r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7441
Expires: Tue, 06 Dec 2022 05:54:36 GMT
Date: Tue, 06 Dec 2022 03:50:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1717
Cache-Control: max-age=112161
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:35 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:59:56 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16486
Expires: Tue, 06 Dec 2022 08:25:21 GMT
Date: Tue, 06 Dec 2022 03:50:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 03:20:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1814
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Cko+3nCTn340udcJMGS32EtZ9ZIBppvscV6imv5qFMLwnDHElfqWd/aTS+oJRBDSjelYseznhRM=
x-amz-request-id: K07QER9EB9SBE4NT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 03:48:46 GMT
age: 109
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
mkkuei4kdsz.com/270/858.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/270/858.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /270/858.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 06 Dec 2022 03:50:35 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 03:50:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5847
Cache-Control: max-age=151915
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:35 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:30 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 03:50:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15742339
expires: Sun, 26 Nov 2023 03:50:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U10UPvUGyE9RimHbmp9rjKwLDOcvLyQly%2BckLqxjw2ARzqzzfyhoRQOIGohtjIwpW5Vd%2FEuAugHCDPNGWlr3nWytHNU8488ZaxP8flsiqZo6X5agAB9zkNeW%2BlABrJdBGLXwZi0q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77520eea7d250b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5847
Cache-Control: max-age=151915
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:35 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:30 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b1a840eba42dcfa72d3e2786ba2dd4f5
8517a73f72784c64445274c47c7a5b3adb50bdb4
8e3c803c1a2287f39f626151d6293ad860f15aafb2e004beb589205b0b92219e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8E3C803C1A2287F39F626151D6293AD860F15AAFB2E004BEB589205B0B92219E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=551
Expires: Tue, 06 Dec 2022 03:59:47 GMT
Date: Tue, 06 Dec 2022 03:50:36 GMT
Connection: keep-alive
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/270/858.html
104.26.11.61200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/270/858.html
IP 104.26.11.61:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/270/858.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 03:50:36 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDJbRdWLvm0HsJu7HfOeHmJT0boIMYKkU2Kunc0nC8v9w0nDS%2B2bcHQe4F9HzMQEEoYYEWQU%2Fyv1A45TopYNNBA4q3EGeee9Nuu65Ro%2Bm158b2NMn0KW4lrBbRaN7TQpc20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77520eeb4f3d0b55-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 03:08:58 GMT
cache-control: public,max-age=3600
age: 2498
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1698
Cache-Control: max-age=107074
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:36 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:35:10 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1cR04nwbB3dUBw7bCcuOaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5TJf0Kmig3nDkqqXXmRjm+X6p1M=
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Hash d8b40de2a1a9119c30bf73245b778e34
88d3174aac20adbce8228763c7b5fb926b09fb9d
0835a7bec115bc03f8b0d9833e0111dc247ab6f9b62c804b0f2ff0f614f56c98
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 06 Dec 2022 03:50:36 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Tue, 06 Dec 2022 03:50:36 GMT
x-cache-miss-from: parking-d7dbd8c4d-hwmjh
server: NginX
content-encoding: gzip
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI5ODYzNjQzZDE1NWJkYTNjNzQyNzNjYTFhMjc2YzE2NWMyNDll&crc=48202010b1abf0b2acc27a7c4c6527b3e9d57e17&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI5ODYzNjQzZDE1NWJkYTNjNzQyNzNjYTFhMjc2YzE2NWMyNDll&crc=48202010b1abf0b2acc27a7c4c6527b3e9d57e17&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDI5ODYzNjQzZDE1NWJkYTNjNzQyNzNjYTFhMjc2YzE2NWMyNDll&crc=48202010b1abf0b2acc27a7c4c6527b3e9d57e17&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Tue, 06 Dec 2022 03:50:37 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-565j6
