Overview

URL boenesauto.no/
IP172.104.241.160
ASN
Location United States
Report completed2019-04-19 05:13:01 CEST
StatusLoading report..
urlquery Alerts DynDNS domain detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 172.104.241.160

Date UQ / IDS / BL URL IP
2019-05-26 08:09:33 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-25 21:10:31 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-24 23:09:45 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-24 12:09:48 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-24 01:09:49 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-23 14:09:54 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-21 18:10:09 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-21 07:10:56 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-20 20:10:07 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-20 07:44:01 +0200
0 - 1 - 0 monoreklame.no/ 172.104.241.160

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-05-26 08:17:05 +0200
0 - 0 - 2 pan.cccyun.cc/down.php/7e91da766f847acfa44555 (...) 43.242.75.5
2019-05-26 08:17:02 +0200
0 - 2 - 0 d3v15mid11zplu.cloudfront.net/b0ddqu-qlhqgt/K (...) 143.204.51.214
2019-05-26 08:17:01 +0200
0 - 0 - 1 m.shouji.360tpcdn.com/360sj/jifeng/147274_1fd (...) 143.204.51.51
2019-05-26 08:16:39 +0200
0 - 0 - 1 m.shouji.360tpcdn.com/360sj/tpi/20130424/org. (...) 143.204.51.144
2019-05-26 08:15:51 +0200
0 - 0 - 2 pan.cccyun.cc/down.php/e54f02195e41cc4003c514 (...) 43.242.75.5
2019-05-26 08:15:20 +0200
0 - 0 - 1 m.shouji.360tpcdn.com/360sj/jifeng/55440_e2f8 (...) 143.204.51.144
2019-05-26 08:11:49 +0200
0 - 1 - 0 download.crayzilla.com/mzrt.exe 103.208.86.34
2019-05-26 08:11:38 +0200
0 - 2 - 1 15117.url.7wkw.com/xiaz/office2007%E5%AE%98%E (...) 139.224.39.0
2019-05-26 08:11:33 +0200
0 - 2 - 1 14963.url.246546.com/down/%EF%BF%BD%EC%B2%A53 (...) 114.55.188.114
2019-05-26 08:11:32 +0200
0 - 0 - 1 d3kj6o4rxau601.cloudfront.net/xiaoqing/exp1_y (...) 143.204.51.132

Last 10 reports on domain: boenesauto.no

Date UQ / IDS / BL URL IP
2019-05-26 08:09:33 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-25 21:10:31 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-24 23:09:45 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-24 12:09:48 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-24 01:09:49 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-23 14:09:54 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-21 18:10:09 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-21 07:10:56 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-20 20:10:07 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160
2019-05-19 22:10:17 +0200
7 - 0 - 0 boenesauto.no/ 172.104.241.160


JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (40)

#1 JavaScript::Write (size: 24, repeated: 5) - SHA256: 27762f5c23109e7412f21dd66316ec97199f12a51951e80411caa784fea2b959

                                         class = "toplevelmenuitem
                                    

#2 JavaScript::Write (size: 15, repeated: 1) - SHA256: d8901d86565fcdcc507ebef9a43c3d6fa937fa1e8aff74e18a1975f64d1607ff

                                         id = "nav_402_0"
                                    

#3 JavaScript::Write (size: 15, repeated: 1) - SHA256: 8771f54603d2ff6cf9fa0429d1152699c3b029c84ec02a574309d2ca26126ca9

                                         id = "nav_402_1"
                                    

#4 JavaScript::Write (size: 15, repeated: 1) - SHA256: e96175ae613b1256441210550629e1cc73213bb537f05df1f9472f883ac43c4d

                                         id = "nav_402_2"
                                    

#5 JavaScript::Write (size: 15, repeated: 1) - SHA256: 1a2b32ed321e7a6dcaec62702377fcf350f4075f8011cb3633bbe2e847e28abe

                                         id = "nav_402_3"
                                    

#6 JavaScript::Write (size: 15, repeated: 1) - SHA256: b836daaf20e6e4a0687223417063c1475838dd2f3fdb8fc550e5e1ea48943028

                                         id = "nav_402_4"
                                    

#7 JavaScript::Write (size: 7, repeated: 5) - SHA256: b3c61c5c856989ba5b6837d9491635121fdec9c476508eb43082da8ee757c8f2

                                         normal
                                    

#8 JavaScript::Write (size: 65, repeated: 1) - SHA256: 575f0890189d2e85d523682e374811de3515c8ccc41a7630e27dbc106bd318bd

                                         onmouseout = "wp_navbar_menu.wp_MenuItemOut('nav_402_0',nav_402);"
                                    

#9 JavaScript::Write (size: 65, repeated: 1) - SHA256: 4c372fd4a1c9954e3d97e72283a40cac92c99ddf02c53c94344a6b8d71eb6623

                                         onmouseout = "wp_navbar_menu.wp_MenuItemOut('nav_402_1',nav_402);"
                                    

#10 JavaScript::Write (size: 65, repeated: 1) - SHA256: 578188beda74fc1fb0517b6db794b029d4b380bd1fad9c490db580fbd9350626

                                         onmouseout = "wp_navbar_menu.wp_MenuItemOut('nav_402_2',nav_402);"
                                    

#11 JavaScript::Write (size: 65, repeated: 1) - SHA256: 5f5cf7398ea45a4524ce3230f389a1b2f9f6a1c0277ea04600ff5713a5714a0c

                                         onmouseout = "wp_navbar_menu.wp_MenuItemOut('nav_402_3',nav_402);"
                                    

#12 JavaScript::Write (size: 65, repeated: 1) - SHA256: c7a10ea7c94977dfc4259f2db0df45f588e60a47c5e35d99d94cbb2d2276b12f

                                         onmouseout = "wp_navbar_menu.wp_MenuItemOut('nav_402_4',nav_402);"
                                    

#13 JavaScript::Write (size: 72, repeated: 1) - SHA256: 6cb1444682255fbd2c579f6e284487caf34c62cc391d11cba673780488466209

                                         onmouseover = "wp_navbar_menu.wp_MenuItemOver('nav_402_0',nav_402,null);"
                                    

#14 JavaScript::Write (size: 72, repeated: 1) - SHA256: fed4a3c273279e6728a52a95ca53a9ae047cd650f52b0cd69c944cb879736015

                                         onmouseover = "wp_navbar_menu.wp_MenuItemOver('nav_402_1',nav_402,null);"
                                    

#15 JavaScript::Write (size: 72, repeated: 1) - SHA256: 9b53cdf8e01e7696d0bd7fc4a72e3018e76f66fc7bc65885f4e7dc752f0382f6

                                         onmouseover = "wp_navbar_menu.wp_MenuItemOver('nav_402_2',nav_402,null);"
                                    

#16 JavaScript::Write (size: 72, repeated: 1) - SHA256: 05ac972003dbef3246316a994ffd17802fe8b4dc8462d770727251950218f5d7

                                         onmouseover = "wp_navbar_menu.wp_MenuItemOver('nav_402_3',nav_402,null);"
                                    

#17 JavaScript::Write (size: 72, repeated: 1) - SHA256: 8f5426d911657667672dfb224b1702fdfdbe3f6d904a080db4a67baf54895733

                                         onmouseover = "wp_navbar_menu.wp_MenuItemOver('nav_402_4',nav_402,null);"
                                    

#18 JavaScript::Write (size: 15, repeated: 5) - SHA256: ad22ed047f52ffed4818356e475727fadd5205fe1ed5db066a95146c3a258340

                                         target = "_self"
                                    

#19 JavaScript::Write (size: 29, repeated: 1) - SHA256: d9f83f07b4bdfb3a264bee33f3f838ad90e7edcf13bad4575ce99914965273af

                                         toplevelmenuitem_currentpage
                                    

#20 JavaScript::Write (size: 28, repeated: 1) - SHA256: 5785018d829bc11ee61eff7d9dee56f4ab38e1902f56fb23688bbe0a912b19ef

                                         toplevelmenuitem_firstchild
                                    

#21 JavaScript::Write (size: 27, repeated: 1) - SHA256: ee4d801ae98349504e1992f9e7ef45782c38cbc9722e6a0bfd0f714adbf3eecb

