,b,i,bi|Sail:n,b,i,bi|Playfair+Display:n,b,i,bi|Libre+Baskerville:n,b,i,bi|Roboto:n,b,i,bi|Roboto:n,b,i,bi|Roboto:n,b,i,bi|Work+Sans:n,b,i,bi|Work+Sans:n,b,i,bi|Poppins:n,b,i,bi|Poppins:n,b,i,bi|Barlow:n,b,i,bi|Barlow:n,b,i,bi|Oswald:n,b,i,bi|Oswald:n,b,i,bi|Oswald:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Playfair+Display:n,b,i,bi|Dancing+Script:n,b,i,bi|Damion:n,b,i,bi|Suez+One:n,b,i,bi|Rozha+One:n,b,i,bi|Raleway:n,b,i,bi|Lato:n,b,i,bi|Questrial:n,b,i,bi|Montserrat:n,b,i,bi|&subset=hebrew,arabic,latin
Origin: https://www.hyttetomta.no

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 24916
Date: Fri, 19 Apr 2019 15:03:38 GMT
Expires: Sat, 18 Apr 2020 15:03:38 GMT
Last-Modified: Tue, 15 Jan 2019 20:03:55 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 77411
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   24916
Md5:    90eaa4040ed022b8899840bf654f58b6
Sha1:   fd10e167ecfd48c7161995bf539087e58294f1c0
Sha256: d647b9bfff87a69589dfe74a6cfeb62813e02ae22422ff488e5757b52ce4a953
                                        
                                            GET /s/poppins/v6/pxiEyp8kv8JHgFVrJJfedA.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Anton:n,b,i,bi|Basic:n,b,i,bi|Caudex:n,b,i,bi|Chelsea+Market:n,b,i,bi|Corben:n,b,i,bi|EB+Garamond:n,b,i,bi|Enriqueta:n,b,i,bi|Forum:n,b,i,bi|Fredericka+the+Great:n,b,i,bi|Jockey+One:n,b,i,bi|Josefin+Slab:n,b,i,bi|Jura:n,b,i,bi|Kelly+Slab:n,b,i,bi|Marck+Script:n,b,i,bi|Lobster:n,b,i,bi|Mr+De+Haviland:n,b,i,bi|Niconne:n,b,i,bi|Noticia+Text:n,b,i,bi|Overlock:n,b,i,bi|Patrick+Hand:n,b,i,bi|Play:n,b,i,bi|Sarina:n,b,i,bi|Signika:n,b,i,bi|Spinnaker:n,b,i,bi|Monoton:n,b,i,bi|Sacramento:n,b,i,bi|Cookie:n,b,i,bi|Raleway:n,b,i,bi|Open+Sans+Condensed:300:n,b,i,bi|Amatic+SC:n,b,i,bi|Cinzel:n,b,i,bi|Sail:n,b,i,bi|Playfair+Display:n,b,i,bi|Libre+Baskerville:n,b,i,bi|Roboto:n,b,i,bi|Roboto:n,b,i,bi|Roboto:n,b,i,bi|Work+Sans:n,b,i,bi|Work+Sans:n,b,i,bi|Poppins:n,b,i,bi|Poppins:n,b,i,bi|Barlow:n,b,i,bi|Barlow:n,b,i,bi|Oswald:n,b,i,bi|Oswald:n,b,i,bi|Oswald:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Cormorant+Garamond:n,b,i,bi|Playfair+Display:n,b,i,bi|Dancing+Script:n,b,i,bi|Damion:n,b,i,bi|Suez+One:n,b,i,bi|Rozha+One:n,b,i,bi|Raleway:n,b,i,bi|Lato:n,b,i,bi|Questrial:n,b,i,bi|Montserrat:n,b,i,bi|&subset=hebrew,arabic,latin
Origin: https://www.hyttetomta.no

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 10484
Date: Fri, 19 Apr 2019 15:04:37 GMT
Expires: Sat, 18 Apr 2020 15:04:37 GMT
Last-Modified: Tue, 19 Feb 2019 22:29:05 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 77352
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   10484
Md5:    46a7d48240d428c9dc3d4ff579199312
Sha1:   d49a79972ec89d851547d88b2250b8e3e1e02fe6
Sha256: bb3bb90231ec460c8c394f1c2ae4f1c9ad761ee639fcc62cf99e921e215cc4e0
                                        
                                            GET /services/third-party/fonts/user-site-fonts/fonts/908c4810-64db-4b46-bb8e-823eb41f68c0.woff HTTP/1.1 
Host: static.parastorage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v5/languages.css
Origin: https://www.hyttetomta.no

                                         
                                         130.211.46.196
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Server: nginx/1.13.6
Date: Fri, 19 Apr 2019 15:25:06 GMT
Vary: Accept-Encoding
Last-Modified: Tue, 17 Apr 2018 11:11:00 GMT
Etag: W/"8d2ec16d0690422bc42584ecea721344-1"
x-amz-version-id: 7wealzQO8ZDCgrFnQ058YqPVbdj5VHrp
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: public, max-age=7776000
Content-Length: 22218
Age: 76123
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22218
Md5:    16494ca513bdb74e9c466e0e45c59ac1
Sha1:   8304dba38e729d34efe52de51da4b87e1587f92f
Sha256: bdcc51b731ae91fce8afa6658817e6f1e858e64994e818deb2f5ba584b243cf3