server: NginX
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 03:50:37 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Tue, 13 Dec 2022 03:50:37 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: a358906b8234185d62367ca0b53ae319
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DW15CbfvwGCg_0&v=YjFlZTA5MzAzZmU4MjNmOTc2MmYzNDU5MWYwMjJmZTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZWJjMGM2OGMyODIuNjE4NDYzMTkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGViYzBjNjhjNTM2LjY0NDQ1OTg0CTE2NzAyOTg2MzYJYWRfNjNfMA==&l=OAkzY2Q1ZDM5MmZjNjYyMDAzZGI4YTE0MTNkZjUxYjU5MwkwCTM1CTAJZGEwMzkwOGNjZmNmNDgzZjZkMDNiMzJlNDYxOTJkZjYJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyOTg2MzYJMC4wMDAyNTQJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DW15CbfvwGCg_0&v=YjFlZTA5MzAzZmU4MjNmOTc2MmYzNDU5MWYwMjJmZTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZWJjMGM2OGMyODIuNjE4NDYzMTkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGViYzBjNjhjNTM2LjY0NDQ1OTg0CTE2NzAyOTg2MzYJYWRfNjNfMA==&l=OAkzY2Q1ZDM5MmZjNjYyMDAzZGI4YTE0MTNkZjUxYjU5MwkwCTM1CTAJZGEwMzkwOGNjZmNmNDgzZjZkMDNiMzJlNDYxOTJkZjYJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyOTg2MzYJMC4wMDAyNTQJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DW15CbfvwGCg_0&v=YjFlZTA5MzAzZmU4MjNmOTc2MmYzNDU5MWYwMjJmZTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZWJjMGM2OGMyODIuNjE4NDYzMTkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGViYzBjNjhjNTM2LjY0NDQ1OTg0CTE2NzAyOTg2MzYJYWRfNjNfMA==&l=OAkzY2Q1ZDM5MmZjNjYyMDAzZGI4YTE0MTNkZjUxYjU5MwkwCTM1CTAJZGEwMzkwOGNjZmNmNDgzZjZkMDNiMzJlNDYxOTJkZjYJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyOTg2MzYJMC4wMDAyNTQJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 06 Dec 2022 03:50:37 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 06 Dec 2022 03:50:37 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DW15CbfvwGCg_0&v=YjFlZTA5MzAzZmU4MjNmOTc2MmYzNDU5MWYwMjJmZTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZWJjMGM2OGMyODIuNjE4NDYzMTkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGViYzBjNjhjNTM2LjY0NDQ1OTg0CTE2NzAyOTg2MzYJYWRfNjNfMA==&l=OAkzY2Q1ZDM5MmZjNjYyMDAzZGI4YTE0MTNkZjUxYjU5MwkwCTM1CTAJZGEwMzkwOGNjZmNmNDgzZjZkMDNiMzJlNDYxOTJkZjYJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyOTg2MzYJMC4wMDAyNTQJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-d7dbd8c4d-hwmjh
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DW15CbfvwGCg_0&v=YjFlZTA5MzAzZmU4MjNmOTc2MmYzNDU5MWYwMjJmZTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZWJjMGM2OGMyODIuNjE4NDYzMTkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGViYzBjNjhjNTM2LjY0NDQ1OTg0CTE2NzAyOTg2MzYJYWRfNjNfMA==&l=OAkzY2Q1ZDM5MmZjNjYyMDAzZGI4YTE0MTNkZjUxYjU5MwkwCTM1CTAJZGEwMzkwOGNjZmNmNDgzZjZkMDNiMzJlNDYxOTJkZjYJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyOTg2MzYJMC4wMDAyNTQJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DW15CbfvwGCg_0&v=YjFlZTA5MzAzZmU4MjNmOTc2MmYzNDU5MWYwMjJmZTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZWJjMGM2OGMyODIuNjE4NDYzMTkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGViYzBjNjhjNTM2LjY0NDQ1OTg0CTE2NzAyOTg2MzYJYWRfNjNfMA==&l=OAkzY2Q1ZDM5MmZjNjYyMDAzZGI4YTE0MTNkZjUxYjU5MwkwCTM1CTAJZGEwMzkwOGNjZmNmNDgzZjZkMDNiMzJlNDYxOTJkZjYJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyOTg2MzYJMC4wMDAyNTQJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 974fb51622a83c9cbde4df767cda75ef
4f5097cb133b88392710771aea40e1930e01ee2a
f7aaf1fdb769f4c13ad009c9b0856ab6060c9812b443d64f37714afae6034ae9
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DW15CbfvwGCg_0&v=YjFlZTA5MzAzZmU4MjNmOTc2MmYzNDU5MWYwMjJmZTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4ZWJjMGM2OGMyODIuNjE4NDYzMTkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGViYzBjNjhjNTM2LjY0NDQ1OTg0CTE2NzAyOTg2MzYJYWRfNjNfMA==&l=OAkzY2Q1ZDM5MmZjNjYyMDAzZGI4YTE0MTNkZjUxYjU5MwkwCTM1CTAJZGEwMzkwOGNjZmNmNDgzZjZkMDNiMzJlNDYxOTJkZjYJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAyOTg2MzYJMC4wMDAyNTQJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 06 Dec 2022 03:50:37 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 06 Dec 2022 03:50:37 GMT