                                         toplevelmenuitem_lastchild
                                    

#22 JavaScript::Write (size: 1, repeated: 5) - SHA256: 8a331fdde7032f33a71e1b2e257d80166e348e00fcb17914f48bdb57a1c63007

                                        "
                                    

#23 JavaScript::Write (size: 4, repeated: 5) - SHA256: ecd5b806462c7dfdf078ac76c549060a06660422d00e55bd5823be6747361085

                                        < /a>
                                    

#24 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#25 JavaScript::Write (size: 7, repeated: 4) - SHA256: 411fdb22d8d9298e5d32f2cdcc7e865f8f3bf55c5ad15133b18e1b86bb7a2499

                                        < /span>
                                    

#26 JavaScript::Write (size: 48, repeated: 1) - SHA256: 7b47d7507e62292a172a7ec6706c6034e659965026acea6e1b350dfcca0f79fb

                                        < a href = "http://www.boenesauto.no/bildeler.html"
                                    

#27 JavaScript::Write (size: 44, repeated: 1) - SHA256: 95c284deec54369137891af44865f9914356998a9a6169c55aa6749b8020f61c

                                        < a href = "http://www.boenesauto.no/dekk.html"
                                    

#28 JavaScript::Write (size: 46, repeated: 1) - SHA256: f2168894f1ada260662b6a824fda609d5d4edc4218f4081e6926a557500da07b

                                        < a href = "http://www.boenesauto.no/felger.html"
                                    

#29 JavaScript::Write (size: 45, repeated: 1) - SHA256: d9f6f50567f11ffe4919c4d0112b266c9641c32e5d57655608447c18977b4559

                                        < a href = "http://www.boenesauto.no/index.html"
                                    

#30 JavaScript::Write (size: 47, repeated: 1) - SHA256: cec95f042362f8109796cce02511968728824ffb47029396ca2bcc80519db3cc

                                        < a href = "http://www.boenesauto.no/kontakt.html"
                                    

#31 JavaScript::Write (size: 113, repeated: 1) - SHA256: 787b8c0654f1829b054e0c139b9d8230e48d0f8cd90c8a1350a1e7ca0efe5b53

                                        < div id = "nav_402"
class = "nav_402style"
style = "position:absolute;left:28px; top:144px; width:945px; height:31px;" >
                                    

#32 JavaScript::Write (size: 3585, repeated: 1) - SHA256: 7c61bf598219acc56d4a1f3cd268603187baff4fb7881dfa8b12dd72e7ac6f2b

                                        < script type = "text/javascript" > window.trackingInput = {
    "action": "pageView",
    "pageId": "YOUR_PAGE_ID",
    "url": "http://boenesauto.no/",
    "title": "B´┐Żnes Auto",
    "trackingAccountId": "3888",
    "referrer": ""
}; < /script> < img src = "https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=4633692952487537627&expires=30"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://us-u.openx.net/w/1.0/sd?id=536878327&val=4633692952487537627"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://atemda.com/UserMatch.ashx?bidderid=18&bidderuid=4633692952487537627&expiration=1558235550"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=4633692952487537627"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=4633692952487537627&expiration=1558235550"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://sync.search.spotxchange.com/partner?adv_id=7326&uid=4633692952487537627&img=1"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://pixel.advertising.com/ups/55955/sync?uid=4633692952487537627&_origin=1"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://sy.eu.angsrvr.com/sync?type=host&dsp=10&dspuuid=4633692952487537627"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://soma.smaato.net/oapi/idsync?redirect=https%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fsmaato%3FpartnerId%3DSomaCookieUserId%26deltaInitiated%3D1"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://pixel.advertising.com/ups/55955/sync?uid=4633692952487537627&_origin=1&gdpr=&gdpr_consent="
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://ad.sxp.smartclip.net/sync?type=red&dsp=39"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://sync.userreport.com/cs.gif?s=d3prj11&fk=4633692952487537627"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://x.bidswitch.net/sync?dsp_id=228&user_id=4633692952487537627&expires=30"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://dmp.adform.net/serving/cookie/match?party=1124&cid=4633692952487537627"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://usermatch.targeting.unrulymedia.com/usermatch/delta/4633692952487537627"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
    < img src = "https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=4633692952487537627&expiration=1558235550"
border = "0"
referrerpolicy = "no-referrer"
width = "1"
height = "1"
galleryimg = "no"
alt = "" / >
                                    

#33 JavaScript::Write (size: 29, repeated: 4) - SHA256: 770a3e624bebf99a114e0a515495228f40b54ccbbc7456e5cd7c3bc97549f79c

                                        < span class = "toplevelspacer" >
                                    

#34 JavaScript::Write (size: 1, repeated: 5) - SHA256: 62b67e1f685b7fef51102005dddd27774be3fee38c42965c53aab035d0b6b221

                                        >
                                    

#35 JavaScript::Write (size: 8, repeated: 1) - SHA256: d3a49a284fa650b3da1b7d88e606d2c46628f2bea5db427282d03f61dffd5410

                                        Bildeler
                                    

#36 JavaScript::Write (size: 4, repeated: 1) - SHA256: 965cbddd87055c90f8650b5d2c6c187b08bf1db48bc310e5b1e181ef590d1640

                                        Dekk
                                    

#37 JavaScript::Write (size: 6, repeated: 1) - SHA256: e56b9bd52de77b4f5b8fde3d92e7fddb9aebe0ef81c3f99737d5c731fe44d9c6

                                        Felger
                                    

#38 JavaScript::Write (size: 8, repeated: 1) - SHA256: 8f7d204a8a973f8263cb658e2e6b92200811c39107f2b5602e6313ef8d69dbd4

                                        Forsiden
                                    

#39 JavaScript::Write (size: 16, repeated: 1) - SHA256: cc2342311c4a15ed6ce9c5506bed050cc1486958cda4a31cc18bc7e077133c0f

                                        Kontakt & nbsp;
oss
                                    

#40 JavaScript::Write (size: 1, repeated: 4) - SHA256: cbe5cfdf7c2118a9c3d78ef1d684f3afa089201352886449a06a6511cfef74a7

                                        |
                                    


HTTP Transactions (90)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 12539
Last-Modified: Sun, 27 Aug 2017 13:46:59 GMT
Connection: keep-alive
Etag: "59a2cd53-30fb"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   12539
Md5:    c34e7f6a0d8010ee445a6197c2359640
Sha1:   66f33509351327af5e09f03859c9eeba39da7535
Sha256: 4ed75e2eb035751b03777a0398525ed360c9f627abd5e26a64a2d37fc9fd450f
                                        
                                            GET /wpscripts/wpstyles.css HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 1862
Last-Modified: Sun, 23 Mar 2014 22:15:04 GMT
Connection: keep-alive
Etag: "532f5ce8-746"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  troff or preprocessor input text
Size:   1862
Md5:    8ec6e5f36ef0473d9815dd2c0ebf0554
Sha1:   8681f015dae93c6b6eaa6e21308df136c175ce39
Sha256: 8f2b10e4a76134931186d4a3db83e158dd8ba04100cf1b0b0def082f28e83567
                                        
                                            GET /wpscripts/nav_402style.css HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 3316
Last-Modified: Tue, 03 Jun 2014 13:27:55 GMT
Connection: keep-alive
Etag: "538dcd5b-cf4"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   3316
Md5:    e6e2a8d0277eea14d4adbbfaff352387
Sha1:   d61cc26a43049ba25e5cc593383bcfb5ed1e9d13
Sha256: d15b994435cc47fc63915240a2f20ec9a99c54bb8569aa6071d2c217a480b759
                                        
                                            GET /wpscripts/jsNavBarFuncs.js HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 17394
Last-Modified: Sun, 23 Mar 2014 22:15:08 GMT
Connection: keep-alive
Etag: "532f5cec-43f2"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   17394
Md5:    fcfd2ae418b62c3e9b732d2a074c11f7
Sha1:   cece6add56416e8b594b6a8403883cd3dd289d59
Sha256: 2bc8e4324bdbd110d77580a78e269c97d7c51d4c755deb720d153717442bfd98
                                        
