telemobile.site/om/env/ooredoo/
194.135.87.27302 Found 0 B URL HTTP/1.1 telemobile.site/om/env/ooredoo/
IP 194.135.87.27:0
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /om/env/ooredoo/ HTTP/1.1
Host: telemobile.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 29 Sep 2022 08:35:53 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: //whampamp.com/4/5087048?var=ed2
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 08:05:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ff-5bnTcSSgnOaUV_S8iIgQyL8b9uGHDXaL7Au1JGJWHQSE_xejkRg==
Age: 1844
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14212
Expires: Thu, 29 Sep 2022 12:32:45 GMT
Date: Thu, 29 Sep 2022 08:35:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _b7nWTjbsoIHDjfRZCGXVYYwGc9zus9JDkFSct_QrYYzUu5ej-5pJQ==
age: 11246
X-Firefox-Spdy: h2
whampamp.com/4/5087048?var=ed2
139.45.197.236200 OK 2.9 kB URL HTTP/1.1 whampamp.com/4/5087048?var=ed2
IP 139.45.197.236:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5401)
Hash 77fb74d394fcb81cce313fbe72f8e80b
e76feea61c63742f32326a311cad52eadfd71ed1
d650b59452fc3d2ec788648b6fa88cddaaffade014415ab3da579e0c47047eef
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5087048?var=ed2 HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=905d64afb60e493a979bb84b8414ca77; oaidts=1664438491; syncedCookie=true
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 08:35:54 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 7419b3276ff5b51a3875b60a0b71fba0
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:35:54 GMT; path=/
oaidts=1664438491; expires=Fri, 29 Sep 2023 08:35:54 GMT; path=/
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
whampamp.com/?z=5087048&syncedCookie=false&rhd=false
139.45.197.236302 Found 0 B URL HTTP/1.1 whampamp.com/?z=5087048&syncedCookie=false&rhd=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=5087048&syncedCookie=false&rhd=false HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 435
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=905d64afb60e493a979bb84b8414ca77; oaidts=1664438491; syncedCookie=true
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 29 Sep 2022 08:35:54 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 39a3b5cf1e0ed072ef69a5bdc6123391
Link: <https://www.bitcoin-kopen.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://www.bitcoin-kopen.com/meet-uit.php?wlink=13&wzo=WEkHGw5xSay4vTEC&rdk=rk3
Access-Control-Allow-Origin: http://whampamp.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:35:54 GMT; path=/
oaidts=1664438491; expires=Fri, 29 Sep 2023 08:35:54 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 301e51c7e158c8f2bc502d59c4b55d38
ccee182c30da340baa273a144254736ca08ab3d5
8f446a302c551a886d35511d75f7c69fc6c44e19f24db073bee192350ba6b36e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F446A302C551A886D35511D75F7C69FC6C44E19F24DB073BEE192350BA6B36E"
Last-Modified: Thu, 29 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5133
Expires: Thu, 29 Sep 2022 10:01:27 GMT
Date: Thu, 29 Sep 2022 08:35:54 GMT
Connection: keep-alive
whampamp.com/favicon.ico
139.45.197.236204 No Content 0 B IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: whampamp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=905d64afb60e493a979bb84b8414ca77; oaidts=1664438491; syncedCookie=true
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 29 Sep 2022 08:35:54 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 08:35:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=337163,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752363588fbcb50c-OSL
my.rtmark.net/img.gif?f=merge&userId=905d64afb60e493a979bb84b8414ca77
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=905d64afb60e493a979bb84b8414ca77
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=905d64afb60e493a979bb84b8414ca77 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://whampamp.com
Connection: keep-alive
Referer: http://whampamp.com/
Cookie: ID=905d64afb60e493a979bb84b8414ca77
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: http://whampamp.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=905d64afb60e493a979bb84b8414ca77; expires=Fri, 29 Sep 2023 08:35:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 08:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 08:40:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dWCiMlHJhIfusSrAyruwEBa-GnFfFIJ-BXRvqSMWltk8XOzfWzq3DQ==
Age: 381
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83ebffb7e4b186b8e0bc16b98384635d
5c4ff64b2b688bdaa48c77a03cd4259f5568a4e0
e1fe0898dfd954e32c03f3d70418f5e2f94f7d9705a5e373649f11dda9f59dda
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6576
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:54 GMT
Last-Modified: Thu, 29 Sep 2022 06:46:18 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:54 GMT
Last-Modified: Thu, 29 Sep 2022 07:10:54 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.plus500.com/no/?id=112372&pl=2
152.195.53.227200 OK 139 kB URL HTTP/2 www.plus500.com/no/?id=112372&pl=2
IP 152.195.53.227:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18130), with CRLF, LF line terminators
Size 139 kB (138916 bytes)
Hash e3cc65b4a03db0c6b0eaf82cc8f9795a
4307e55f115113305836d4469ac097284e2d322a
e4f4c6f72cd14db4b1fcaac5cc48038313fa8c27e39a277ba81a3b7f1b522161
GET /no/?id=112372&pl=2 HTTP/1.1
Host: www.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bitcoin-kopen.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: clear