location: http://xml.sedodna.com/click?i=W15CbfvwGCg_0
x-cache-miss-from: parking-d7dbd8c4d-hwmjh
server: NginX
xml.sedodna.com/click?i=W15CbfvwGCg_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=W15CbfvwGCg_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=W15CbfvwGCg_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqSeG-yrtYvEbLpKmJ40PmG_UD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkg638DE1NQX1eJPZxJStTL8nhbhYlOSRV_cZ0qXEcoWZ_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GQiJNfcJgmbalpwqksumJR1-2ztKA1AgX0mrkXz5LRCfmLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_TdMgSsO8Lq_DPnZ6asMmh3atSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGtSIJC_waxMuvfeeFOAHh6614Hy3Z3MbWwYPJt1ELca5UQRY0TtFcDQO7LAO69-2kP5uEZKpx94FzsJHRIrqbKIGv77NH2YFBdic8Isl2UhbjRTBdg5sZN0rtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLLvcoaWj5pHSBjmyS50gCOK89pKHHKrG6aDXHbFpWmiFIcp9Cn3GxNLuvWRJjpu5nGmHOud34YPVrXtVVrcM9JHHuLOFQJKBnUG4q32-rj2BRCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16513
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 03:50:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16513
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 03:50:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16513
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 03:50:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16513
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 03:50:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: El70-nSITf6MuEV19s_OMrwTcWIKO-u4JsghVUSzolero071AVGvjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:38:28 GMT
age: 22329
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 19695
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i6QasBBRK9APW19sH0DdOipvUJA3gWj0CAMTzt7ejRCOk_V2psz-Xw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:47 GMT
age: 21890
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: d80a0dd7-01ec-4801-a5b5-6a1b01eb1944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csTMSHsyoAMF6BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6581-177e519d6dbd1875555b0961;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:41:21 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KmaWXiNE4GPEU9-X5rhVcEsUak4C9m-mjdTCdFUFCPFj8f2uGwCvcQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
age: 21825
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GgMHlvU3WIDYMF9fmZAajw_Y3zmPm2zojn7FTqgqtBj7e4qeu8Uokg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:05:53 GMT
age: 20684
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 608271b2522dc7e726dd2ad4af7ffe02
8182a51b3060e7b6ffaf840c1c2ef50ab06abd10
dde60941a5eec5a314d4c7c7303188769ae810d9f84ba9ae9f088d0d107f59a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8424
x-amzn-requestid: 52481098-a257-4529-b85a-094d2bf39871
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuYEdKIAMFc9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-2b1f26e951823d4f1cd2507d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cq7s5taxMAwOO4vq776dk4842DfboBgSx5FnNfK2Ilcn8evZYaTfGQ==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "8182a51b3060e7b6ffaf840c1c2ef50ab06abd10"
content-type: image/jpeg
age: 21825
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8cff693ee9c762244ede97dd8fcd747a
502f6f4bf0484b95b1a1339077d6fd9df5aced9e
99e344ff76e45b61c748a61cd60c67aff303ffc62e6e5a1e679f59d66c0a15da
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 03:50:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 19:25:46 GMT
Expires: Sun, 11 Dec 2022 19:25:45 GMT
Etag: "502f6f4bf0484b95b1a1339077d6fd9df5aced9e"
Cache-Control: max-age=487507,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77520ef5f9b8b51b-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqSeG-yrtYvEbLpKmJ40PmG_UD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkg638DE1NQX1eJPZxJStTL8nhbhYlOSRV_cZ0qXEcoWZ_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GQiJNfcJgmbalpwqksumJR1-2ztKA1AgX0mrkXz5LRCfmLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_TdMgSsO8Lq_DPnZ6asMmh3atSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGtSIJC_waxMuvfeeFOAHh6614Hy3Z3MbWwYPJt1ELca5UQRY0TtFcDQO7LAO69-2kP5uEZKpx94FzsJHRIrqbKIGv77NH2YFBdic8Isl2UhbjRTBdg5sZN0rtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLLvcoaWj5pHSBjmyS50gCOK89pKHHKrG6aDXHbFpWmiFIcp9Cn3GxNLuvWRJjpu5nGmHOud34YPVrXtVVrcM9JHHuLOFQJKBnUG4q32-rj2BRCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n
