Overview

URL telemobile.site/om/env/ooredoo/
IP194.135.87.27
ASNUAB Interneto vizija
Location Lithuania
Report completed2022-09-29 08:36:05 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 telemobile.site/om/env/ooredoo/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-29 2 whampamp.com Sinkholed
2022-09-29 2 whampamp.com Sinkholed
2022-09-29 2 whampamp.com Sinkholed


Files

No files detected



Passive DNS (30)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-28 04:42:17 UTC 142.250.74.72
mnemonic passive DNS play.google.com (1) 34 2018-05-12 00:28:37 UTC 2022-09-29 05:27:59 UTC 216.58.207.206
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-29 07:39:56 UTC 216.58.211.10
mnemonic passive DNS apple-resources.s3.amazonaws.com (1) 14893 2019-06-08 03:57:43 UTC 2022-09-29 08:21:29 UTC 54.231.231.73
mnemonic passive DNS sp.analytics.yahoo.com (1) 816 2014-01-31 20:48:24 UTC 2022-09-28 12:21:03 UTC 212.82.100.181
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-29 04:56:14 UTC 64.233.165.154
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-29 05:12:08 UTC 142.250.74.3
mnemonic passive DNS rum-collector-2.pingdom.net (1) 4751 2017-06-14 14:49:13 UTC 2022-09-29 04:21:09 UTC 52.19.30.211
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-29 00:48:38 UTC 104.18.32.68
mnemonic passive DNS ocsp.pki.goog (15) 175 2017-06-14 07:23:31 UTC 2022-09-29 04:56:10 UTC 142.250.74.3
mnemonic passive DNS www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-09-28 23:42:42 UTC 142.250.74.46
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-29 04:10:37 UTC 34.120.237.76
mnemonic passive DNS telemobile.site (1) 0 2022-09-15 20:51:37 UTC 2022-09-29 04:53:55 UTC 194.135.87.27 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-29 05:03:41 UTC 143.204.55.110
mnemonic passive DNS rum-static.pingdom.net (1) 5211 2012-11-02 20:45:35 UTC 2022-09-29 05:36:59 UTC 104.22.55.104
mnemonic passive DNS s.yimg.com (2) 375 2012-05-20 22:45:00 UTC 2022-09-28 12:21:03 UTC 188.125.94.204
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-29 05:05:36 UTC 143.204.55.27
mnemonic passive DNS my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-09-29 04:57:31 UTC 139.45.195.8
mnemonic passive DNS www.plus500.com (2) 223014 2012-05-23 19:27:31 UTC 2022-09-28 18:55:24 UTC 152.195.53.227
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-29 04:57:11 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS cdn-main.plus500.com (28) 345200 2017-01-30 08:07:29 UTC 2022-09-26 03:36:47 UTC 192.229.220.58
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.77.32
mnemonic passive DNS whampamp.com (3) 30947 2022-03-12 13:52:24 UTC 2022-09-29 06:38:04 UTC 139.45.197.236
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-29 04:12:37 UTC 93.184.220.29
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-29 03:20:00 UTC 142.250.74.174
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 52.42.148.177
mnemonic passive DNS ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
mnemonic passive DNS tools.applemediaservices.com (1) 11162 2020-08-31 06:41:04 UTC 2022-09-29 05:57:33 UTC 54.86.139.41
mnemonic passive DNS www.bitcoin-kopen.com (3) 174848 2017-10-18 10:11:21 UTC 2022-09-28 15:35:01 UTC 37.97.223.62


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 194.135.87.27

Date UQ / IDS / BL URL IP
2022-09-29 08:36:05 +0000
0 - 0 - 4 telemobile.site/om/env/ooredoo/ 194.135.87.27
2022-09-29 08:01:42 +0000
0 - 0 - 4 telemobile.site/uz/env/nl/ 194.135.87.27
2022-09-29 06:01:21 +0000
0 - 0 - 2 telemobile.site/mx/env/nl/?key=eyJ0aW1lc3RhbX (...) 194.135.87.27
2022-09-28 18:00:50 +0000
0 - 0 - 4 telemobile.site/ph/short/globe/ 194.135.87.27
2022-09-28 08:05:45 +0000
0 - 0 - 4 telemobile.site/bf/env/nl/ 194.135.87.27

Last 5 reports on ASN: UAB Interneto vizija

Date UQ / IDS / BL URL IP
2022-12-03 18:07:11 +0000
0 - 0 - 2 mobile1.fun/tr/d3/ 79.98.29.29
2022-12-03 12:35:42 +0000
0 - 0 - 2 telenet.website/m/ec/ppt1/ 212.237.233.86
2022-12-03 12:00:37 +0000
0 - 0 - 1 telebroadband.site/ae/c/b/eg2/etisalat/?key=e (...) 79.98.29.16
2022-12-03 12:00:00 +0000
0 - 0 - 4 telewww.site/uz/env/nl 79.98.28.128
2022-12-03 10:06:01 +0000
0 - 0 - 2 telenet.website/m/br/13/ 212.237.233.86