cache-control: private
content-type: text/html; charset=utf-8
date: Thu, 29 Sep 2022 08:35:54 GMT
server: Microsoft-IIS/10.0
set-cookie: referralUrl=https%3a%2f%2fwww.bitcoin-kopen.com%2f; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly
referralId=112372; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly
referralPlan=2; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly
innerTags=; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly
webvisitid=f626e9c6-cb51-41f7-aa3b-d56918f7b1a6; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly
referralTimeStamp=2022-09-29T08:35:54.8767695+00:00; expires=Sat, 29-Oct-2022 08:35:54 GMT; path=/; SameSite=None; secure; HttpOnly
VisitLogged=True; path=/; SameSite=None; secure; HttpOnly
ASP.NET_SessionId=dw0u4xz2qn5uc2jxlwue1ank; path=/; secure; HttpOnly; SameSite=None
InAppView=False; path=/; SameSite=None; secure; HttpOnly
theme_type=Light; path=/; SameSite=None; secure; HttpOnly
Exps=Q29va2llc1BvcHVwRXhwZXJpbWVudCwx; path=/; secure; HttpOnly
IP=!YfbtXZ+d45C8MI1ay247HpdMxMsAH5PeLurReIGAlM7nxzJyEzsKLelcgud2S1P1xUebAWYdgDn4PZhvqgWIOeAktU2jMYZJw6rC6ogLBlwbe1qnBzwqDnYPxstlAtR5ldNronYi4sUTYD97lu4kO0wtvm0mHf4=; path=/; Httponly; Secure; SameSite=none
strict-transport-security: max-age=31536000
x-aspnetmvc-version: 5.2
x-frame-options: Deny
content-length: 138916
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3fc5d2e3f9e63985dfae3b58f1455521
899ac70e01d3c5d7f8880ddec6ac7e636c31eb6c
ce60da2184b0a8c5cb89abdcddf615303ce081a00191b1b73af11c371b9f9fcc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6221
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Last-Modified: Thu, 29 Sep 2022 06:52:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/layout.bundle.min.js
192.229.220.58200 OK 32 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/layout.bundle.min.js
IP 192.229.220.58:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 579b64ce74ad3c0409a0bb6a6624a608
ce6ce94b5ad1b8e0c066957d92a41c14b974f021
0a59bdb70fc09933b7e3bdab3a3d1e1161cea5f82802daf376af8a7761f2662d
GET /1.0.0.105560/Resources/Scripts/layout.bundle.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "3547bf7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F72C)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 31983
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/marketing-plus500-invest.svg
192.229.220.58200 OK 2.5 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/marketing-plus500-invest.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6957), with no line terminators
Hash 72ecc0d5267c801fff507fe2f2b5ca60
98d6256130659d1a3bc8a82592c11950e3475162
e7f24adf6aee2d10e006ed5a017b32b05c3f54418a4c08e0d09a0163d2728c73
GET /1.0.0.105560/Resources/Images/newhome/svg/marketing-plus500-invest.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F6DD)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2534
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus500-invest.svg
192.229.220.58200 OK 2.4 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus500-invest.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6464), with no line terminators
Hash f020056bf2b14af54232c36f42060b28
b6c7c4d613fb0fa175e7b04d3fc1d302bbc72ac0
40faa14df892598736cdb2f202a86ffe31eba80c698350a2ce3170413c4d6b09
GET /1.0.0.105560/Resources/Images/newhome/svg/plus500-invest.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "62e22f7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F6BC)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2386
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus500-cfd.svg
192.229.220.58200 OK 2.3 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus500-cfd.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6171), with no line terminators
Hash fd6dd7c0c5f25889a0d093d3ae29cc72
24649b7162ed8e6d98d903f88f3ae08f48a85bce
a8b4cfc6ff2f0c5ded25a8ee5bb9b6c5d05d454e514b4e1cdf0cbb3df75caea1
GET /1.0.0.105560/Resources/Images/newhome/svg/plus500-cfd.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F7B7)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2289
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus500-futures.svg
192.229.220.58200 OK 2.6 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus500-futures.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6922), with no line terminators
Hash 5ceb194254aa2a61f44279c3c458bda6
0cc00cd3f67fbdd92ccd30aef4c3dd59ce6391a8
0cc87419bb3c8f4e85512947ddef6509c3cd5b9699130022b334d7b169c1a112
GET /1.0.0.105560/Resources/Images/newhome/svg/plus500-futures.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212407
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "62e22f7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F777)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2561
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/general.min.js
192.229.220.58200 OK 1.7 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/general.min.js
IP 192.229.220.58:0
File type HTML document, ASCII text, with very long lines (4131), with no line terminators
Hash d80682bcb80b19f28bcf12f2caf145d7
5a1057c219dfbf61c672ac0f5af3e721ef404459
0acea896fe98010282919a4650622e4844fe4e97e32cdfcc7ebda3f4ce1b464d
GET /1.0.0.105560/Resources/Scripts/general.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "f81fb87bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F751)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 1672
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