108.168.193.189302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqSeG-yrtYvEbLpKmJ40PmG_UD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkg638DE1NQX1eJPZxJStTL8nhbhYlOSRV_cZ0qXEcoWZ_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GQiJNfcJgmbalpwqksumJR1-2ztKA1AgX0mrkXz5LRCfmLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_TdMgSsO8Lq_DPnZ6asMmh3atSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGtSIJC_waxMuvfeeFOAHh6614Hy3Z3MbWwYPJt1ELca5UQRY0TtFcDQO7LAO69-2kP5uEZKpx94FzsJHRIrqbKIGv77NH2YFBdic8Isl2UhbjRTBdg5sZN0rtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLLvcoaWj5pHSBjmyS50gCOK89pKHHKrG6aDXHbFpWmiFIcp9Cn3GxNLuvWRJjpu5nGmHOud34YPVrXtVVrcM9JHHuLOFQJKBnUG4q32-rj2BRCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n
IP 108.168.193.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqSeG-yrtYvEbLpKmJ40PmG_UD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkg638DE1NQX1eJPZxJStTL8nhbhYlOSRV_cZ0qXEcoWZ_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GQiJNfcJgmbalpwqksumJR1-2ztKA1AgX0mrkXz5LRCfmLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_TdMgSsO8Lq_DPnZ6asMmh3atSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGtSIJC_waxMuvfeeFOAHh6614Hy3Z3MbWwYPJt1ELca5UQRY0TtFcDQO7LAO69-2kP5uEZKpx94FzsJHRIrqbKIGv77NH2YFBdic8Isl2UhbjRTBdg5sZN0rtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLLvcoaWj5pHSBjmyS50gCOK89pKHHKrG6aDXHbFpWmiFIcp9Cn3GxNLuvWRJjpu5nGmHOud34YPVrXtVVrcM9JHHuLOFQJKBnUG4q32-rj2BRCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 03:50:38 GMT
content-length: 0
set-cookie: rhid=82500392651; Max-Age=15552000; Expires=Sun, 04-Jun-2023 03:50:38 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p201298.mybettermb.com/adServe/domainClick?ai=LyBVgUe5lplnDYVH6EgfSGSZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF7a3iDM50AUy15CcQxoHLXkbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-Sbse4s4VAkoGd6KhMYRrNbaSOF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_nsCKidNDxuV5s&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukPHuLOFQJKBnanEV2_AwS6h-aQ7y0U36nX5Y7ugM580FOeEj8aU6D0lmgoOMlJQzH_79M2ktb9mTg&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
brilliantsparklers.com/redirect-simple?ci=208&c=no&m_c_r=best
137.74.65.6200 OK 1.8 kB URL HTTP/2 brilliantsparklers.com/redirect-simple?ci=208&c=no&m_c_r=best
IP 137.74.65.6:0
Hash 3af147edb762cef720dcd883bf944249
b36f7297155d0d63567e6cb8aa8e8472ef981e02
c43749156b1b3cbe054c627983b45924a13f2d3edb212644f99ee6d669efeb38
GET /redirect-simple?ci=208&c=no&m_c_r=best HTTP/1.1
Host: brilliantsparklers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 06 Dec 2022 03:50:38 GMT
content-type: text/html; charset=UTF-8
x-frame-options: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29564, version 1.0\012- data
Hash 1b66ccb164151a6cf698667c8b570cc6
f5617a0f087645703c874453960be6382c8a7427
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
GET /s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://brilliantsparklers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:31:43 GMT
expires: Fri, 01 Dec 2023 12:31:43 GMT
cache-control: public, max-age=31536000
age: 400735
last-modified: Tue, 19 Apr 2022 17:55:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
brilliantsparklers.com/favicon.ico
137.74.65.6404 Not Found 132 B URL HTTP/2 brilliantsparklers.com/favicon.ico
IP 137.74.65.6:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3d06c0eef8d0d7b16c06a4d59d7b9a8a
f1b09ab082acf6c0cc7208e344eb3f6619c49cf9
648d8e644dcbdc4ec115a30bd51d8054071891a3e4971aee01963f1cb17fb4ca
GET /favicon.ico HTTP/1.1
Host: brilliantsparklers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://brilliantsparklers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.14.2
date: Tue, 06 Dec 2022 03:50:38 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2
trx.dgtrk2.com/aff_c?offer_id=6399&aff_id=6132&aff_sub=v030400010852392426bc8d724ebcabac4bbbf90162b6&aff_sub2=e8163aa776dd41118af791b3cddacb52