Last 5 reports on domain: telemobile.site

Date UQ / IDS / BL URL IP
2022-11-22 18:00:28 +0000
0 - 0 - 1 telemobile.site/uz/bx/nl?key=eyJ0aW1lc3RhbXAi (...) 79.98.28.128
2022-11-22 16:01:00 +0000
0 - 0 - 4 telemobile.site/uz/bx/nl/ 79.98.28.128
2022-11-22 13:18:37 +0000
0 - 0 - 1 telemobile.site/sa/c/b/eg1/mobily/?key=eyJ0aW (...) 79.98.28.128
2022-11-22 02:59:59 +0000
0 - 0 - 5 telemobile.site/sa/prize/mobily/ 79.98.28.128
2022-09-29 08:36:05 +0000
0 - 0 - 4 telemobile.site/om/env/ooredoo/ 194.135.87.27

No other reports with similar screenshot



JavaScript

Executed Scripts (32)


Executed Evals (1)

#1 JavaScript::Eval (size: 329, repeated: 1) - SHA256: 483d5b473c7899b4c10ca986450ca6f31e5c61f7302b7ae470634203129cec09

                                        (function() {
    var a = google_tag_manager["GTM-RQS5"].macro(5),
        b = "000000 1408 102068 98651 99749 82379 101905 113082 59553 86735 107694 2093 4711 34230 106538 93811 97927 30631 12222 101561 114404 116973 101005 98991 121326 75611 10 122998 125237 125236 128285 129330".split(" ");
    return -1 < b.indexOf(a) ? "InternalAff" : "ExternalAff"
})();
                                    

Executed Writes (0)



HTTP Transactions (93)


Request Response
                                        
                                            GET /om/env/ooredoo/ HTTP/1.1 
Host: telemobile.site
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         194.135.87.27
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Date: Thu, 29 Sep 2022 08:35:53 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ed2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 08:05:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ff-5bnTcSSgnOaUV_S8iIgQyL8b9uGHDXaL7Au1JGJWHQSE_xejkRg==
Age: 1844


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14212
Expires: Thu, 29 Sep 2022 12:32:45 GMT
Date: Thu, 29 Sep 2022 08:35:53 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _b7nWTjbsoIHDjfRZCGXVYYwGc9zus9JDkFSct_QrYYzUu5ej-5pJQ==
age: 11246
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /4/5087048?var=ed2 HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=905d64afb60e493a979bb84b8414ca77; oaidts=1664438491; syncedCookie=true
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.236
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
                                        
Server: nginx
Date: Thu, 29 Sep 2022 08:35:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 7419b3276ff5b51a3875b60a0b71fba0
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:35:54 GMT; path=/ oaidts=1664438491; expires=Fri, 29 Sep 2023 08:35:54 GMT; path=/
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5401)
Size:   2925
Md5:    77fb74d394fcb81cce313fbe72f8e80b
Sha1:   e76feea61c63742f32326a311cad52eadfd71ed1
Sha256: d650b59452fc3d2ec788648b6fa88cddaaffade014415ab3da579e0c47047eef

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /?z=5087048&syncedCookie=false&rhd=false HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 435
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=905d64afb60e493a979bb84b8414ca77; oaidts=1664438491; syncedCookie=true
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.236
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Thu, 29 Sep 2022 08:35:54 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 39a3b5cf1e0ed072ef69a5bdc6123391
Link: <https://www.bitcoin-kopen.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://www.bitcoin-kopen.com/meet-uit.php?wlink=13&wzo=WEkHGw5xSay4vTEC&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:35:54 GMT; path=/ oaidts=1664438491; expires=Fri, 29 Sep 2023 08:35:54 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8F446A302C551A886D35511D75F7C69FC6C44E19F24DB073BEE192350BA6B36E"
Last-Modified: Thu, 29 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5133
Expires: Thu, 29 Sep 2022 10:01:27 GMT
Date: Thu, 29 Sep 2022 08:35:54 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: whampamp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=905d64afb60e493a979bb84b8414ca77; oaidts=1664438491; syncedCookie=true

                                         
                                         139.45.197.236
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Thu, 29 Sep 2022 08:35:54 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:54 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=337163,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752363588fbcb50c-OSL

                                        
                                            POST /img.gif?f=merge&userId=905d64afb60e493a979bb84b8414ca77 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/
Cookie: ID=905d64afb60e493a979bb84b8414ca77
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
content-length: 43
access-control-allow-origin: http://whampamp.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:35:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 08:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 08:40:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dWCiMlHJhIfusSrAyruwEBa-GnFfFIJ-BXRvqSMWltk8XOzfWzq3DQ==
Age: 381