192.229.220.58200 OK 26 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
IP 192.229.220.58:0
File type Unicode text, UTF-8 text, with very long lines (65526), with no line terminators
Hash 67fdb411a42abdceb27cb696f07a6fc3
9fcc8f4291d9e6e65040efc7e188181372c08997
f2c428716fedfa461c07a6c53b633905c5f9adb989b7d19c48c7de7c63e5fd69
GET /1.0.0.105560/Resources/CSS/style-homepage.css HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212275
alt-svc: clear
cache-control: public,max-age=2419200
content-type: text/css
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "6051c236ced0d81:0+gzip"
last-modified: Sun, 25 Sep 2022 11:01:50 GMT
server: ECAcc (ska/F687)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 25880
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-young-boys-back.svg
192.229.220.58200 OK 3.0 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-young-boys-back.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 7fb63f8c3953709ad5e3f5b6ad43496f
59266c1b54876a07781af63200c70ba3568ff950
56c9a7419c39926548d3c0a1e8e34733b4216077d6c1143e7586eaa70a365662
GET /1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-young-boys-back.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "fbab536ced0d81:0+gzip"
last-modified: Sun, 25 Sep 2022 11:01:50 GMT
server: ECAcc (ska/F791)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 3039
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-atalanta-back.svg
192.229.220.58200 OK 2.2 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-atalanta-back.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash 452d3354ca658e49e185b489d4a1149c
ecaada72423054962ef4676c5d025354c973c6c3
d1781719dd7802b8c85512687eb7b4b96f8a9a42461cbf048eccce59be64d95d
GET /1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-atalanta-back.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "82f9b336ced0d81:0+gzip"
last-modified: Sun, 25 Sep 2022 11:01:50 GMT
server: ECAcc (ska/F7BE)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 2157
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-legia-back.svg
192.229.220.58200 OK 895 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-legia-back.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators
Hash db1a984a2f5017026be754dbf29807e6
0cd9cc7ee3c2e1323fe043848cc8b1e421eec6e2
19d9e706e251184a8fe9d4d4f075e944b53bbf0241c5532a60ec3fe468db9c34
GET /1.0.0.105560/Resources/Images/newhome/svg/sponsorship-logo-legia-back.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "a6bcb436ced0d81:0+gzip"
last-modified: Sun, 25 Sep 2022 11:01:50 GMT
server: ECAcc (ska/F765)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 895
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/gsap/ScrollTrigger.min.js
192.229.220.58200 OK 16 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/gsap/ScrollTrigger.min.js
IP 192.229.220.58:0
File type ASCII text, with very long lines (37769), with CRLF line terminators
Hash 95183eb03c12fb3bd822a89d9bb3e701
10d2f80952d2e73fdc759da2462cc3269a09c504
4db1fc48bc4e4b15b8ed576be7d54d0329fdd02f63626c0f4eb4bf62de2921f9
GET /1.0.0.105560/Resources/Scripts/gsap/ScrollTrigger.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "f81fb87bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6B0)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 15867
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/gsap/gsap.min.js
192.229.220.58200 OK 26 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/gsap/gsap.min.js
IP 192.229.220.58:0
File type ASCII text, with very long lines (64964), with CRLF line terminators
Hash 30d921ca34ea19dcb3a51328b8211c2b
e10800d779757814c6f947529b920f6fd6856931
72f1f179ef1f689a54a2716bb834857447645e88e29e8fbaef4cb350a4c6c8aa
GET /1.0.0.105560/Resources/Scripts/gsap/gsap.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212361
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "4882ba7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6CB)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 25700
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/gsap/SplitText.min.js
192.229.220.58200 OK 5.3 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/gsap/SplitText.min.js
IP 192.229.220.58:0
File type ASCII text, with very long lines (15208), with CRLF line terminators
Hash 4795c6a8caba8e08d1a806321aee45b4
32e407d3135a16c9ed96deb53ccd8d75fd2aafea
27b1e63e38e493f614a393fdf22d0adc851de528ee5d37e9620118098268e3b9
GET /1.0.0.105560/Resources/Scripts/gsap/SplitText.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212319
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "4882ba7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6C6)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 5301
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.148.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.148.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 18U0E0m/vFsVESDq0qdfbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HiS2av6izilGbTBo+1EXKtkh01U=
www.googleoptimize.com/optimize.js?id=OPT-NXX9W9Z
142.250.74.46200 OK 43 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-NXX9W9Z
IP 142.250.74.46:0
File type ASCII text, with very long lines (4316)
Hash 1c59cae61cd1556c001bda8c2871c7ff
774280938240b3d92a7aaed65986ea676b74bf22
eb7d0c2694a151739ed031c9258b4cad46419617ba3cc7a986be95283c408bb2
GET /optimize.js?id=OPT-NXX9W9Z HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 08:35:55 GMT
expires: Thu, 29 Sep 2022 08:35:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/img/hero-banner.webp