34.247.62.153302 Found 388 B URL HTTP/1.1 trx.dgtrk2.com/aff_c?offer_id=6399&aff_id=6132&aff_sub=v030400010852392426bc8d724ebcabac4bbbf90162b6&aff_sub2=e8163aa776dd41118af791b3cddacb52
IP 34.247.62.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a78629044a451b1190594ce6890cf73
04774bdedea5355929b1386d4041dcea8839da82
9dfe3efab5872bffaa3dd6991bdba9f7cc3db41a5f9acfefaa6294c923f4181c
GET /aff_c?offer_id=6399&aff_id=6132&aff_sub=v030400010852392426bc8d724ebcabac4bbbf90162b6&aff_sub2=e8163aa776dd41118af791b3cddacb52 HTTP/1.1
Host: trx.dgtrk2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 03:50:39 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 388
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: /aff_r?offer_id=6399&aff_id=6132&url=https%3A%2F%2Fprf.hn%2Fclick%2Fcamref%3A1011l9KyP%2Fpubref%3A6132-6399-102dec029fd61a402ee2ca5016684f%2Fadref%3A6132&urlauth=507908238623671390458306624273
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_6399=ENC0371d7e259b8d13f6cbed4a2bfb673d1c909dadcac501f908b85f337eba9a94945c000dd69bb91cfe3f5c681db0c7fadb85819ac350cbe9df214ba4af165a83e4c73999e1a4f344cb665154a2cc1225041450762bf76c48d5a6e5834e8458ad0ad59205d682b063ef97af853c620a87db63947301849ba9b67f5a566f6076d390ef32c287801398637a2808e59fd892e9252a6994e5dce1bdc788852f602f39c7a0ceb2d749ff5b268dbb7c0a2aa5a0a1993f5424449b61a887318ce8f2dbf8da0131e2534; expires=Fri, 06 Jan 2023 03:50:39 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Thu, 30 Oct 2025 14:30:39 GMT; path=/; SameSite=None; Secure
Tracking_id: 102dec029fd61a402ee2ca5016684f
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: e8613161d96e689874868a33158be7fc
Access-Control-Allow-Headers: Tune-SDK-Version
trx.dgtrk2.com/aff_r?offer_id=6399&aff_id=6132&url=https%3A%2F%2Fprf.hn%2Fclick%2Fcamref%3A1011l9KyP%2Fpubref%3A6132-6399-102dec029fd61a402ee2ca5016684f%2Fadref%3A6132&urlauth=507908238623671390458306624273
34.247.62.153302 Found 280 B URL HTTP/1.1 trx.dgtrk2.com/aff_r?offer_id=6399&aff_id=6132&url=https%3A%2F%2Fprf.hn%2Fclick%2Fcamref%3A1011l9KyP%2Fpubref%3A6132-6399-102dec029fd61a402ee2ca5016684f%2Fadref%3A6132&urlauth=507908238623671390458306624273
IP 34.247.62.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7ac9f714ab6395904d706332ca201b9f
7eb4b2db88de45a8c89cf70edeaf820d5373b23e
fae640d4d3178829cc092eab310041fbef01cbbb80b41b71c1fd3b63f500fbe8
GET /aff_r?offer_id=6399&aff_id=6132&url=https%3A%2F%2Fprf.hn%2Fclick%2Fcamref%3A1011l9KyP%2Fpubref%3A6132-6399-102dec029fd61a402ee2ca5016684f%2Fadref%3A6132&urlauth=507908238623671390458306624273 HTTP/1.1
Host: trx.dgtrk2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Dec 2022 03:50:39 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 280
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://prf.hn/click/camref:1011l9KyP/pubref:6132-6399-102dec029fd61a402ee2ca5016684f/adref:6132
Pragma: no-cache
Access-Control-Allow-Origin: *
X-Request-Id: 19102d130fbb08c62e4343d8b011773d
Access-Control-Allow-Headers: Tune-SDK-Version
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5d5476675ae881c4cbe7a9dc175336dc
160d8764dfc795a5b18c877d3f5b419122ac481b
876d97561f8e8200a20838daf5692c1ecb55e320529ba3116478575143b66f7a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 03:50:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 16:02:03 GMT
Expires: Sun, 11 Dec 2022 16:02:02 GMT
Etag: "160d8764dfc795a5b18c877d3f5b419122ac481b"
Cache-Control: max-age=475282,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77520eff6e3cb51b-OSL
prf.hn/click/camref:1011l9KyP/pubref:6132-6399-102dec029fd61a402ee2ca5016684f/adref:6132
5.150.170.5302 Moved Temporarily 0 B URL HTTP/1.1 prf.hn/click/camref:1011l9KyP/pubref:6132-6399-102dec029fd61a402ee2ca5016684f/adref:6132
IP 5.150.170.5:0
ASN #31151 Performance Horizon Group Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click/camref:1011l9KyP/pubref:6132-6399-102dec029fd61a402ee2ca5016684f/adref:6132 HTTP/1.1
Host: prf.hn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 06 Dec 2022 03:50:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR PSAa PSDa OUR IND UNI"
Set-Cookie: tPHG-PS=1011l8230805175; expires=Wednesday, 06-Dec-2023 03:50:39 UTC; path=/; domain=.prf.hn; SameSite=None; Secure
Location: https://www.f-secure.com/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b159fdabe241a0f38997a068b31c58a