                                            GET /wpimages/wp4bc204b8_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 8712
Last-Modified: Sun, 23 Mar 2014 22:14:35 GMT
Connection: keep-alive
Etag: "532f5ccb-2208"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 989 x 750, 8-bit/color RGBA, non-interlaced
Size:   8712
Md5:    f5fa78839f3ea959f214f2b57fef0469
Sha1:   e0642b3482fb39f15648385c47097aaece2258a8
Sha256: ecfacd61f0a3db3c78fbc8c8255f071cf8e4998d95d6c722dc1adedfd45d1f0b
                                        
                                            GET /wpscripts/global_navtree.js HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 547
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 23 Mar 2014 22:15:09 GMT
Etag: "223-4f54d73af5540"
Accept-Ranges: bytes
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   547
Md5:    1cc227b4c1d817a862dc995217c7e1d2
Sha1:   b18a1c9611b7ff6d28a1acf59363e0fe3c51883c
Sha256: 2709d5a9bda6ca06e2c9e2903ca297ac44f0074af6232cfb81bffdccfcd2706e
                                        
                                            GET /wpscripts/wp_navbar_menu.js HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 12438
Last-Modified: Sun, 23 Mar 2014 22:15:10 GMT
Connection: keep-alive
Etag: "532f5cee-3096"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text, with CRLF line terminators
Size:   12438
Md5:    5bc077aa07c9a2407d8949206874fbb1
Sha1:   9ab185e43d391aa07c6cbdf9081199aecb4c9dc7
Sha256: cd04492b774ba533aed3ca06590aa4c16a000780850a7b0f9bb1e7bb7dafbe31
                                        
                                            GET /Converted%201.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 23878
Last-Modified: Sun, 23 Mar 2014 23:12:27 GMT
Connection: keep-alive
Etag: "532f6a5b-5d46"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 120 x 117, 8-bit/color RGBA, non-interlaced
Size:   23878
Md5:    330223b53cf22e0d9920d88b4e0a1593
Sha1:   b35f64a319a2557dc230260b8edd50e39a76f6db
Sha256: e2fca4cfe30e0e2beee3cf545bb49f4f4b673aef84bdcd428ad753f71abf92b4
                                        
                                            GET /wpimages/wp531df90a_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 1759
Last-Modified: Sun, 23 Mar 2014 22:14:41 GMT
Connection: keep-alive
Etag: "532f5cd1-6df"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 29 x 29, 8-bit/color RGBA, non-interlaced
Size:   1759
Md5:    7f84728ac2c062a3cff8a3a72c022fe6
Sha1:   b7927954048e8fa13b69be2a7e2dd90870ab5959
Sha256: 4194beb6ccfcf23db59626062551d18abf618054db6940ab4faa91a124037793
                                        
                                            GET /wpimages/wp3d3d0b8c_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 10382
Last-Modified: Sat, 05 Apr 2014 15:26:00 GMT
Connection: keep-alive
Etag: "53402088-288e"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 112 x 114, 8-bit/color RGBA, non-interlaced
Size:   10382
Md5:    8314b2aeeb9bb0f32245c31a3ae6a138
Sha1:   3d6a0fcfd83cdea190a8bb4d2f146860e9fa9a32
Sha256: 1d87c2e6c20f1dab431383d62fc8a046116fefceafc14def6f99649358d87f43
                                        
                                            GET /wpimages/wp66d34f7c_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 663
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 23 Mar 2014 22:14:39 GMT
Etag: "297-4f54d71e591c0"
Accept-Ranges: bytes
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  PNG image, 25 x 17, 8-bit/color RGBA, non-interlaced
Size:   663
Md5:    848a054d40700663e53f795ffde5f6f6
Sha1:   57dffd3f7dbfdb1f8fc470d8bad523e12440d6d4
Sha256: bfa711e4ad965304ec1c16d1e22dd67d3169a78335da8c95b5604a4649a890c2
                                        
                                            GET /wpimages/wpbedcf3b6_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 1522
Last-Modified: Sun, 23 Mar 2014 23:18:08 GMT
Connection: keep-alive
Etag: "532f6bb0-5f2"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 954 x 40, 8-bit/color RGBA, non-interlaced
Size:   1522
Md5:    ce66371c1fdd99e12c900345016a3f4a
Sha1:   8047f87f37f7342ce21e1c5ff25a278978cb5505
Sha256: 220e020fc0568328a3749c924b669d289df1d690a759ff955e08cfbcdcfe28e9
                                        
                                            GET /wpimages/wp567609ef_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 15612
Last-Modified: Sun, 23 Mar 2014 22:14:42 GMT
Connection: keep-alive
Etag: "532f5cd2-3cfc"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 170 x 70, 8-bit/color RGBA, non-interlaced
Size:   15612
Md5:    65c8f10f2791f0657392372cd0c3c380
Sha1:   780d040eec370f78c4b54d21b044e9e634276f4d
Sha256: 6b0bd1089b102313d1f35cb5154bc4dff4c9778c3568e81324fa4f15848de932
                                        
                                            GET /wpimages/wp1d02a5b6_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 15182
Last-Modified: Sun, 23 Mar 2014 22:14:38 GMT
Connection: keep-alive
Etag: "532f5cce-3b4e"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 411 x 163, 8-bit/color RGBA, non-interlaced
Size:   15182
Md5:    e187d02efdd6f8c51b59547564df1888
Sha1:   c4476c61ae7478b3f4b18070abe5e709c383f89e
Sha256: fdfa16bf55e2e3685f82d244ca934585c5e29f7af0ffe075ed1aa1502cfde7aa
                                        
                                            GET /Cyan.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 622
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 23 Mar 2014 22:12:22 GMT
Etag: "26e-4f54d69bb1d80"
Accept-Ranges: bytes
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  PNG image, 3000 x 3, 8-bit/color RGBA, non-interlaced
Size:   622
Md5:    212b62402b29f17bb6fe36503343beb7
Sha1:   72040b61b26b8a440679d629e9c0274ed93e2132
Sha256: 5c176a713c9e9207604313b60bc9b108b46140233fc6b5c316b995a740e8b072
                                        
                                            GET /Converted%202.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 48909
Last-Modified: Sun, 23 Mar 2014 23:12:31 GMT
Connection: keep-alive
Etag: "532f6a5f-bf0d"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 454 x 102, 8-bit/color RGBA, non-interlaced
Size:   48909
Md5:    f0a477132879497a4e4b24ed12a26715
Sha1:   af1e56c0d618e17d361ad860c44b5fa1e096da96
Sha256: 630755b4a1403aa29030e46d1a62016d15ad739e34aade84ad8aaf1ae6b102ff
                                        
                                            GET /wpimages/wpc47f9774_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 36441
Last-Modified: Sat, 05 Apr 2014 15:26:02 GMT
Connection: keep-alive
Etag: "5340208a-8e59"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 330 x 131, 8-bit/color RGBA, non-interlaced
Size:   36441
Md5:    853c25986d0a1f7cc7c97c8191943804
Sha1:   fd80414dfcae5b9a9fce204843d7283df2d799df
Sha256: f1fb9c4514ae41b1ddba241d050a07d2a88ce35b2d45e6abdb89f9159c5e802b
                                        
                                            GET /wpimages/wp2c96c0ec_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 34304
Last-Modified: Sat, 05 Apr 2014 15:26:03 GMT
Connection: keep-alive
Etag: "5340208b-8600"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 330 x 131, 8-bit/color RGBA, non-interlaced
Size:   34304
Md5:    956e4ed2f2a3a767157e7cd008354cfb
Sha1:   80ff5cd871ac7bbd98dd4975999c76f5fd87c2a4
Sha256: 3878b3391335717a98706dbe78396a644bbedc545bdc4e89d88ee3ddf6a9fc6b
                                        
                                            GET /wpimages/wpedaae5ed_06.png HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.104.241.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 36278
Last-Modified: Sat, 05 Apr 2014 15:26:05 GMT
Connection: keep-alive
Etag: "5340208d-8db6"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 330 x 227, 8-bit/color RGBA, non-interlaced
Size:   36278
Md5:    1656cb8ee67c751b79c1c99259cc0cba
Sha1:   331b3c664467bb8b09c9f77e667c98c5214d6eb2
Sha256: 89bd2f05dd8d20ddb1d09d91c1b2767fb216c362254bec9164d9e1adcb7143d9
                                        