192.229.220.58200 OK 59 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/img/hero-banner.webp
IP 192.229.220.58:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 29bc7c57e85d4b12c6e0aaf115c46ccb
7dd77a2ed69557b8aa11b39b29653130e838491a
c11c79003e2d10d24762a4c1cd8027a308d30a2c6a997eef7de2d56d25707c6f
GET /1.0.0.105560/Resources/Images/newhome/img/hero-banner.webp HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 212273
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/webp
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "1dd01c7bc0a4d81:0"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F7A8)
strict-transport-security: max-age=31536000
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 58612
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-blue.svg
192.229.220.58200 OK 251 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-blue.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (323), with CRLF line terminators
Hash cdc5b4b97c8ba035107a114beb21b4ae
9c00eaeeb192332a3f67b6de504044df09ced7dc
23dbb4ce0b4344f1034e2dc25d95bf375216c6fe7ac018d1f1a77660577e341f
GET /1.0.0.105560/Resources/Images/newhome/svg/plus-blue.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F6EF)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 251
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-gr-blue-transparent.svg
192.229.220.58200 OK 387 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-gr-blue-transparent.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (606), with no line terminators
Hash 6a93a320ef2790ae4d4c429736ecd205
b34b5028604eecb4bd8830b478ae7974b5fa3ea8
fe562c4b65e74b7ae5fa9636937ce8bb67c1f9980ea578a8bc093c61e3f3b0b9
GET /1.0.0.105560/Resources/Images/newhome/svg/plus-gr-blue-transparent.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212273
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F6C0)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 387
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-RQS5
142.250.74.72200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-RQS5
IP 142.250.74.72:0
File type ASCII text, with very long lines (13218)
Hash f081373f9b4fd1d28ac306d956c479d4
d0505621924491a1ae11b9906f8a6b49d5955955
a44362a15ed88cc108632ab696313580bd3bf287b16f32f702631d99aa801771
GET /gtm.js?id=GTM-RQS5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 08:35:55 GMT
expires: Thu, 29 Sep 2022 08:35:55 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-blue-fill.svg
192.229.220.58200 OK 210 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-blue-fill.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (350), with no line terminators
Hash dc51af175b3b80bef0b246d297069137
0d6ca6b252fd747ac12f0f5ccf572fa37b31fdd4
29ef566a3dac872d6eb8f79a10e4eadb4beb34990981e9d0d44bd5848b14a766
GET /1.0.0.105560/Resources/Images/newhome/svg/plus-blue-fill.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F695)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 210
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-blue-turquoise-gr.svg
192.229.220.58200 OK 390 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-blue-turquoise-gr.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (345), with CRLF line terminators
Hash f9c08a3be048fb30d2058aed804e6f00
bc9a48c8836469166335e32223a789c4be9fcdc7
bfda32b4b2ede10052fad25acbf0764fca634a2faa3469799d896ad2f8ef9b0d
GET /1.0.0.105560/Resources/Images/newhome/svg/plus-blue-turquoise-gr.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F68A)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 390
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-blue-gr.svg
192.229.220.58200 OK 394 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-blue-gr.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (345), with CRLF line terminators
Hash cada647f9031a7fefa7c944c88bd0c76
57d41f59eb7f07170edc964ae296a83d83d7d26b
18512939e1b2a1eddcf6e29529b06b682504a6bf927f13f8237f9d0c6864e9bf
GET /1.0.0.105560/Resources/Images/newhome/svg/plus-blue-gr.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F793)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 394
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-white.svg
192.229.220.58200 OK 225 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-white.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 38d7982a3216048799a8236d895422f9
2e9fdf4ef10f2ff41c956fc27c6752778b273251
389e0a02bef763311044872d7efd2c33ebec86f0b447dda3a6b3d818380403ef
GET /1.0.0.105560/Resources/Images/newhome/svg/plus-white.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F7B6)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 225
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/border-gradient-top-right.svg
192.229.220.58200 OK 302 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/border-gradient-top-right.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 94b88d95286d229f846322eb8bab302f
2f767eb5f53abb44c83aa148af09b023f04da4f2
9170dd1c49c0c23669535a925b1a3dde241e6198450eef6c60f21af9f0fc911a
GET /1.0.0.105560/Resources/Images/newhome/svg/border-gradient-top-right.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212273
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "c4f6237bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F797)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 302
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-turquoise-white-gr.svg
192.229.220.58200 OK 390 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/svg/plus-turquoise-white-gr.svg