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6576
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:54 GMT
Last-Modified: Thu, 29 Sep 2022 06:46:18 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5100
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:54 GMT
Last-Modified: Thu, 29 Sep 2022 07:10:54 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /no/?id=112372&pl=2 HTTP/1.1 
Host: www.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bitcoin-kopen.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         152.195.53.227
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
alt-svc: clear
cache-control: private
date: Thu, 29 Sep 2022 08:35:54 GMT
server: Microsoft-IIS/10.0
set-cookie: referralUrl=https%3a%2f%2fwww.bitcoin-kopen.com%2f; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly referralId=112372; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly referralPlan=2; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly innerTags=; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly webvisitid=f626e9c6-cb51-41f7-aa3b-d56918f7b1a6; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly referralTimeStamp=2022-09-29T08:35:54.8767695+00:00; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly VisitLogged=True; path=/; SameSite=None; secure; HttpOnly ASP.NET_SessionId=dw0u4xz2qn5uc2jxlwue1ank; path=/; secure; HttpOnly; SameSite=None InAppView=False; path=/; SameSite=None; secure; HttpOnly theme_type=Light; path=/; SameSite=None; secure; HttpOnly Exps=Q29va2llc1BvcHVwRXhwZXJpbWVudCwx; path=/; secure; HttpOnly IP=!YfbtXZ+d45C8MI1ay247HpdMxMsAH5PeLurReIGAlM7nxzJyEzsKLelcgud2S1P1xUebAWYdgDn4PZhvqgWIOeAktU2jMYZJw6rC6ogLBlwbe1qnBzwqDnYPxstlAtR5ldNronYi4sUTYD97lu4kO0wtvm0mHf4=; path=/; Httponly; Secure; SameSite=none
strict-transport-security: max-age=31536000
x-aspnetmvc-version: 5.2
x-frame-options: Deny
content-length: 138916
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18130), with CRLF, LF line terminators
Size:   138916
Md5:    e3cc65b4a03db0c6b0eaf82cc8f9795a
Sha1:   4307e55f115113305836d4469ac097284e2d322a
Sha256: e4f4c6f72cd14db4b1fcaac5cc48038313fa8c27e39a277ba81a3b7f1b522161
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6221
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:55 GMT
Last-Modified: Thu, 29 Sep 2022 06:52:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1.0.0.105560/Resources/Scripts/layout.bundle.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "3547bf7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F72C)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 31983
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size:   31983
Md5:    579b64ce74ad3c0409a0bb6a6624a608
Sha1:   ce6ce94b5ad1b8e0c066957d92a41c14b974f021
Sha256: 0a59bdb70fc09933b7e3bdab3a3d1e1161cea5f82802daf376af8a7761f2662d
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/marketing-plus500-invest.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F6DD)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2534
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6957), with no line terminators
Size:   2534
Md5:    72ecc0d5267c801fff507fe2f2b5ca60
Sha1:   98d6256130659d1a3bc8a82592c11950e3475162
Sha256: e7f24adf6aee2d10e006ed5a017b32b05c3f54418a4c08e0d09a0163d2728c73
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus500-invest.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "62e22f7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F6BC)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2386
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6464), with no line terminators
Size:   2386
Md5:    f020056bf2b14af54232c36f42060b28
Sha1:   b6c7c4d613fb0fa175e7b04d3fc1d302bbc72ac0
Sha256: 40faa14df892598736cdb2f202a86ffe31eba80c698350a2ce3170413c4d6b09
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus500-cfd.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2289
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6171), with no line terminators
Size:   2289
Md5:    fd6dd7c0c5f25889a0d093d3ae29cc72
Sha1:   24649b7162ed8e6d98d903f88f3ae08f48a85bce
Sha256: a8b4cfc6ff2f0c5ded25a8ee5bb9b6c5d05d454e514b4e1cdf0cbb3df75caea1
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus500-futures.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212407
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "62e22f7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F777)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2561
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6922), with no line terminators
Size:   2561
Md5:    5ceb194254aa2a61f44279c3c458bda6
Sha1:   0cc00cd3f67fbdd92ccd30aef4c3dd59ce6391a8
Sha256: 0cc87419bb3c8f4e85512947ddef6509c3cd5b9699130022b334d7b169c1a112
                                        
                                            GET /1.0.0.105560/Resources/Scripts/general.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "f81fb87bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F751)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 1672
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (4131), with no line terminators
Size:   1672
Md5:    d80682bcb80b19f28bcf12f2caf145d7
Sha1:   5a1057c219dfbf61c672ac0f5af3e721ef404459
Sha256: 0acea896fe98010282919a4650622e4844fe4e97e32cdfcc7ebda3f4ce1b464d
                                        