                                            GET /d7.js HTTP/1.1 
Host: tb.de17a.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         213.155.156.189
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Fri, 19 Apr 2019 03:12:29 GMT
Content-Length: 6269
Connection: close
Cache-Control: must-revalidate, private
Etag: W/"PUaUvHY9tNoPUaV1Mwti/M--gzip"
Last-Modified: Tue, 26 Mar 2019 12:53:56 GMT
Vary: Accept-Encoding, User-Agent
Content-Encoding: gzip
P3P: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   6269
Md5:    321857434269b54f223767d0c9cc9109
Sha1:   be2131089cf1446d420fa632f5e816a8368e06c4
Sha256: 5e99b16ab9dac0f2ffede6fbeec1e0e9d6f98a8400dd124cb0d8040da06b5d0a
                                        
                                            GET /ba/webnyheter/index.php HTTP/1.1 
Host: bitk.dnsalias.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         193.212.242.58
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 19 Apr 2019 03:12:29 GMT
Server: Apache/2.4.25 (Unix) LibreSSL/2.2.7
Set-Cookie: B%C3%B8nes_Auto___Autobil___Dekk_1333244166519=kidrpui8ciadf9lqich0s9rig6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Content-Length: 4816
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   4816
Md5:    a2556a680457fbb5f45cfe09006b9f57
Sha1:   a1a0124069d9ee2b481786bcd6cff00781e8e3bc
Sha256: d757084d19c81225740bb3af855c7575529fe4d9519e10e502d806bfff9d8a41

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /ba/webnyheter/agentis2.css HTTP/1.1 
Host: bitk.dnsalias.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bitk.dnsalias.com/ba/webnyheter/index.php
Cookie: B%C3%B8nes_Auto___Autobil___Dekk_1333244166519=kidrpui8ciadf9lqich0s9rig6

                                         
                                         193.212.242.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 19 Apr 2019 03:12:29 GMT
Server: Apache/2.4.25 (Unix) LibreSSL/2.2.7
Last-Modified: Tue, 11 Sep 2012 02:04:49 GMT
Etag: "2f16-4c9637fbed240"
Content-Length: 12054
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   12054
Md5:    f79bf3b7894aaee0b8918f775030d71e
Sha1:   36b414e6561e5610cb86125a25547bcf10a36060
Sha256: 07080b16b9683bebcfc149c1e2ad082967b801f6eda2815f28637f6a6922e9ce

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /ba/webnyheter/img.php?-url=%2Ffmi%2Fxml%2Fcnt%2FPhoto%252008-08-2017%252011.55.49.jpg%3F-db%3Dautobil%26amp%3B-lay%3DWebNyheter%2520-%2520Liste%26amp%3B-recid%3D47%26amp%3B-field%3DBildeThumbnail%281%29 HTTP/1.1 
Host: bitk.dnsalias.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bitk.dnsalias.com/ba/webnyheter/index.php
Cookie: B%C3%B8nes_Auto___Autobil___Dekk_1333244166519=kidrpui8ciadf9lqich0s9rig6

                                         
                                         193.212.242.58
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 19 Apr 2019 03:12:29 GMT
Server: Apache/2.4.25 (Unix) LibreSSL/2.2.7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   12961
Md5:    e0af6411e321fbecdf5d2636b4879827
Sha1:   73cc71a5c2fc9c72905d23ca290915f5ee3245e1
Sha256: cb4315e375042939521211fb7e08a6f15d091d5462bb42efce4e04af383308ac

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /ba/webnyheter/img.php?-url=%2Ffmi%2Fxml%2Fcnt%2FUntitled.jpg%3F-db%3Dautobil%26amp%3B-lay%3DWebNyheter%2520-%2520Liste%26amp%3B-recid%3D45%26amp%3B-field%3DBildeThumbnail%281%29 HTTP/1.1 
Host: bitk.dnsalias.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bitk.dnsalias.com/ba/webnyheter/index.php
Cookie: B%C3%B8nes_Auto___Autobil___Dekk_1333244166519=kidrpui8ciadf9lqich0s9rig6

                                         
                                         193.212.242.58
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 19 Apr 2019 03:12:29 GMT
Server: Apache/2.4.25 (Unix) LibreSSL/2.2.7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   13014
Md5:    92a75e29effe8e1b9bacac4761cc894c
Sha1:   945db89ee8d5129da233599ff211205c6c5816c0
Sha256: 8c2e7d39b983b44fe399c7b99ca75add00013a54aa436d934655b2792c42b187

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /ba/webnyheter/images/bodybg.png HTTP/1.1 
Host: bitk.dnsalias.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bitk.dnsalias.com/ba/webnyheter/agentis2.css
Cookie: B%C3%B8nes_Auto___Autobil___Dekk_1333244166519=kidrpui8ciadf9lqich0s9rig6

                                         
                                         193.212.242.58
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 19 Apr 2019 03:12:30 GMT
Server: Apache/2.4.25 (Unix) LibreSSL/2.2.7
Vary: accept-language,accept-charset
Content-Length: 618
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Language: en


--- Additional Info ---
Magic:  exported SGML document text
Size:   618
Md5:    11d5ca9699f9f230c2b99e2ac172b75b
Sha1:   078cc79263cf0d7022ae93341586944ad077a883
Sha256: 93477671d811ec456ecffb1786f3221e4df229e126cf0eaa4d3b1ced049d03f7

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /ba/webnyheter/img.php?-url=%2Ffmi%2Fxml%2Fcnt%2FPhoto%252008-08-2017%252013.39.04.jpg%3F-db%3Dautobil%26amp%3B-lay%3DWebNyheter%2520-%2520Liste%26amp%3B-recid%3D30%26amp%3B-field%3DBildeThumbnail%281%29 HTTP/1.1 
Host: bitk.dnsalias.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bitk.dnsalias.com/ba/webnyheter/index.php
Cookie: B%C3%B8nes_Auto___Autobil___Dekk_1333244166519=kidrpui8ciadf9lqich0s9rig6

                                         
                                         193.212.242.58
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 19 Apr 2019 03:12:30 GMT
Server: Apache/2.4.25 (Unix) LibreSSL/2.2.7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   12334
Md5:    3ff3e041dbd1b770ef2e2d0dd9e4446d
Sha1:   bae508cd85cb2e0444aa88e222caac35f8b59261
Sha256: 706b57d5b440131ff55a9117b2428caee76ffd1895dc58bcea9d9bfd83492e3b

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /ba/webnyheter/img.php?-url=%2Ffmi%2Fxml%2Fcnt%2FPhoto%252008-08-2017%252013.37.21.jpg%3F-db%3Dautobil%26amp%3B-lay%3DWebNyheter%2520-%2520Liste%26amp%3B-recid%3D34%26amp%3B-field%3DBildeThumbnail%281%29 HTTP/1.1 
Host: bitk.dnsalias.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bitk.dnsalias.com/ba/webnyheter/index.php
Cookie: B%C3%B8nes_Auto___Autobil___Dekk_1333244166519=kidrpui8ciadf9lqich0s9rig6

                                         
                                         193.212.242.58
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 19 Apr 2019 03:12:29 GMT
Server: Apache/2.4.25 (Unix) LibreSSL/2.2.7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   25462
Md5:    ea8b7562b41562491a495cb33863496a
Sha1:   19b2f93ac72df0214c838f42093e3483bb4fd706
Sha256: d962368ca5a43032897ca74ddbee19e9e50b3bbc5de3363225c912525caaa6a4

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP/1.1 
Host: tb.de17a.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         213.155.156.189
HTTP/1.1 307 Temporary Redirect
                                        
Server: nginx/1.10.1
Date: Fri, 19 Apr 2019 03:12:30 GMT
Content-Length: 0
Connection: close
Set-Cookie: guid=1.4633692952487537627;Version=1;Path=/;Domain=.de17a.com;Expires=Sat, 10-Oct-2020 03:12:30 GMT;Max-Age=46656000
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://tb.de17a.com/api/checkUid?data=%7B%7D&callback=$d7_cb_1
P3P: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.104.241.160
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:30 GMT
Content-Length: 209
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
                                        
                                            GET /api/checkUid?data=%7B%7D&callback=$d7_cb_1 HTTP/1.1 
Host: tb.de17a.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: guid=1.4633692952487537627