IP 192.229.220.58:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (345), with CRLF line terminators
Hash f3d6b6e6601ad9f222e5e03ab602961c
37cee6b48f3144202a8678990f12eb960bd294be
a0b4c1c6a58dae23774d2e2d688b564d70350460c85bf6e636ca6c0e79a19673
GET /1.0.0.105560/Resources/Images/newhome/svg/plus-turquoise-white-gr.svg HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212273
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/svg+xml
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "30802d7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F79E)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 390
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/user-cookies-manager.js
192.229.220.58200 OK 782 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/user-cookies-manager.js
IP 192.229.220.58:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 1aee9e674122758c6f3f6190f82eeb22
b4b11dbd6b91f217b3179d8fb8d1f50c66898930
5b1ade0e2994e55e31347cf9ed228fcc61ceee82228892f0fd980025f2633655
GET /1.0.0.105560/Resources/Scripts/user-cookies-manager.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212290
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "c7d7e0f21fccd81:0+gzip"
last-modified: Mon, 19 Sep 2022 12:04:19 GMT
server: ECAcc (ska/F6E3)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 782
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.plus500.com/no/favicon.ico
152.195.53.227200 OK 6.9 kB URL HTTP/2 www.plus500.com/no/favicon.ico
IP 152.195.53.227:0
File type MS Windows icon resource - 3 icons, 16x16, 24 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash 1eddb0a861659881b9bbc6b71154c7ef
1d7bce75f924f9b8fbe0965a3c7dc44e68b11da1
bed3916563b7d44004d1675965575c3c9fb71193c2b7fb025ef4299e7bced535
GET /no/favicon.ico HTTP/1.1
Host: www.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Cookie: referralUrl=https%3a%2f%2fwww.bitcoin-kopen.com%2f; referralId=112372; referralPlan=2; innerTags=; webvisitid=f626e9c6-cb51-41f7-aa3b-d56918f7b1a6; referralTimeStamp=2022-09-29T08:35:54.8767695+00:00; VisitLogged=True; ASP.NET_SessionId=dw0u4xz2qn5uc2jxlwue1ank; InAppView=False; theme_type=Light; Exps=Q29va2llc1BvcHVwRXhwZXJpbWVudCwx; IP=!YfbtXZ+d45C8MI1ay247HpdMxMsAH5PeLurReIGAlM7nxzJyEzsKLelcgud2S1P1xUebAWYdgDn4PZhvqgWIOeAktU2jMYZJw6rC6ogLBlwbe1qnBzwqDnYPxstlAtR5ldNronYi4sUTYD97lu4kO0wtvm0mHf4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
alt-svc: clear
cache-control: max-age=2592000
content-type: image/x-icon
date: Thu, 29 Sep 2022 08:35:54 GMT
etag: "3f6d97cc0a4d81:0"
last-modified: Sun, 31 Jul 2022 09:32:44 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
content-length: 6894
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3826037172731ac33e566808c9618388
226e9205194fb0446af7fef47c68749add90d966
692f1898c2850d619cb42a23932602bc680abe6634e2b04906304311d2eccf27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/intl/en_us/badges/images/generic/no_badge_web_generic.png
216.58.207.206302 Found 284 B URL HTTP/2 play.google.com/intl/en_us/badges/images/generic/no_badge_web_generic.png
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ccfe8887ceed5f907bbf1391cd9781d3
fbed21ce7be7db2eb70ce0c244cf6921b62245de
18a0059bc7a6ae0f215282511c98277c588c4f7039fd38ddd5c2372c6244985b
GET /intl/en_us/badges/images/generic/no_badge_web_generic.png HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://play.google.com/intl/en_us/badges/static/images/badges/no_badge_web_generic.png
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 08:35:55 GMT
server: sffe
content-length: 284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/lazysizes.min.js
192.229.220.58200 OK 4.3 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/lazysizes.min.js
IP 192.229.220.58:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (9619), with CRLF line terminators
Hash a33fedd34b77542b5dbc1e9091d46b92
26547af3576eea1380f6bd3e3f15d1a1ae3fd203
cbb6dfdc8cf95c66a139cdaa0d17f5a688e1fc6f14bad76ee6c311b1a9c0f268
GET /1.0.0.105560/Resources/Scripts/lazysizes.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212290
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "3547bf7bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6A0)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 4321
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500&display=swap
216.58.211.10200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500&display=swap
IP 216.58.211.10:0
Hash 1bd322614c85ffc83794ecdeb21f0771
9430976aba1654a2e6252dd5316ea87883fe3227
1628e25e5b2f92360a484759f8fcf731395b5a2f67e618cdc3dc72613d51c4cb
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 08:35:55 GMT
date: Thu, 29 Sep 2022 08:35:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3826037172731ac33e566808c9618388
226e9205194fb0446af7fef47c68749add90d966
692f1898c2850d619cb42a23932602bc680abe6634e2b04906304311d2eccf27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 46907
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:21 GMT
expires: Thu, 28 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 46894
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rum-static.pingdom.net/pa-587c9d1971a183207f0f58cd.js
104.22.55.104200 OK 19 kB URL HTTP/2 rum-static.pingdom.net/pa-587c9d1971a183207f0f58cd.js
IP 104.22.55.104:0
Hash 8394425b977fe436c82150163fe0fe15
7cf8067815c38aa5e8b407c19363ad25d84ca3da
34ae0269d05d09176bb881f748814d8cf620748fbd14a345d5664ea641343485
GET /pa-587c9d1971a183207f0f58cd.js HTTP/1.1