e97bd85cc2e0a389a07ffbe17f990678cb0955d5
3a825294334cd38686b167d31f0226c236f254228f159a12ade3c3b545dfa0d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 304
Cache-Control: max-age=164027
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:39 GMT
Etag: "638e989a-1d7"
Expires: Thu, 08 Dec 2022 01:24:26 GMT
Last-Modified: Tue, 06 Dec 2022 01:19:22 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.f-secure.com/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
2.22.239.226302 Found 335 B URL HTTP/2 www.f-secure.com/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2b20c87da831d83783472eb10ec505e9
7c72e85339adc84cfd945f5b4b20231eb56c4cd0
49b50b36197edb01fae9620bbaf38dfdb41fb4b84e20185fc52c3e063f3cc93b
GET /home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=iso-8859-1
location: https://www.f-secure.com/geos/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
server: Apache
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 335
cache-control: no-cache
date: Tue, 06 Dec 2022 03:50:39 GMT
set-cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF;PATH=/;MAX-AGE=900
AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF;PATH=/;MAX-AGE=900;SECURE;SAMESITE=None
country=NO; path=/; domain=f-secure.com
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/geos/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
2.22.239.226302 Found 333 B URL HTTP/2 www.f-secure.com/geos/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3236b851124400bcbd07494f2b1c2ef7
bfba7247a0c5e7f468a31590e3cdddccadcdfa14
e4e795af7953debfecd865939ec3c143bcc50b3c885b35d441f96f1603f5f06b
GET /geos/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=iso-8859-1
location: https://www.f-secure.com/no/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
server: Apache
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 333
date: Tue, 06 Dec 2022 03:50:39 GMT
set-cookie: country=NO; path=/; domain=f-secure.com
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/no/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
2.22.239.226301 Moved Permanently 0 B URL HTTP/2 www.f-secure.com/no/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
IP 2.22.239.226:0
ASN #1299 Telia Company AB
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/home?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
expires: Tue, 06 Dec 2022 03:50:39 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Dec 2022 03:50:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
2.22.239.226200 OK 42 kB URL HTTP/2 www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2335), with CRLF, LF line terminators
Hash fc78e4846f5ff009c6b4916d56dbb540
228533e5786e69a86f1759aa6f8797ed94bf0186
25386d18874af2f75eabaa4f33cc1bd799a0daef1366133eb04ca0339927aa62
GET /no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
content-type: text/html;charset=utf-8
last-modified: Mon, 05 Dec 2022 14:00:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
x-xss-protection: 1; mode=block
content-length: 42411
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
set-cookie: country=NO; path=/; domain=f-secure.com
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSDisplayWeb-Bold.woff2
2.22.239.226200 OK 18 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSDisplayWeb-Bold.woff2
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Web Open Font Format (Version 2), CFF, length 18336, version 1.0\012- data
Hash 26eb46a36f9ab9eb71ed8e86585b11bb
330e8c282c4b0879ad8de21256d76a14731c8c35
7fe2a3bd681989c1fe2165803d27a2045eda7607b5f858e7c17a5a0713896a35
GET /etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSDisplayWeb-Bold.woff2 HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/octet-stream
last-modified: Thu, 16 Aug 2018 11:09:32 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 18359
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 41b21107a15728358c45f5a88bcce637
41b21c67b6b5ec022a1ca43d58456d8afbc75aae
ca9003a5eead1f61548695b3d07fe4444d76e76a48128fbb1ac80cc6c1f2bb9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4367
Cache-Control: max-age=108660
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:40 GMT
Etag: "638db075-2d7"
Expires: Wed, 07 Dec 2022 10:01:40 GMT
Last-Modified: Mon, 05 Dec 2022 08:48:53 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 727