                                         
                                         213.155.156.189
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.10.1
Date: Fri, 19 Apr 2019 03:12:30 GMT
Content-Length: 61
Connection: close
P3P: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   61
Md5:    083a271d011299dca5342f20b765be2b
Sha1:   f29ac9cc3cf513c05a9065915f639ba47066d3f7
Sha256: 92835f0d1d3b690bc98ee488dd5f941633e3cb53727721edd2f97171e8219148
                                        
                                            GET /api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22http%3A%2F%2Fboenesauto.no%2F%22%2C%22title%22%3A%22B%C3%B8nes%20Auto%22%2C%22trackingAccountId%22%3A%223888%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2 HTTP/1.1 
Host: tb.de17a.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: guid=1.4633692952487537627

                                         
                                         213.155.156.189
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx/1.4.6 (Ubuntu)
Date: Fri, 19 Apr 2019 03:12:30 GMT
Content-Length: 3760
Connection: close
P3P: CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   3760
Md5:    f6f9e62361882378ca81ce9ced2e2dbd
Sha1:   b354b4b5be04c84c8ce9470e2817972fa17564e3
Sha256: 992bbab57961ad089bfbc7af8534e7ef1555ac8e83a6bbd6bc582288174a2318
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         172.217.21.163
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 19 Apr 2019 03:12:30 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d826b7888de71e25a5586ee20d1ea98f
Sha1:   6f8345a454e2e93a836c0039fc6931d171fc475d
Sha256: 75d8c780559f530ea1d61fc9f4468f99aeab0d31ec3aff618023cf96ea07fbbd
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.163
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 19 Apr 2019 03:12:30 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    5be872b3fe0bb6f31385f91f811e9586
Sha1:   1192231bcb9ee73e9f619d433cdb66dddd9ae7f7
Sha256: db0ad6191770bff9043482b68acf62a4e25d4390a03274cfbe413675dd8c9cf5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=119034
Date: Fri, 19 Apr 2019 03:12:30 GMT
Etag: "5cb843ac-1d7"
Expires: Sat, 20 Apr 2019 12:16:24 GMT
Last-Modified: Thu, 18 Apr 2019 09:30:20 GMT
Server: ECS (lcy/1D1C)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    b66845897a60b2704da705ba048fb40f
Sha1:   0f20be82f56d52876f0330e4cb657814bf1fe2c2
Sha256: 33b126bd8162cb066c3c12cba4de5c201baecd112cab138693eb15b3ddf4205c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=113115
Date: Fri, 19 Apr 2019 03:12:30 GMT
Etag: "5cb829fd-1d7"
Expires: Sat, 20 Apr 2019 10:37:45 GMT
Last-Modified: Thu, 18 Apr 2019 07:40:45 GMT
Server: ECS (lcy/1D68)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    36a4727608042eb2c9f234cf9e9e67d5
Sha1:   530d13a252a3b4505a8544572da204d75e1d6101
Sha256: 174842f02dba26c3eab50012d89f363eef4ea557ccbddf38149f2a03370651db
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=128829
Date: Fri, 19 Apr 2019 03:12:30 GMT
Etag: "5cb87be4-1d7"
Expires: Sat, 20 Apr 2019 14:59:39 GMT
Last-Modified: Thu, 18 Apr 2019 13:30:12 GMT
Server: ECS (ams/498D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    f7f18db60043b0da1394897eab30ea8d
Sha1:   07ec01f95a589c524e9716640094867d5331f981
Sha256: 15f406fe177b3730cf33e258e7eaea6e8bf345a29eca67a6011ac64296971df9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=151356
Date: Fri, 19 Apr 2019 03:12:30 GMT
Etag: "5cb8c4af-1d7"
Expires: Sat, 20 Apr 2019 21:15:06 GMT
Last-Modified: Thu, 18 Apr 2019 18:40:47 GMT
Server: ECS (lcy/1D24)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e73b9363f29c0edcd0b841b696afa77b
Sha1:   83006729a943d2b3094aa370832023a88d004b4c
Sha256: d1f3c4c362dfe61832406452edf4bae6e7961755850a03e01888fd52ebb5aeb1
                                        
                                            GET /pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         172.217.20.34
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc=
Date: Fri, 19 Apr 2019 03:12:30 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 312
X-XSS-Protection: 0
Set-Cookie: test_cookie=CheckForPermission; expires=Fri, 19-Apr-2019 03:27:30 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   312
Md5:    4dae5bd4ecff23275e976501639ca7ac
Sha1:   e41b8d0246e573084140ff0a4424bdac62c49500
Sha256: 136dc8262b2fbc24bef209d5e41b39e67cd5ee368907026fc7b6a9bffe431de0
                                        
                                            GET /tap.php?v=6327&nid=2135&put=4633692952487537627&expires=30 HTTP/1.1 
Host: pixel.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         69.173.144.136
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
X-RPHost: o4CHJRL49I3Q8YdyrOuZiw
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Connection: keep-alive
Content-Length: 42
Date: Fri, 19 Apr 2019 03:12:30 GMT
Server: Rubicon Project


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=113717
Date: Fri, 19 Apr 2019 03:12:30 GMT
Etag: "5cb84154-1d7"
Expires: Sat, 20 Apr 2019 10:47:47 GMT
Last-Modified: Thu, 18 Apr 2019 09:20:20 GMT
Server: ECS (lcy/1D6F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c4f68b0d75aafa2c8d02a0e7914927fb
Sha1:   b3a3b1544f353ee8fe773c3e999e53a6d9662172
Sha256: fae94b63854617e87f7df3562ca73a4b841f3a4077d017a74aa65d7fc3e9beed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=96593
Date: Fri, 19 Apr 2019 03:12:31 GMT
Etag: "5cb806ae-139"
Expires: Sat, 20 Apr 2019 06:02:24 GMT
Last-Modified: Thu, 18 Apr 2019 05:10:06 GMT
Server: ECS (lcy/1D1F)
X-Cache: HIT
Content-Length: 313


--- Additional Info ---
Magic:  data
Size:   313
Md5:    82d13bf1cfaa9591478fa8bf1391d7e0
Sha1:   edf0338243befb3a0acbe1eefdf71019241a2f4b
Sha256: 3fc2bb26525e0552563ba38ff6146bff05fa4388e31149bdc2999cdbcad1717f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=155720
Date: Fri, 19 Apr 2019 03:12:31 GMT
Etag: "5cb8eedd-1d7"
Expires: Sat, 20 Apr 2019 22:27:51 GMT
Last-Modified: Thu, 18 Apr 2019 21:40:45 GMT
Server: ECS (lcy/1D1C)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    6b62d180281c8b66668bc670f375c7ff
Sha1:   9086f4d9cd06511447662bb7085b5e2d6571ee15
Sha256: 57e147b6c56f5bda689cc1a5ea2f720556faf1b038d57bb43f78fe833695b71b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Mon, 15 Apr 2019 08:58:20 GMT
Etag: D410EC4910C6EEF367C6C5490E2A814159F5BEE6
X-OCSP-Responder-ID: mcdpcaocsp13
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=279389
Expires: Mon, 22 Apr 2019 08:49:00 GMT
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    5df703abd0e56dbb3f7f5e5c02c1bac7
Sha1:   d410ec4910c6eef367c6c5490e2a814159f5bee6
Sha256: 36e15f16eacdc50d04b4c17bffe3f494d289e007fb72a00816345a2765319940
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: 5C61D546B180AAF093C4DE3C633F937FB87532E6
X-OCSP-Responder-ID: mcdpcaocsp16
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=244583
Expires: Sun, 21 Apr 2019 23:08:54 GMT
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    8b9e4cb332f847b519ce244d068dbcaf
Sha1:   5c61d546b180aaf093c4de3c633f937fb87532e6
Sha256: c3d802f17c5948f964798ed7d3c824696825a5a71e92b92a3cec14403e5bf8b6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: 142F0CFC405EEC522C89A07FB6A2D2E4AF7C3332
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=244605
Expires: Sun, 21 Apr 2019 23:09:16 GMT
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e68391bea2a506d6c33a75ca0958e75e
Sha1:   142f0cfc405eec522c89a07fb6a2d2e4af7c3332
Sha256: 25383b8660f7065913417f8a92650c4304054c5fc6a3b3adb7e4be8313213f2f
                                        