Host: rum-static.pingdom.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 08:35:55 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 11 May 2021 14:01:36 GMT
vary: Accept-Encoding
etag: W/"609a8e40-1852"
expires: Thu, 29 Sep 2022 08:40:40 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 15
server: cloudflare
cf-ray: 7523635ce8ca0b65-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 46907
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6ef7082a55863c3a17bd796c2c67797b
60818e61484b6dca4fe8e87913958f0dc09014a9
4450c957d017dd85d82266c69f35f8f0063a646cef9c7148c2f972377e2890f6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:55 GMT
Last-Modified: Thu, 29 Sep 2022 07:33:03 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A8jw5r9x9Wsr4Kovrj46YEj4PWFTgpQNd28rKr9GIvAPDSbRvCQdgA==
Age: 3772
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 06:41:09 GMT
expires: Thu, 29 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 6886
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10042775.json
188.125.94.204200 OK 2 B URL HTTP/2 s.yimg.com/wi/config/10042775.json
IP 188.125.94.204:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /wi/config/10042775.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: W9JG37W7C1MN1SR3
x-amz-id-2: ZOFXa+MmQwAp792Xb0vgLY25gS16OqJrhUs57fEJUHd/L4PAQCHVqAn5aDUgeEFqCDRKEqjf7zs=
content-type: application/json
date: Thu, 29 Sep 2022 08:31:27 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
content-length: 2
age: 269
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash ef37a67135c29a951e87f57b195d8df3
024b2cf804078d37710134ba9ec872788b1c62d7
1f8d806ec931dff2cf2c7e06ed808718bf879bc4252817acef9e5200addc7ccb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:56 GMT
Last-Modified: Thu, 29 Sep 2022 07:07:14 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R1ZKzk8iKZUHLTvVbz5k9ljkqFNZGlnoBHs4xtQYhd-DtiQnXYq4-w==
Age: 5322
s.yimg.com/wi/ytc.js
188.125.94.204200 OK 6.4 kB IP 188.125.94.204:0
Hash 19b79d6d0f49e5be1a7ced885bc36b49
fc78fd2b7d70b3772c73c640374dc4dfa9454e40
8a89c58400427a60c511e8117b221df90a060776b3bc5e0e46b0266b2451f6ca
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aS9pg/ovC0EPsl8kfpbGdsd/gpZ2gX/9kHYc9nKqhmBxa+Y7PbfQNl8GCW8qdim/wavdB6B1eb8=
x-amz-request-id: FN0E1VTTE6N0N03B
date: Thu, 29 Sep 2022 08:00:35 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2121
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-7008980-19&cid=2147285195.1664440553&jid=581537914&gjid=1264375782&_gid=1548164489.1664440553&_u=YEBAAEAAAAAAAC~&z=1867395866
64.233.165.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-7008980-19&cid=2147285195.1664440553&jid=581537914&gjid=1264375782&_gid=1548164489.1664440553&_u=YEBAAEAAAAAAAC~&z=1867395866
IP 64.233.165.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-7008980-19&cid=2147285195.1664440553&jid=581537914&gjid=1264375782&_gid=1548164489.1664440553&_u=YEBAAEAAAAAAAC~&z=1867395866 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.plus500.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 08:35:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/no-no.svg
54.231.231.73200 OK 11 kB URL HTTP/1.1 apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/no-no.svg
IP 54.231.231.73:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash fb75219744b4ce8670e7d51a234c72d3
b493651db277556899d1985dcaf8585473d1421e
3fb09d42eae9d61618bdef86c6fce9e5820a45394fa2021c7fa720c1abe479d7
GET /media-badges/download-on-the-app-store/black/no-no.svg HTTP/1.1
Host: apple-resources.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FMCa245pyiQMh7k/QKbxNPJwLH/19nVyCuBNAyYFyjSSHzEjZWEBInZr1/DLsEaSyhczD9uuXbw=
x-amz-request-id: E2EA1ZWAYTP5JA1K
Date: Thu, 29 Sep 2022 08:35:57 GMT
Last-Modified: Wed, 29 Apr 2020 21:18:39 GMT
ETag: "fb75219744b4ce8670e7d51a234c72d3"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 10565
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tools.applemediaservices.com/api/badges/download-on-the-app-store/black/no-no
54.86.139.41301 Moved Permanently 194 B URL HTTP/2 tools.applemediaservices.com/api/badges/download-on-the-app-store/black/no-no
IP 54.86.139.41:0
Hash 80f3c035ccf92e92e90cc6500ba4be37
5f41868aa2a037699c81d8202febda8730e0ed88
63a8a3205129ff6c808a068360a2c42a92e5502188cecdfaa48dff2533f814de
GET /api/badges/download-on-the-app-store/black/no-no HTTP/1.1
Host: tools.applemediaservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 29 Sep 2022 08:35:55 GMT
content-type: text/html; charset=utf-8
location: https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/no-no.svg
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
x-request-id: 3b98aeb9-9910-49af-a433-0b6c9eff3e7c
x-runtime: 0.002874
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-7008980-19&cid=2147285195.1664440553&jid=581537914&_u=YEBAAEAAAAAAAC~&z=2036550628
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-7008980-19&cid=2147285195.1664440553&jid=581537914&_u=YEBAAEAAAAAAAC~&z=2036550628
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-7008980-19&cid=2147285195.1664440553&jid=581537914&_u=YEBAAEAAAAAAAC~&z=2036550628 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 08:35:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12364
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 08:35:56 GMT
Connection: keep-alive