                                            GET /1.0.0.105560/Resources/CSS/style-homepage.css HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: text/css
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212275
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "6051c236ced0d81:0+gzip"
last-modified: Sun, 25 Sep 2022 11:01:50 GMT
server: ECAcc (ska/F687)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 25880
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Size:   25880
Md5:    67fdb411a42abdceb27cb696f07a6fc3
Sha1:   9fcc8f4291d9e6e65040efc7e188181372c08997
Sha256: f2c428716fedfa461c07a6c53b633905c5f9adb989b7d19c48c7de7c63e5fd69
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-young-boys-back.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "fbab536ced0d81:0+gzip"
last-modified: Sun, 25 Sep 2022 11:01:50 GMT
server: ECAcc (ska/F791)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 3039
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Size:   3039
Md5:    7fb63f8c3953709ad5e3f5b6ad43496f
Sha1:   59266c1b54876a07781af63200c70ba3568ff950
Sha256: 56c9a7419c39926548d3c0a1e8e34733b4216077d6c1143e7586eaa70a365662
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-atalanta-back.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "82f9b336ced0d81:0+gzip"
last-modified: Sun, 25 Sep 2022 11:01:50 GMT
server: ECAcc (ska/F7BE)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2157
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Size:   2157
Md5:    452d3354ca658e49e185b489d4a1149c
Sha1:   ecaada72423054962ef4676c5d025354c973c6c3
Sha256: d1781719dd7802b8c85512687eb7b4b96f8a9a42461cbf048eccce59be64d95d
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-legia-back.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "a6bcb436ced0d81:0+gzip"
last-modified: Sun, 25 Sep 2022 11:01:50 GMT
server: ECAcc (ska/F765)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 895
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Size:   895
Md5:    db1a984a2f5017026be754dbf29807e6
Sha1:   0cd9cc7ee3c2e1323fe043848cc8b1e421eec6e2
Sha256: 19d9e706e251184a8fe9d4d4f075e944b53bbf0241c5532a60ec3fe468db9c34
                                        
                                            GET /1.0.0.105560/Resources/Scripts/gsap/ScrollTrigger.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "f81fb87bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6B0)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 15867
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (37769), with CRLF line terminators
Size:   15867
Md5:    95183eb03c12fb3bd822a89d9bb3e701
Sha1:   10d2f80952d2e73fdc759da2462cc3269a09c504
Sha256: 4db1fc48bc4e4b15b8ed576be7d54d0329fdd02f63626c0f4eb4bf62de2921f9
                                        
                                            GET /1.0.0.105560/Resources/Scripts/gsap/gsap.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212361
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "4882ba7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6CB)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 25700
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64964), with CRLF line terminators
Size:   25700
Md5:    30d921ca34ea19dcb3a51328b8211c2b
Sha1:   e10800d779757814c6f947529b920f6fd6856931
Sha256: 72f1f179ef1f689a54a2716bb834857447645e88e29e8fbaef4cb350a4c6c8aa
                                        
                                            GET /1.0.0.105560/Resources/Scripts/gsap/SplitText.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "4882ba7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6C6)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 5301
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15208), with CRLF line terminators
Size:   5301
Md5:    4795c6a8caba8e08d1a806321aee45b4
Sha1:   32e407d3135a16c9ed96deb53ccd8d75fd2aafea
Sha256: 27b1e63e38e493f614a393fdf22d0adc851de528ee5d37e9620118098268e3b9
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 18U0E0m/vFsVESDq0qdfbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.42.148.177
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HiS2av6izilGbTBo+1EXKtkh01U=

                                        
                                            GET /optimize.js?id=OPT-NXX9W9Z HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 08:35:55 GMT
expires: Thu, 29 Sep 2022 08:35:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4316)
Size:   43413
Md5:    1c59cae61cd1556c001bda8c2871c7ff
Sha1:   774280938240b3d92a7aaed65986ea676b74bf22
Sha256: eb7d0c2694a151739ed031c9258b4cad46419617ba3cc7a986be95283c408bb2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/img/hero-banner.webp HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/webp
                                        
accept-ranges: bytes
access-control-allow-origin: *
age: 212273
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "1dd01c7bc0a4d81:0"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 58612
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   58612
Md5:    29bc7c57e85d4b12c6e0aaf115c46ccb
Sha1:   7dd77a2ed69557b8aa11b39b29653130e838491a
Sha256: c11c79003e2d10d24762a4c1cd8027a308d30a2c6a997eef7de2d56d25707c6f
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus-blue.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F6EF)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 251
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (323), with CRLF line terminators
Size:   251
Md5:    cdc5b4b97c8ba035107a114beb21b4ae
Sha1:   9c00eaeeb192332a3f67b6de504044df09ced7dc
Sha256: 23dbb4ce0b4344f1034e2dc25d95bf375216c6fe7ac018d1f1a77660577e341f
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus-gr-blue-transparent.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212273
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F6C0)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 387
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (606), with no line terminators
Size:   387
Md5:    6a93a320ef2790ae4d4c429736ecd205
Sha1:   b34b5028604eecb4bd8830b478ae7974b5fa3ea8
Sha256: fe562c4b65e74b7ae5fa9636937ce8bb67c1f9980ea578a8bc093c61e3f3b0b9
                                        