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Regular.woff2
2.22.239.226200 OK 24 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Regular.woff2
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Web Open Font Format (Version 2), CFF, length 24264, version 1.0\012- data
Hash 91f7daae9bbd9b2c5f6934553f6abf5d
e17c557f9272adaa4b63d0beb93f48232696a8a0
603189b937c2945409d6786bfad35a13ff8453ae1e605cc4c4cee15bfd95106d
GET /etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Regular.woff2 HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/octet-stream
last-modified: Thu, 16 Aug 2018 11:09:32 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 24287
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NJ2ZKGC&l=fsData
142.250.74.168200 OK 98 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NJ2ZKGC&l=fsData
IP 142.250.74.168:0
File type ASCII text, with very long lines (30355)
Hash cb27288a59d493ed32ad961d2b4bbe59
3d65d5b0df0b28c6b02379f6c9139d01a2d7ac23
9c744eb667f30047fedb15c11baafe88995a13ede419f3fc96311452d9f6b804
GET /gtm.js?id=GTM-NJ2ZKGC&l=fsData HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 03:50:40 GMT
expires: Tue, 06 Dec 2022 03:50:40 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97777
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Light.woff2
2.22.239.226200 OK 25 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Light.woff2
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Web Open Font Format (Version 2), CFF, length 25188, version 1.0\012- data
Hash 1115f3cd804600df1c0c4fb2e8b7bfba
2ba5315ca45ed0d503ceb1dbfe88efb9243e4259
09548b92c5dcb4630c736b901a3a7e40c6daac4abbe4bc8f23d82f1486ca6c39
GET /etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Light.woff2 HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/octet-stream
last-modified: Mon, 14 Jan 2019 11:32:58 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 25211
unused62: 8096267
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
addsearch.com/js/?key=6156eca05ef73cc2babc21da4a20c344&categories=1xno
99.80.22.109200 OK 734 B URL HTTP/1.1 addsearch.com/js/?key=6156eca05ef73cc2babc21da4a20c344&categories=1xno
IP 99.80.22.109:0
File type ASCII text, with very long lines (617)
Hash 3e4b981fa9b620d1aa1f32633a8bae72
73655c169451746e0145048aba46ace6e5dfcaa8
bc1c1925ec2435db19751d1330fc295b97be5296ed2ac8069b3748a5c56288ae
GET /js/?key=6156eca05ef73cc2babc21da4a20c344&categories=1xno HTTP/1.1
Host: addsearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 03:50:40 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 734
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubdomains;
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main.min.f0b82efc07da2901d5b950c162b4fc6c.css
2.22.239.226200 OK 26 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main.min.f0b82efc07da2901d5b950c162b4fc6c.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type assembler source, ASCII text, with very long lines (438)
Hash c40c98e28d06ffcdc16e0ed0526c26a4
44143925fe2c0d320954d6cb59abcea3592264ef
e257e8bcac7686069e607d4a0d61a59d8f5c6f1bc28dd5b688d1db8233c7e554
GET /etc.clientlibs/f-secure/clientlibs/main.min.f0b82efc07da2901d5b950c162b4fc6c.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Thu, 30 Jun 2022 17:11:22 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 26541
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/footer/v2/footer/clientlibs.min.7e53256eef5a245bbf8efa6602c77876.css
2.22.239.226200 OK 924 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/footer/v2/footer/clientlibs.min.7e53256eef5a245bbf8efa6602c77876.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (357)
Hash 13929c5c41c0b29a4fecc0eee46ba6ff
e2d324987e562c12ed40523792bb8d22593d33a4
f5eff52f2ad74edae646034b6b6ebf853e741101d4c50dffc3d25ed5966827d7
GET /etc.clientlibs/f-secure/components/structure/footer/v2/footer/clientlibs.min.7e53256eef5a245bbf8efa6602c77876.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Wed, 05 Oct 2022 12:46:30 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 924
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/fsg-icon-regular.woff2
2.22.239.226200 OK 112 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/fsg-icon-regular.woff2