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2008%3A35%3A53%20GMT&n=0&b=Online%20CFD-handel%20%7C%20Handle%20markedene%20%7C%20Plus500&.yp=10042775&f=https%3A%2F%2Fwww.plus500.com%2Fno%2F%3Fid%3D112372%26pl%3D2&e=https%3A%2F%2Fwww.bitcoin-kopen.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
212.82.100.181200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2008%3A35%3A53%20GMT&n=0&b=Online%20CFD-handel%20%7C%20Handle%20markedene%20%7C%20Plus500&.yp=10042775&f=https%3A%2F%2Fwww.plus500.com%2Fno%2F%3Fid%3D112372%26pl%3D2&e=https%3A%2F%2Fwww.bitcoin-kopen.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2008%3A35%3A53%20GMT&n=0&b=Online%20CFD-handel%20%7C%20Handle%20markedene%20%7C%20Plus500&.yp=10042775&f=https%3A%2F%2Fwww.plus500.com%2Fno%2F%3Fid%3D112372%26pl%3D2&e=https%3A%2F%2Fwww.bitcoin-kopen.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 08:35:56 GMT
expires: Thu, 29 Sep 2022 08:35:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOxYNWMCENGAtfCFbWu1G-En3iNBMiQFEgEBAQGqNmM_YwAAAAAA_eMAAA&S=AQAAArKVrdTxiCoSrrO2XJe8kuY; Expires=Fri, 29 Sep 2023 14:35:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12364
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 08:35:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12364
Expires: Thu, 29 Sep 2022 12:02:00 GMT
Date: Thu, 29 Sep 2022 08:35:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe91221c7-ce03-4ea5-9826-7a53eaafc5e6.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe91221c7-ce03-4ea5-9826-7a53eaafc5e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c80d7ce8a9d3fba54855e05731db759c
d76293673a7aa2861b069ced614cdcdb84fed6d3
eabd1bfef29cad4045d688a909b9a8c88818d80bb432ce642d055583cf66d77d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe91221c7-ce03-4ea5-9826-7a53eaafc5e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9002
x-amzn-requestid: 0623931b-a4d6-49de-ba32-d071c08eddbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoiGKRIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be36-1573e2e91c85617424db019f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:50 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3kkSL0VcJl64iZ0TiKfOwK620pLX2CAVWqY1Bp2NhokTX0572t_nnQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:47 GMT
etag: "d76293673a7aa2861b069ced614cdcdb84fed6d3"
content-type: image/jpeg
age: 39309
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ac86079d2901fb11bfaff81d91bb2d2
4fc0699c763f67a2602b4b3f46b8b4013d2049c6
8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3332
x-amzn-requestid: 34214e89-7232-4fd5-9257-adf231670681
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDb3vGkOIAMFVhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314031-3056111d48a5027a2062ad1b;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 06:01:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VosALWNOhCfUDfo2bXgYE0Cx2duyHRaLb5DCn9IydXtoIsYyg9vWhA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:13 GMT
age: 38803
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XwUZAphoqael30FgWCRQlHqBpjBOSG7rnlbPNKyojhONZ625gCUI5g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 07:36:34 GMT
age: 3562
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7277f59f-452d-4cb6-a76e-1561b4ff3de0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGW2REPzoAMFrww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326b5b-4f5d775830c95b065ce40d3f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:17:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jTiWrrcC29QaFlnaiNH_KmEaphRZhWyzf1JbWb6uL00D3vOMR7Wfyg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:09 GMT
age: 18467
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:43 GMT
age: 39313
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:41:45 GMT
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
age: 39251
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 08:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/foundation.min.js
192.229.220.58200 OK 39 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/foundation.min.js
IP 192.229.220.58:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd7051f6e5b2d4c490a37314124e5914
08efeda174c5b76625a79f42719bb23d6c381bca
0f6f54f25d75f78b619c1b306fde88f494d9a40c46c0055f913e72d5044edc47
GET /1.0.0.105560/Resources/Scripts/foundation.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Cookie: _ga=GA1.2.2147285195.1664440553; _gid=GA1.2.1548164489.1664440553; _gat_UA-7008980-19=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212290
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:56 GMT
etag: "b8bdb57bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F794)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 38642
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/slick.min.js
192.229.220.58200 OK 10 kB URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/slick.min.js
IP 192.229.220.58:0
File type ASCII text, with very long lines (42862), with CRLF line terminators
Hash b694659d83b3c389a344834d8a4f29f9
bbb698f189ffed76fb004153797fa6fdff75cd65
c476653cbcb206ed704d2d68134f0d78288495d1c1a966cb0f47ed44cd80e32b
GET /1.0.0.105560/Resources/Scripts/slick.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Cookie: _ga=GA1.2.2147285195.1664440553; _gid=GA1.2.1548164489.1664440553; _gat_UA-7008980-19=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212281
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:56 GMT
etag: "ac6ec67bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6B8)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 10438
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/support-button-on-scroll.min.js