                                            GET /gtm.js?id=GTM-RQS5 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 08:35:55 GMT
expires: Thu, 29 Sep 2022 08:35:55 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13218)
Size:   65130
Md5:    f081373f9b4fd1d28ac306d956c479d4
Sha1:   d0505621924491a1ae11b9906f8a6b49d5955955
Sha256: a44362a15ed88cc108632ab696313580bd3bf287b16f32f702631d99aa801771
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus-blue-fill.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F695)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 210
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (350), with no line terminators
Size:   210
Md5:    dc51af175b3b80bef0b246d297069137
Sha1:   0d6ca6b252fd747ac12f0f5ccf572fa37b31fdd4
Sha256: 29ef566a3dac872d6eb8f79a10e4eadb4beb34990981e9d0d44bd5848b14a766
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus-blue-turquoise-gr.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F68A)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 390
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (345), with CRLF line terminators
Size:   390
Md5:    f9c08a3be048fb30d2058aed804e6f00
Sha1:   bc9a48c8836469166335e32223a789c4be9fcdc7
Sha256: bfda32b4b2ede10052fad25acbf0764fca634a2faa3469799d896ad2f8ef9b0d
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus-blue-gr.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F793)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 394
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (345), with CRLF line terminators
Size:   394
Md5:    cada647f9031a7fefa7c944c88bd0c76
Sha1:   57d41f59eb7f07170edc964ae296a83d83d7d26b
Sha256: 18512939e1b2a1eddcf6e29529b06b682504a6bf927f13f8237f9d0c6864e9bf
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus-white.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F7B6)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 225
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   225
Md5:    38d7982a3216048799a8236d895422f9
Sha1:   2e9fdf4ef10f2ff41c956fc27c6752778b273251
Sha256: 389e0a02bef763311044872d7efd2c33ebec86f0b447dda3a6b3d818380403ef
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/border-gradient-top-right.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212273
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "c4f6237bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F797)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 302
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   302
Md5:    94b88d95286d229f846322eb8bab302f
Sha1:   2f767eb5f53abb44c83aa148af09b023f04da4f2
Sha256: 9170dd1c49c0c23669535a925b1a3dde241e6198450eef6c60f21af9f0fc911a
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/svg/plus-turquoise-white-gr.svg HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212273
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F79E)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 390
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (345), with CRLF line terminators
Size:   390
Md5:    f3d6b6e6601ad9f222e5e03ab602961c
Sha1:   37cee6b48f3144202a8678990f12eb960bd294be
Sha256: a0b4c1c6a58dae23774d2e2d688b564d70350460c85bf6e636ca6c0e79a19673
                                        
                                            GET /1.0.0.105560/Resources/Scripts/user-cookies-manager.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212290
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "c7d7e0f21fccd81:0+gzip"
last-modified: Mon, 19 Sep 2022 12:04:19 GMT
server: ECAcc (ska/F6E3)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 782
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   782
Md5:    1aee9e674122758c6f3f6190f82eeb22
Sha1:   b4b11dbd6b91f217b3179d8fb8d1f50c66898930
Sha256: 5b1ade0e2994e55e31347cf9ed228fcc61ceee82228892f0fd980025f2633655
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/favicon.ico HTTP/1.1 
Host: www.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Cookie: referralUrl=https%3a%2f%2fwww.bitcoin-kopen.com%2f; referralId=112372; referralPlan=2; innerTags=; webvisitid=f626e9c6-cb51-41f7-aa3b-d56918f7b1a6; referralTimeStamp=2022-09-29T08:35:54.8767695+00:00; VisitLogged=True; ASP.NET_SessionId=dw0u4xz2qn5uc2jxlwue1ank; InAppView=False; theme_type=Light; Exps=Q29va2llc1BvcHVwRXhwZXJpbWVudCwx; IP=!YfbtXZ+d45C8MI1ay247HpdMxMsAH5PeLurReIGAlM7nxzJyEzsKLelcgud2S1P1xUebAWYdgDn4PZhvqgWIOeAktU2jMYZJw6rC6ogLBlwbe1qnBzwqDnYPxstlAtR5ldNronYi4sUTYD97lu4kO0wtvm0mHf4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         152.195.53.227
HTTP/2 200 OK
content-type: image/x-icon
                                        