                                            GET /serving/cookie/match?party=1124&cid=4633692952487537627 HTTP/1.1 
Host: dmp.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         37.157.6.246
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:31 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Pragma: no-cache
Expires: -1
Location: https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=4633692952487537627
Set-Cookie: uid=8893589087561669381; expires=Tue, 18 Jun 2019 03:12:31 GMT; domain=adform.net; path=/
Access-Control-Allow-Origin: *


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=107727
Date: Fri, 19 Apr 2019 03:12:31 GMT
Etag: "5cb81975-1d7"
Expires: Sat, 20 Apr 2019 09:07:58 GMT
Last-Modified: Thu, 18 Apr 2019 06:30:13 GMT
Server: ECS (lcy/1D1C)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d0e2b5c719c527f1d4e7f14774b762e5
Sha1:   0fe4ff977c151b4418ea46fea1c2ef15ae2d782b
Sha256: c945ba9639d5ba368d1a49ffb4b31c6a8598cc72bdab2499294d5acae10cced4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=131564
Date: Fri, 19 Apr 2019 03:12:31 GMT
Etag: "5cb874e8-1d7"
Expires: Sat, 20 Apr 2019 15:45:15 GMT
Last-Modified: Thu, 18 Apr 2019 13:00:24 GMT
Server: ECS (lcy/1D68)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    1adc921d37fe1e8687f652492db6feeb
Sha1:   04b5be084baf866d178554b6e870de984442240b
Sha256: 74abb73f88ffa0636f8a5f55d5c6d952e41d35e8d7b51ed12dc996c09961e2f7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sat, 13 Apr 2019 09:24:45 GMT
Etag: 30B184FE7F50F73AF2ECBA45CDFD0ACBB45C3907
X-OCSP-Responder-ID: mcdpcaocsp5
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=108113
Expires: Sat, 20 Apr 2019 09:14:24 GMT
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    f0282d5d1718003d10da7da4b080c1b2
Sha1:   30b184fe7f50f73af2ecba45cdfd0acbb45c3907
Sha256: 7238920f528229ad84c55dd414fcfae1adedebfd616b8e5336d8d1a299b94260
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: 4922FB7027AAFAEE2544FE7B44ECFDD3A91C07BD
X-OCSP-Responder-ID: mcdpcaocsp13
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=244604
Expires: Sun, 21 Apr 2019 23:09:15 GMT
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    a3c47e7f55da3002d3178e8703477437
Sha1:   4922fb7027aafaee2544fe7b44ecfdd3a91c07bd
Sha256: 575dba888e6071af7fe215b29e9998654d0c6da88be1e49d08deefb2297ee19a
                                        
                                            GET /match?publisher_dsp_id=61&external_user_id=4633692952487537627&expiration=1558235550 HTTP/1.1 
Host: ad.360yield.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         52.48.121.18
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:31 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=4633692952487537627&expiration=1558235550
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=4655bfc7-4063-454c-af87-00b9e5ac9688; path=/; expires=Thu, 18-Jul-2019 03:12:31 GMT; domain=.360yield.com tuuid_lu=1555643551; path=/; expires=Thu, 18-Jul-2019 03:12:31 GMT; domain=.360yield.com


--- Additional Info ---
                                        
                                            GET /pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: test_cookie=CheckForPermission

                                         
                                         172.217.20.34
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://d5p.de17a.com/cookies/google?google_gid=CAESEE9Sqg-0ZgZBAnrGZ1fkgAY&google_cver=1&google_ula=668382,0
Date: Fri, 19 Apr 2019 03:12:31 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 314
X-XSS-Protection: 0
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUkQ6MEa9SzLLdoK-MqkZRzIaS1ppPGJD-H7dEzaB09_ml5vj2-WxV32FFj5; expires=Sun, 18-Apr-2021 03:12:31 GMT; path=/; domain=.doubleclick.net; HttpOnly
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  HTML document text
Size:   314
Md5:    8d5c31283b3ef0251041029b7906fb00
Sha1:   11bae4da77d0dd051b94c72a4e44e19f153cd67e
Sha256: 6c5f4360cfa84d287c31dfb0554bc795e9b72a2de681a65cf0cb1d072fc5eecd
                                        
                                            GET /serving/cookie/match?CC=1&party=1124&cid=4633692952487537627 HTTP/1.1 
Host: dmp.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: uid=8893589087561669381

                                         
                                         37.157.6.246
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Pragma: no-cache
Expires: -1
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 17 Apr 2019 23:11:44 GMT
Etag: 2D2FD3DA1194E2C9F9E207BBE265E80FC267DF81
X-OCSP-Responder-ID: mcdpcaocsp16
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=244094
Expires: Sun, 21 Apr 2019 23:00:45 GMT
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    39177e97cbbd05713f7e1e9064e32db5
Sha1:   2d2fd3da1194e2c9f9e207bbe265e80fc267df81
Sha256: e7ae5ca777b48022a72c1d222023117b4508b27d455032590efba93756ad3e63
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: D174BC70D749F40F1FA03BC2D0FB95CF345A38BE
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=244624
Expires: Sun, 21 Apr 2019 23:09:35 GMT
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    38327a36c4d8cb9a592aff93448eb957
Sha1:   d174bc70d749f40f1fa03bc2d0fb95cf345a38be
Sha256: a555a1deab66b98a7a515cff29841d909e47bbb9851f88fe07622ccf18ccf2ff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 14 Apr 2019 23:19:13 GMT
Etag: 7529265E9196DFE49BAB65E86DCB22562CCB86BE
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=244642
Expires: Sun, 21 Apr 2019 23:09:53 GMT
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ba71aae9b0d3b8518307227d31af8f38
Sha1:   7529265e9196dfe49bab65e86dcb22562ccb86be
Sha256: 52237c311e7bb372041f964b66084ee894c60d84f3b027f256c6042368283b15
                                        
                                            GET /ul_cb/match?publisher_dsp_id=61&external_user_id=4633692952487537627&expiration=1558235550 HTTP/1.1 
Host: ad.360yield.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: tuuid=4655bfc7-4063-454c-af87-00b9e5ac9688; tuuid_lu=1555643551

                                         
                                         52.48.121.18
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:31 GMT
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=4655bfc7-4063-454c-af87-00b9e5ac9688; path=/; expires=Thu, 18-Jul-2019 03:12:31 GMT; domain=.360yield.com tuuid_lu=1555643551; path=/; expires=Thu, 18-Jul-2019 03:12:31 GMT; domain=.360yield.com um=!61,jTLTKjbktg5PwJmRr5N.-JXvUieT7FJyVvHX8D08iQA7,1558235550; path=/; expires=Thu, 18-Jul-2019 03:12:31 GMT; domain=.360yield.com umeh=!61,0,387094351,-1; path=/; expires=Thu, 18-Jul-2019 03:12:31 GMT; domain=.360yield.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=152254
Date: Fri, 19 Apr 2019 03:12:31 GMT
Etag: "5cb8ec5d-1d7"
Expires: Sat, 20 Apr 2019 21:30:05 GMT
Last-Modified: Thu, 18 Apr 2019 21:30:05 GMT
Server: nginx
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    6837c9ab1d69bb4e71bf27c4864fd127
Sha1:   022c45e869421039a15874125108264c5764ee40
Sha256: 62a710d137f3ac4151c632d7ccf16d0a5e1daef5bb5eac1863019c14eecd2c0e
                                        
                                            GET /rum?cm_dsp_id=175&external_user_id=4633692952487537627&expiration=1558235550 HTTP/1.1 
Host: dsum.casalemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         88.221.73.188
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=4633692952487537627&expiration=1558235550&C=1
Content-Length: 305
Expires: Fri, 19 Apr 2019 03:12:31 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 19 Apr 2019 03:12:31 GMT
Connection: keep-alive
Set-Cookie: CMID=XLk8n1VbLmUAAG8IZ3kAAABg;domain=casalemedia.com;path=/;expires=Sat, 18 Apr 2020 03:12:31 GMT CMPS=4419;domain=casalemedia.com;path=/;expires=Thu, 18 Jul 2019 03:12:31 GMT