192.229.220.58200 OK 426 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Scripts/support-button-on-scroll.min.js
IP 192.229.220.58:0
File type ASCII text, with very long lines (1023), with no line terminators
Hash 61767c07a3bd0e2e7d0b7bad7eddab9f
8e838b5f75fc910623760a346e53f89b92018e83
d72c946a600fe35f1271128f9044b11cd803248e7ec36e8a4ceb207ead9c6332
GET /1.0.0.105560/Resources/Scripts/support-button-on-scroll.min.js HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.plus500.com/no/?id=112372&pl=2
Connection: keep-alive
Cookie: _ga=GA1.2.2147285195.1664440553; _gid=GA1.2.1548164489.1664440553; _gat_UA-7008980-19=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 212290
alt-svc: clear
cache-control: public,max-age=2419200
content-type: application/javascript
date: Thu, 29 Sep 2022 08:35:56 GMT
etag: "ac6ec67bc0a4d81:0+gzip"
last-modified: Sun, 31 Jul 2022 09:32:42 GMT
server: ECAcc (ska/F6C2)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 426
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a075a36dd58b26bccdf52ba9adc6b3c0
90ee8eaaa2a48281f2babc249d570915b2b51710
d7a19f7faf1896630baa50b3f87fe7183311de270953249bfd8dbbea3b2fefdd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 08:35:56 GMT
Last-Modified: Thu, 29 Sep 2022 07:06:02 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I2LEFLI2pIFueVgffH8s5NZ8LJSXZ2HBJx2X2AShyLnYxr3rozV0wg==
Age: 5394
rum-collector-2.pingdom.net/img/beacon.gif?id=587c9d1971a183207f0f58cd&sAW=1280&sAH=1002&bIW=1280&bIH=939&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=93&cE=159&dLE=93&dLS=53&fS=50&hS=104&rE=-1&rS=-1&reS=159&resS=250&resE=268&uEE=-1&uES=-1&dL=259&dI=695&dCLES=723&dCLEE=734&dC=1705&lES=1705&lEE=1801&s=nt&title=Online%20CFD-handel%20%7C%20Handle%20markedene%20%7C%20Plus500&path=https%3A%2F%2Fwww.plus500.com%2Fno%2F&ref=https%3A%2F%2Fwww.bitcoin-kopen.com%2F&sId=8mr9ruzw&sST=1664440553&sIS=1&rV=0&v=1.4.1
52.19.30.211200 OK 0 B URL HTTP/1.1 rum-collector-2.pingdom.net/img/beacon.gif?id=587c9d1971a183207f0f58cd&sAW=1280&sAH=1002&bIW=1280&bIH=939&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=93&cE=159&dLE=93&dLS=53&fS=50&hS=104&rE=-1&rS=-1&reS=159&resS=250&resE=268&uEE=-1&uES=-1&dL=259&dI=695&dCLES=723&dCLEE=734&dC=1705&lES=1705&lEE=1801&s=nt&title=Online%20CFD-handel%20%7C%20Handle%20markedene%20%7C%20Plus500&path=https%3A%2F%2Fwww.plus500.com%2Fno%2F&ref=https%3A%2F%2Fwww.bitcoin-kopen.com%2F&sId=8mr9ruzw&sST=1664440553&sIS=1&rV=0&v=1.4.1
IP 52.19.30.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/beacon.gif?id=587c9d1971a183207f0f58cd&sAW=1280&sAH=1002&bIW=1280&bIH=939&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=93&cE=159&dLE=93&dLS=53&fS=50&hS=104&rE=-1&rS=-1&reS=159&resS=250&resE=268&uEE=-1&uES=-1&dL=259&dI=695&dCLES=723&dCLEE=734&dC=1705&lES=1705&lEE=1801&s=nt&title=Online%20CFD-handel%20%7C%20Handle%20markedene%20%7C%20Plus500&path=https%3A%2F%2Fwww.plus500.com%2Fno%2F&ref=https%3A%2F%2Fwww.bitcoin-kopen.com%2F&sId=8mr9ruzw&sST=1664440553&sIS=1&rV=0&v=1.4.1 HTTP/1.1
Host: rum-collector-2.pingdom.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.plus500.com
Connection: keep-alive
Referer: https://www.plus500.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 29 Sep 2022 08:35:56 GMT
Expires: 0
Pragma: no-cache
Content-Length: 0
Connection: keep-alive
www.bitcoin-kopen.com/meet-uit.php?wlink=13&wzo=WEkHGw5xSay4vTEC&rdk=rk3
37.97.223.62200 OK 0 B URL HTTP/2 www.bitcoin-kopen.com/meet-uit.php?wlink=13&wzo=WEkHGw5xSay4vTEC&rdk=rk3
IP 37.97.223.62:0
GET /meet-uit.php?wlink=13&wzo=WEkHGw5xSay4vTEC&rdk=rk3 HTTP/1.1
Host: www.bitcoin-kopen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.bitcoin-kopen.com/bitcoin/
37.97.223.62200 OK 0 B URL HTTP/2 www.bitcoin-kopen.com/bitcoin/
IP 37.97.223.62:0
POST /bitcoin/ HTTP/1.1
Host: www.bitcoin-kopen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://www.bitcoin-kopen.com
Connection: keep-alive
Referer: https://www.bitcoin-kopen.com/meet-uit.php?wlink=13&wzo=WEkHGw5xSay4vTEC&rdk=rk3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.bitcoin-kopen.com/meten/klik.php
37.97.223.62302 Found 0 B URL HTTP/2 www.bitcoin-kopen.com/meten/klik.php
IP 37.97.223.62:0
POST /meten/klik.php HTTP/1.1
Host: www.bitcoin-kopen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 77
Origin: https://www.bitcoin-kopen.com
Connection: keep-alive
Referer: https://www.bitcoin-kopen.com/bitcoin/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 29 Sep 2022 08:35:54 GMT
content-type: text/html; charset=UTF-8
location: https://www.plus500.com/no/?id=112372&pl=2
x-powered-by: PHP/7.3.33, PleskLin
X-Firefox-Spdy: h2
cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/img/iPhone-transperent.webp
192.229.220.58200 OK 0 B URL HTTP/2 cdn-main.plus500.com/1.0.0.105560/Resources/Images/newhome/img/iPhone-transperent.webp
IP 192.229.220.58:0
GET /1.0.0.105560/Resources/Images/newhome/img/iPhone-transperent.webp HTTP/1.1
Host: cdn-main.plus500.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-main.plus500.com/1.0.0.105560/Resources/CSS/style-homepage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 212274
alt-svc: clear
cache-control: public,max-age=2419200
content-type: image/webp
date: Thu, 29 Sep 2022 08:35:55 GMT
etag: "1dd01c7bc0a4d81:0"
last-modified: Sun, 31 Jul 2022 09:32:41 GMT
server: ECAcc (ska/F76F)
strict-transport-security: max-age=31536000
x-cache: HIT
x-xss-protection: 1; mode=block
content-length: 53092
X-Firefox-Spdy: h2