accept-ranges: bytes
alt-svc: clear
cache-control: max-age=2592000
date: Thu, 29 Sep 2022 08:35:54 GMT
etag: "3f6d97cc0a4d81:0"
last-modified: Sun, 31 Jul 2022 09:32:44 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
content-length: 6894
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 24 bits/pixel, 32x32, 8 bits/pixel\012- data
Size:   6894
Md5:    1eddb0a861659881b9bbc6b71154c7ef
Sha1:   1d7bce75f924f9b8fbe0965a3c7dc44e68b11da1
Sha256: bed3916563b7d44004d1675965575c3c9fb71193c2b7fb025ef4299e7bced535
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /intl/en_us/badges/images/generic/no_badge_web_generic.png HTTP/1.1 
Host: play.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.206
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
location: https://play.google.com/intl/en_us/badges/static/images/badges/no_badge_web_generic.png
cache-control: private
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 08:35:55 GMT
server: sffe
content-length: 284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   284
Md5:    ccfe8887ceed5f907bbf1391cd9781d3
Sha1:   fbed21ce7be7db2eb70ce0c244cf6921b62245de
Sha256: 18a0059bc7a6ae0f215282511c98277c588c4f7039fd38ddd5c2372c6244985b
                                        
                                            GET /1.0.0.105560/Resources/Scripts/lazysizes.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212290
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "3547bf7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6A0)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 4321
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (9619), with CRLF line terminators
Size:   4321
Md5:    a33fedd34b77542b5dbc1e9091d46b92
Sha1:   26547af3576eea1380f6bd3e3f15d1a1ae3fd203
Sha256: cbb6dfdc8cf95c66a139cdaa0d17f5a688e1fc6f14bad76ee6c311b1a9c0f268
                                        
                                            GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 08:35:55 GMT
date: Thu, 29 Sep 2022 08:35:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1379
Md5:    1bd322614c85ffc83794ecdeb21f0771
Sha1:   9430976aba1654a2e6252dd5316ea87883fe3227
Sha256: 1628e25e5b2f92360a484759f8fcf731395b5a2f67e618cdc3dc72613d51c4cb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 46907
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:21 GMT
expires: Thu, 28 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 46894
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /pa-587c9d1971a183207f0f58cd.js HTTP/1.1 
Host: rum-static.pingdom.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.55.104
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 29 Sep 2022 08:35:55 GMT
last-modified: Tue, 11 May 2021 14:01:36 GMT
vary: Accept-Encoding
etag: W/"609a8e40-1852"
expires: Thu, 29 Sep 2022 08:40:40 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 15
server: cloudflare
cf-ray: 7523635ce8ca0b65-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   18641
Md5:    8394425b977fe436c82150163fe0fe15
Sha1:   7cf8067815c38aa5e8b407c19363ad25d84ca3da
Sha256: 34ae0269d05d09176bb881f748814d8cf620748fbd14a345d5664ea641343485
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 46907
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:55 GMT
Last-Modified: Thu, 29 Sep 2022 07:33:03 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A8jw5r9x9Wsr4Kovrj46YEj4PWFTgpQNd28rKr9GIvAPDSbRvCQdgA==
Age: 3772

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 06:41:09 GMT
expires: Thu, 29 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 6886
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /wi/config/10042775.json HTTP/1.1 
Host: s.yimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         188.125.94.204
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: W9JG37W7C1MN1SR3
x-amz-id-2: ZOFXa+MmQwAp792Xb0vgLY25gS16OqJrhUs57fEJUHd/L4PAQCHVqAn5aDUgeEFqCDRKEqjf7zs=
date: Thu, 29 Sep 2022 08:31:27 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 269
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:56 GMT
Last-Modified: Thu, 29 Sep 2022 07:07:14 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R1ZKzk8iKZUHLTvVbz5k9ljkqFNZGlnoBHs4xtQYhd-DtiQnXYq4-w==
Age: 5322

                                        
                                            GET /wi/ytc.js HTTP/1.1 
Host: s.yimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         188.125.94.204
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: aS9pg/ovC0EPsl8kfpbGdsd/gpZ2gX/9kHYc9nKqhmBxa+Y7PbfQNl8GCW8qdim/wavdB6B1eb8=
x-amz-request-id: FN0E1VTTE6N0N03B
date: Thu, 29 Sep 2022 08:00:35 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2121
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6401
Md5:    19b79d6d0f49e5be1a7ced885bc36b49
Sha1:   fc78fd2b7d70b3772c73c640374dc4dfa9454e40
Sha256: 8a89c58400427a60c511e8117b221df90a060776b3bc5e0e46b0266b2451f6ca
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-7008980-19&cid=2147285195.1664440553&jid=581537914&gjid=1264375782&_gid=1548164489.1664440553&_u=YEBAAEAAAAAAAC~&z=1867395866 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.165.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.plus500.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 08:35:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /media-badges/download-on-the-app-store/black/no-no.svg HTTP/1.1 
Host: apple-resources.s3.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.231.231.73
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: FMCa245pyiQMh7k/QKbxNPJwLH/19nVyCuBNAyYFyjSSHzEjZWEBInZr1/DLsEaSyhczD9uuXbw=
x-amz-request-id: E2EA1ZWAYTP5JA1K
Date: Thu, 29 Sep 2022 08:35:57 GMT
Last-Modified: Wed, 29 Apr 2020 21:18:39 GMT
ETag: "fb75219744b4ce8670e7d51a234c72d3"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 10565