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   305
Md5:    3a1a135840eeeaa32b392cdc2d066112
Sha1:   9cf70e46b94878c0ed3a171496efa5da3f9dfdfa
Sha256: d575c484b2a6e057055fdf3b7dbc65fac92275b5602cea89590f525b5798f598
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=160072
Date: Fri, 19 Apr 2019 03:12:31 GMT
Etag: "5cb90adb-1d7"
Expires: Sat, 20 Apr 2019 23:40:23 GMT
Last-Modified: Thu, 18 Apr 2019 23:40:11 GMT
Server: ECS (lcy/1D6F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    0d49e82c690ff91014c2e784dc46e29a
Sha1:   adc64217efe80c953053fb43c824090734a531e7
Sha256: 2d6912a988f733cbf4666358e938bb615e3bb7acb0d0b0b6fd9a27c031e13e5a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=129356
Date: Fri, 19 Apr 2019 03:12:31 GMT
Etag: "5cb86b88-1d7"
Expires: Sat, 20 Apr 2019 15:08:27 GMT
Last-Modified: Thu, 18 Apr 2019 12:20:24 GMT
Server: ECS (lcy/1D1F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    2681efa25b1578510c9f5f31dde6f30a
Sha1:   6b09d75be6500672afae4fcca0c9598da2a738bb
Sha256: 2777b01cbccb2378ca2a520f69a898fd2dadeda0aba58b150de4f66a989edcbc
                                        
                                            GET /w/1.0/sd?id=536878327&val=4633692952487537627 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         173.241.240.143
HTTP/1.1 302 Moved Temporarily
                                        
Set-Cookie: i=a9e0bb80-071b-4b5e-9b8d-7c5a2abf1d43|1555643551; Version=1; Expires=Sat, 18-Apr-2020 03:12:31 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/16.132.0
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://us-u.openx.net/w/1.0/sd?cc=1&id=536878327&val=4633692952487537627
Date: Fri, 19 Apr 2019 03:12:31 GMT
Content-Length: 0


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         143.204.51.201
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159109
Date: Fri, 19 Apr 2019 03:12:31 GMT
Etag: "5cb8ea07-1d7"
Expires: Sat, 20 Apr 2019 23:24:20 GMT
Last-Modified: Thu, 18 Apr 2019 21:20:07 GMT
Server: ECS (phd/FD6F)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040147.cloudfront.net (CloudFront)
X-Amz-Cf-Id: p3ys00iPtgfpscDd86H1k-3RZkgD0dhta3uK_bIC9K_O8WKr6DhZ4A==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    1d2362c24a2607e4b205a6cf65a897c7
Sha1:   f91af75dfeb80e3f13d12975a8136328a1babcff
Sha256: 4f49ffb6862d7a068bac0509a0a2e211fc4fc0044532f7d85ea703a32849fcf0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.rootca1.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         143.204.51.148
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1426
Connection: keep-alive
Date: Fri, 19 Apr 2019 03:12:32 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.8/2018-10-18)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a3.cloudfront.net (CloudFront)
X-Amz-Cf-Id: RIuRLhnPem38Uo_llCk766wy86I1y600mkFBRPaVtQzzRJPRlmuLpg==


--- Additional Info ---
Magic:  data
Size:   1426
Md5:    327f876937e6565dfb3db02741ccc23c
Sha1:   5e0a4f2ee1dd58c5a5545d0194a284eb5d57ad34
Sha256: 5b274e1e76f40c9b4ace82353eff393dbbc15f9052afa2be724f07a7668161d8
                                        
                                            GET /usermatch/delta/4633692952487537627 HTTP/1.1 
Host: usermatch.targeting.unrulymedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         34.252.220.93
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Allow: GET
Date: Fri, 19 Apr 2019 03:12:31 GMT
P3P: CP="CUR IVDo OUR IND"
Server: nginx
Set-Cookie: unruly_m19=Knm36zI4apT5GS35IV6qIi1c57DqV867; path=/; Max-Age=604800; expires=Fri, 26 Apr 2019 03:12:31 GMT; domain=.targeting.unrulymedia.com
X-Unruly-Server: usermatch-eu-009.unrulymedia.com
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /sync?dsp_id=228&user_id=4633692952487537627&expires=30 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         18.153.11.20
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Fri, 19 Apr 2019 03:12:31 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=4633692952487537627&expires=30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=51f7893c-0ae8-4eb0-86dd-6dd0c1a37327; path=/; expires=Sat, 18-Apr-2020 03:12:31 GMT; domain=.bidswitch.net tuuid_lu=1555643551; path=/; expires=Sat, 18-Apr-2020 03:12:31 GMT; domain=.bidswitch.net c=1555643551; path=/; expires=Sat, 18-Apr-2020 03:12:31 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=4633692952487537627 HTTP/1.1 
Host: image2.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         185.64.189.110
HTTP/1.1 200 OK
Content-Type: image/gif; charset=utf-8
                                        
Date: Fri, 19 Apr 2019 03:12:31 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_336=5844-4633692952487537627; domain=pubmatic.com; expires=Sun, 19-May-2019 03:12:31 GMT; path=/ PugT=1555643551; domain=pubmatic.com; expires=Sun, 19-May-2019 03:12:31 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Thu, 18-Jul-2019 03:12:31 GMT; path=/
X-lat: Pug22006:0:344
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /cs.gif?s=d3prj11&fk=4633692952487537627 HTTP/1.1 
Host: sync.userreport.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         143.204.50.139
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 43
Connection: keep-alive
Date: Wed, 25 Jul 2018 16:46:26 GMT
Last-Modified: Thu, 30 Jan 2014 09:18:47 GMT
Etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-amz-meta-cb-modifiedtime: Thu, 25 Oct 2012 12:28:09 GMT
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Age: 61904
X-Cache: Hit from cloudfront
Via: 1.1 a850dff1d0f5a90907784efc0c02a4fc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: G2Zl05CrY_fi1nOylEkWgT2v3E0S5Ct_SJRxWpqsxuR7SVnxorS4KQ==


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /cookies/google?google_gid=CAESEE9Sqg-0ZgZBAnrGZ1fkgAY&google_cver=1&google_ula=668382,0 HTTP/1.1 
Host: d5p.de17a.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: guid=1.4633692952487537627

                                         
                                         213.155.156.164
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 35
Connection: close
P3P: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=121458
Date: Fri, 19 Apr 2019 03:12:32 GMT
Etag: "5cb866d6-1d7"
Expires: Sat, 20 Apr 2019 12:56:50 GMT
Last-Modified: Thu, 18 Apr 2019 12:00:22 GMT
Server: ECS (lcy/1D1C)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7d72170c8be232655035773591441396
Sha1:   4ca8d7a8aad7921f07d9ee0763323d294c2e65cb
Sha256: a1acd64a1eb6079b3fc12e78b4b3d2edd0255fc31a998b79a1b41c461499676f
                                        
                                            GET /rum?cm_dsp_id=175&external_user_id=4633692952487537627&expiration=1558235550&C=1 HTTP/1.1 
Host: dsum.casalemedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: CMID=XLk8n1VbLmUAAG8IZ3kAAABg; CMPS=4419

                                         
                                         88.221.73.188
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 19 Apr 2019 03:12:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 19 Apr 2019 03:12:32 GMT
Content-Length: 43
Connection: keep-alive
Set-Cookie: CMID=XLk8n1VbLmUAAG8IZ3kAAABg;domain=casalemedia.com;path=/;expires=Sat, 18 Apr 2020 03:12:32 GMT CMPS=4419;domain=casalemedia.com;path=/;expires=Thu, 18 Jul 2019 03:12:32 GMT CMPRO=326;domain=casalemedia.com;path=/;expires=Thu, 18 Jul 2019 03:12:32 GMT CMST=XLk8oFy5PKAA;domain=casalemedia.com;path=/;expires=Sat, 20 Apr 2019 03:12:32 GMT CMRUM3=af5cb93ca027604633692952487537627;domain=casalemedia.com;path=/;expires=Sat, 18 Apr 2020 03:12:32 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /w/1.0/sd?cc=1&id=536878327&val=4633692952487537627 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: i=a9e0bb80-071b-4b5e-9b8d-7c5a2abf1d43|1555643551