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Size:   10565
Md5:    fb75219744b4ce8670e7d51a234c72d3
Sha1:   b493651db277556899d1985dcaf8585473d1421e
Sha256: 3fb09d42eae9d61618bdef86c6fce9e5820a45394fa2021c7fa720c1abe479d7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/badges/download-on-the-app-store/black/no-no HTTP/1.1 
Host: tools.applemediaservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.86.139.41
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
date: Thu, 29 Sep 2022 08:35:55 GMT
location: https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/no-no.svg
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 3b98aeb9-9910-49af-a433-0b6c9eff3e7c
x-runtime: 0.002874
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-7008980-19&cid=2147285195.1664440553&jid=581537914&_u=YEBAAEAAAAAAAC~&z=2036550628 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 08:35:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12364
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 08:35:56 GMT
Connection: keep-alive

                                        
                                            GET /sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2008%3A35%3A53%20GMT&n=0&b=Online%20CFD-handel%20%7C%20Handle%20markedene%20%7C%20Plus500&.yp=10042775&f=https%3A%2F%2Fwww.plus500.com%2Fno%2F%3Fid%3D112372%26pl%3D2&e=https%3A%2F%2Fwww.bitcoin-kopen.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1 
Host: sp.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         212.82.100.181
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 08:35:56 GMT
expires: Thu, 29 Sep 2022 08:35:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOxYNWMCENGAtfCFbWu1G-En3iNBMiQFEgEBAQGqNmM_YwAAAAAA_eMAAA&S=AQAAArKVrdTxiCoSrrO2XJe8kuY; Expires=Fri, 29 Sep 2023 14:35:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    bff56ce49dd485d195fdfa0a02342568
Sha1:   74fb4071deab7d3ab083562067b735df32c43397
Sha256: 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12364
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 08:35:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12364
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 08:35:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe91221c7-ce03-4ea5-9826-7a53eaafc5e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9002
x-amzn-requestid: 0623931b-a4d6-49de-ba32-d071c08eddbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoiGKRIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be36-1573e2e91c85617424db019f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:50 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3kkSL0VcJl64iZ0TiKfOwK620pLX2CAVWqY1Bp2NhokTX0572t_nnQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:47 GMT
etag: "d76293673a7aa2861b069ced614cdcdb84fed6d3"
age: 39309
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9002
Md5:    c80d7ce8a9d3fba54855e05731db759c
Sha1:   d76293673a7aa2861b069ced614cdcdb84fed6d3
Sha256: eabd1bfef29cad4045d688a909b9a8c88818d80bb432ce642d055583cf66d77d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3332
x-amzn-requestid: 34214e89-7232-4fd5-9257-adf231670681
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDb3vGkOIAMFVhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314031-3056111d48a5027a2062ad1b;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 06:01:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VosALWNOhCfUDfo2bXgYE0Cx2duyHRaLb5DCn9IydXtoIsYyg9vWhA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:13 GMT
age: 38803
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3332
Md5:    6ac86079d2901fb11bfaff81d91bb2d2
Sha1:   4fc0699c763f67a2602b4b3f46b8b4013d2049c6
Sha256: 8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XwUZAphoqael30FgWCRQlHqBpjBOSG7rnlbPNKyojhONZ625gCUI5g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 07:36:34 GMT
age: 3562
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7859
Md5:    c62a6368c456e9614ca4c8e360a2ef12
Sha1:   35ec6e80d324bb215796c590a7ffafbaea55d88e
Sha256: 90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9654
x-amzn-requestid: 7277f59f-452d-4cb6-a76e-1561b4ff3de0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGW2REPzoAMFrww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326b5b-4f5d775830c95b065ce40d3f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:17:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jTiWrrcC29QaFlnaiNH_KmEaphRZhWyzf1JbWb6uL00D3vOMR7Wfyg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:09 GMT
age: 18467
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9654
Md5:    36ae9444071dd70dcf86802c370ffda9
Sha1:   44cc19b21912d07f82a88af5b2fa6d3e370459bf
Sha256: 99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:43 GMT
age: 39313
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10023
Md5:    f4505f57697072468da82e0b536d0d5b
Sha1:   e1067a2dfbc22e7eb196046d57bd1e17604dba75
Sha256: b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:41:45 GMT
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
age: 39251
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14073
Md5:    11594ce7500d8776bfd5162b17f87d72
Sha1:   72603efba82d649ce5a7a0ca45dc830c0d9ef012
Sha256: 511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1.0.0.105560/Resources/Scripts/foundation.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Cookie: _ga=GA1.2.2147285195.1664440553; _gid=GA1.2.1548164489.1664440553; _gat_UA-7008980-19=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212290
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:56 GMT
etag: "b8bdb57bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F794)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 38642
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   38642
Md5:    dd7051f6e5b2d4c490a37314124e5914
Sha1:   08efeda174c5b76625a79f42719bb23d6c381bca
Sha256: 0f6f54f25d75f78b619c1b306fde88f494d9a40c46c0055f913e72d5044edc47
                                        
                                            GET /1.0.0.105560/Resources/Scripts/slick.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Cookie: _ga=GA1.2.2147285195.1664440553; _gid=GA1.2.1548164489.1664440553; _gat_UA-7008980-19=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212281
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:56 GMT
etag: "ac6ec67bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6B8)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 10438
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (42862), with CRLF line terminators
Size:   10438
Md5:    b694659d83b3c389a344834d8a4f29f9
Sha1:   bbb698f189ffed76fb004153797fa6fdff75cd65
Sha256: c476653cbcb206ed704d2d68134f0d78288495d1c1a966cb0f47ed44cd80e32b
                                        
                                            GET /1.0.0.105560/Resources/Scripts/support-button-on-scroll.min.js HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Cookie: _ga=GA1.2.2147285195.1664440553; _gid=GA1.2.1548164489.1664440553; _gat_UA-7008980-19=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: application/javascript
                                        
content-encoding: gzip
access-control-allow-origin: *
age: 212290
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:56 GMT
etag: "ac6ec67bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6C2)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 426
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1023), with no line terminators
Size:   426
Md5:    61767c07a3bd0e2e7d0b7bad7eddab9f
Sha1:   8e838b5f75fc910623760a346e53f89b92018e83
Sha256: d72c946a600fe35f1271128f9044b11cd803248e7ec36e8a4ceb207ead9c6332
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:56 GMT
Last-Modified: Thu, 29 Sep 2022 07:06:02 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I2LEFLI2pIFueVgffH8s5NZ8LJSXZ2HBJx2X2AShyLnYxr3rozV0wg==
Age: 5394

                                        
                                            GET /img/beacon.gif?id=587c9d1971a183207f0f58cd&sAW=1280&sAH=1002&bIW=1280&bIH=939&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=93&cE=159&dLE=93&dLS=53&fS=50&hS=104&rE=-1&rS=-1&reS=159&resS=250&resE=268&uEE=-1&uES=-1&dL=259&dI=695&dCLES=723&dCLEE=734&dC=1705&lES=1705&lEE=1801&s=nt&title=Online%20CFD-handel%20%7C%20Handle%20markedene%20%7C%20Plus500&path=https%3A%2F%2Fwww.plus500.com%2Fno%2F&ref=https%3A%2F%2Fwww.bitcoin-kopen.com%2F&sId=8mr9ruzw&sST=1664440553&sIS=1&rV=0&v=1.4.1 HTTP/1.1 
Host: rum-collector-2.pingdom.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.19.30.211
HTTP/1.1 200 OK
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 29 Sep 2022 08:35:56 GMT
Expires: 0
Pragma: no-cache
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /meet-uit.php?wlink=13&wzo=WEkHGw5xSay4vTEC&rdk=rk3 HTTP/1.1 
Host: www.bitcoin-kopen.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         37.97.223.62
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /bitcoin/ HTTP/1.1 
Host: www.bitcoin-kopen.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://www.bitcoin-kopen.com
Connection: keep-alive
Referer: https://www.bitcoin-kopen.com/meet-uit.php?wlink=13&wzo=WEkHGw5xSay4vTEC&rdk=rk3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         37.97.223.62
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /meten/klik.php HTTP/1.1 
Host: www.bitcoin-kopen.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://www.bitcoin-kopen.com
Connection: keep-alive
Referer: https://www.bitcoin-kopen.com/bitcoin/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         37.97.223.62
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
location: https://www.plus500.com/no/?id=112372&pl=2
x-powered-by: PHP/7.3.33, PleskLin
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1.0.0.105560/Resources/Images/newhome/img/iPhone-transperent.webp HTTP/1.1 
Host: cdn-main.plus500.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         192.229.220.58
HTTP/2 200 OK
content-type: image/webp
                                        
accept-ranges: bytes
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "1dd01c7bc0a4d81:0"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F76F)
strict-transport-security: max-age=31536000
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 53092
X-Firefox-Spdy: h2


--- Additional Info ---