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Server: OXGW/16.132.0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Fri, 19 Apr 2019 03:12:32 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   437
Md5:    a9aca97f6f840086f5ae5a84cc29b168
Sha1:   a1faf411d5996ff51f172d53196be4b8d4e4efc9
Sha256: d40096fcd88c545a709766aca116808d676b59c19c94439a06040870d0898f83
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         143.204.51.201
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152572
Date: Fri, 19 Apr 2019 03:12:32 GMT
Etag: "5cb8ec62-1d7"
Expires: Sat, 20 Apr 2019 21:35:24 GMT
Last-Modified: Thu, 18 Apr 2019 21:30:10 GMT
Server: ECS (phd/FD62)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Id: UhGpVDW7C_FDQhhznRjIDCzkp3FRsmcGV1tBOS3QSHYuSA7bb1CbyQ==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    83d8cd81e61ead273055769f404d3900
Sha1:   63baeabeed02b01d49a1d54142b9c909cae657ec
Sha256: d2d09dccb67adf41e81607c0579a594d7b81c6f1247eefa7304c3acf41c9ca13
                                        
                                            GET /ups/55955/sync?uid=4633692952487537627&_origin=1&gdpr=&gdpr_consent= HTTP/1.1 
Host: pixel.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         54.93.132.148
HTTP/1.1 204 No Content
                                        
Date: Fri, 19 Apr 2019 03:12:32 GMT
Connection: keep-alive
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=99466
Date: Fri, 19 Apr 2019 03:12:32 GMT
Etag: "5cb7fd8a-1d7"
Expires: Sat, 20 Apr 2019 06:50:18 GMT
Last-Modified: Thu, 18 Apr 2019 04:31:06 GMT
Server: ECS (lcy/1D1C)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    20545970e04b6ac96450690dc275dc55
Sha1:   ff7a148073e2774949c1bf708c56f706bbf9cda5
Sha256: 1dd339e2aea283b5aab79f68dff5410e932ba9a80514fb89b0933e92698a4942
                                        
                                            GET /ups/55955/sync?uid=4633692952487537627&_origin=1 HTTP/1.1 
Host: pixel.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         54.93.132.148
HTTP/1.1 204 No Content
                                        
Date: Fri, 19 Apr 2019 03:12:32 GMT
Connection: keep-alive
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV


--- Additional Info ---
                                        
                                            GET /sync?type=red&dsp=39 HTTP/1.1 
Host: ad.sxp.smartclip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         52.17.116.123
HTTP/1.1 302 OK
                                        
Date: Fri, 19 Apr 2019 03:12:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.13.12
Location: https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1
Set-Cookie: uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 19 May 2019 03:12:32 GMT; Max-Age=2592000;
Access-Control-Allow-Credentials: true
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"


--- Additional Info ---
                                        
                                            GET /ul_cb/sync?dsp_id=228&user_id=4633692952487537627&expires=30 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: tuuid=51f7893c-0ae8-4eb0-86dd-6dd0c1a37327; tuuid_lu=1555643551; c=1555643551

                                         
                                         18.153.11.20
HTTP/1.1 302 Moved Temporarily
                                        
Server: nginx/1.12.0
Date: Fri, 19 Apr 2019 03:12:32 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-cache, no-store, must-revalidate
Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=51f7893c-0ae8-4eb0-86dd-6dd0c1a37327
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=51f7893c-0ae8-4eb0-86dd-6dd0c1a37327; path=/; expires=Sat, 18-Apr-2020 03:12:32 GMT; domain=.bidswitch.net tuuid_lu=1555643552; path=/; expires=Sat, 18-Apr-2020 03:12:32 GMT; domain=.bidswitch.net


--- Additional Info ---
                                        
                                            GET /oapi/idsync?redirect=https%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fsmaato%3FpartnerId%3DSomaCookieUserId%26deltaInitiated%3D1 HTTP/1.1 
Host: soma.smaato.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         54.77.79.6
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Date: Fri, 19 Apr 2019 03:12:32 GMT
Etag: W/"35-1555496664000"
Last-Modified: Wed, 17 Apr 2019 10:24:24 GMT
Server: SOMA
Content-Length: 35
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /sync?type=red&dsp=39&ang_testid=1 HTTP/1.1 
Host: ad.sxp.smartclip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810

                                         
                                         52.17.116.123
HTTP/1.1 302 OK
                                        
Date: Fri, 19 Apr 2019 03:12:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.13.12
Location: https://d5p.de17a.com/getuid/smartclip?uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810
Set-Cookie: psyn=18005.D39; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 19 May 2019 03:12:32 GMT; Max-Age=2592000; uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 19 May 2019 03:12:32 GMT; Max-Age=2592000;
Access-Control-Allow-Credentials: true
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"


--- Additional Info ---
                                        
                                            GET /partner?adv_id=7326&uid=4633692952487537627&img=1 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         185.94.180.125
HTTP/1.1 302 OK
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:32 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=f8eed4f2-6250-11e9-8b46-1ab0ad8d1c06; expires=Fri, 03-May-2019 03:12:32 GMT; path=/; domain=.spotxchange.com
Location: /partner?adv_id=7326&uid=4633692952487537627&img=1&__user_check__=1&sync_id=f8eed515-6250-11e9-8b46-1ab0ad8d1c06
X-fe: 105
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0


--- Additional Info ---
                                        
                                            GET /partner?adv_id=7326&uid=4633692952487537627&img=1&__user_check__=1&sync_id=f8eed515-6250-11e9-8b46-1ab0ad8d1c06 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: audience=f8eed4f2-6250-11e9-8b46-1ab0ad8d1c06

                                         
                                         185.94.180.125
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:32 GMT
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=f8eed4f2-6250-11e9-8b46-1ab0ad8d1c06; expires=Fri, 03-May-2019 03:12:32 GMT; path=/; domain=.spotxchange.com
X-fe: 69
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    55fade2068e7503eae8d7ddf5eb6bd09
Sha1:   317496a096d6c86486a71d4521994bcd171a6bb3
Sha256: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
                                        
                                            GET /sync?type=host&dsp=39&dspuuid=4633692952487537627&uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810 HTTP/1.1 
Host: ad.sxp.smartclip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810; psyn=18005.D39

                                         
                                         52.17.116.123
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 19 Apr 2019 03:12:32 GMT
Content-Length: 42
Connection: keep-alive
Server: nginx/1.13.12
Set-Cookie: dspuuid=D39.4633692952487537627; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 19 May 2019 03:12:32 GMT; Max-Age=2592000; psyn=18005.D39; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 19 May 2019 03:12:32 GMT; Max-Age=2592000; uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810; Domain=sxp.smartclip.net; Path=/; Expires=Sun, 19 May 2019 03:12:32 GMT; Max-Age=2592000;
Access-Control-Allow-Credentials: true
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=51f7893c-0ae8-4eb0-86dd-6dd0c1a37327 HTTP/1.1 
Host: simage2.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: KRTBCOOKIE_336=5844-4633692952487537627; PugT=1555643551; PUBMDCID=3

                                         
                                         185.64.189.110
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 19 Apr 2019 03:12:32 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_466=16530-51f7893c-0ae8-4eb0-86dd-6dd0c1a37327&KRTB&16532-51f7893c-0ae8-4eb0-86dd-6dd0c1a37327; domain=pubmatic.com; expires=Sun, 19-May-2019 03:12:32 GMT; path=/ PugT=1555643552; domain=pubmatic.com; expires=Sun, 19-May-2019 03:12:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Thu, 18-Jul-2019 03:12:32 GMT; path=/
X-lat: Pug22020:0:484
Content-Length: 1
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    7215ee9c7d9dc229d2921a40e899ec5f
Sha1:   b858cb282617fb0956d960215c8e84d1ccf909c6
Sha256: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.104.241.160
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:32 GMT
Content-Length: 209
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.104.241.160
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx
Date: Fri, 19 Apr 2019 03:12:32 GMT
Content-Length: 209
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: boenesauto.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /UserMatch.ashx?bidderid=18&bidderuid=4633692952487537627&expiration=1558235550 HTTP/1.1 
Host: atemda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /sync?type=host&dsp=10&dspuuid=4633692952487537627 HTTP/1.1 
Host: sy.eu.angsrvr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /getuid/smartclip?uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810 HTTP/1.1 
Host: d5p.de17a.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://boenesauto.no/
Cookie: guid=1.4633692952487537627

                                         
                                         213.155.156.164
HTTP/1.1 302 Found
                                        
Location: https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=4633692952487537627&uuid=7e569679-11e1-46a3-8fd4-e45eba9d9810
Connection: close
P3P: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV


--- Additional Info ---