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Web Open Font Format (Version 2), TrueType, length 111560, version 1.0\012- data
Size 112 kB (111574 bytes)
Hash 48547f748e133c2b975e98bf5baaf3ea
4384b18e595043daa87a8ddbc493918d57dccb06
f8cac6b655fb3dd9e0f03d48519a09d40c60e5cf85b8b8e1d166f82e003ab1c0
GET /etc.clientlibs/f-secure/clientlibs/main/resources/fonts/fsg-icon-regular.woff2 HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/octet-stream
last-modified: Tue, 16 Nov 2021 13:47:04 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 111574
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Bold.woff2
2.22.239.226200 OK 25 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Bold.woff2
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Web Open Font Format (Version 2), CFF, length 25004, version 1.0\012- data
Hash d4bec5476d95789d26493386591b167c
3fb93a8895d04da6f0c42387a4f9c09ce2a689e0
f655969855b8aa92ab0dac5142c754cc59b28840141f3caf1e9897dee2ce9499
GET /etc.clientlibs/f-secure/clientlibs/main/resources/fonts/FSSansWeb-Bold.woff2 HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/octet-stream
last-modified: Thu, 16 Aug 2018 11:09:32 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 25027
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/footer/v1/footer/clientlibs.min.f8d0a26133ec5d93f74de45ddd81e670.css
2.22.239.226200 OK 1.0 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/footer/v1/footer/clientlibs.min.f8d0a26133ec5d93f74de45ddd81e670.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (396)
Hash 992f56fce2896050296de299782051a0
1a9d213a687afd4c09d620643166456042adbd61
1a8fb67251461cf99ea8df9d617827351de4ad29be5f287ec5fa15397c3c9ea4
GET /etc.clientlibs/f-secure/components/structure/footer/v1/footer/clientlibs.min.f8d0a26133ec5d93f74de45ddd81e670.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Thu, 15 Apr 2021 05:49:42 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 1014
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/content/socialMediaIcons/v1/socialMediaIcons/clientlibs.min.c93777f6495ef9ec431d9eec67afb304.css
2.22.239.226200 OK 208 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/content/socialMediaIcons/v1/socialMediaIcons/clientlibs.min.c93777f6495ef9ec431d9eec67afb304.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
Hash 9455fd0034a4fa68634415dbe7d8a488
0140ce15806e936124084f2910e881b834260046
cf818be0a66e7747b85204ca4c7ad938bbae27b874204ac4e176a7c273d96719
GET /etc.clientlibs/f-secure/components/content/socialMediaIcons/v1/socialMediaIcons/clientlibs.min.c93777f6495ef9ec431d9eec67afb304.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Wed, 02 Sep 2020 11:42:53 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 208
unused62: 8096267
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/newsletter/v1/newsletter/clientlibs.min.2ebf5f4505f0f546a98800e07e6f868e.css
2.22.239.226200 OK 311 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/newsletter/v1/newsletter/clientlibs.min.2ebf5f4505f0f546a98800e07e6f868e.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (321)
Hash 877589afed85663b8653087ce859e3cc
1f6777d50abb5a34fe355006f82544ae4cf37d50
da6bd4a2f554d03261d33ea26d5a28a7d57731102bb6f97246e823f256167b2c
GET /etc.clientlibs/f-secure/components/structure/newsletter/v1/newsletter/clientlibs.min.2ebf5f4505f0f546a98800e07e6f868e.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Mon, 28 Feb 2022 13:37:02 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 311
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/react/common.min.068e211b37b3e4aecf7049466f16b422.js
2.22.239.226200 OK 56 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/react/common.min.068e211b37b3e4aecf7049466f16b422.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (575)
Hash 8fdd1740f73b6f0ad2e0753dafc07e36
1ef57c465db25cfe29e259c3fd2cfb3bf63ac2b4
6f3f5790205909fb4bc7e645a4f652304978f5fa2ba9268baf84ce8b6d32b10c
GET /etc.clientlibs/f-secure/clientlibs/react/common.min.068e211b37b3e4aecf7049466f16b422.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript;charset=utf-8
last-modified: Tue, 02 Nov 2021 13:10:43 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 55853
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/scripts/sections/ProductsNeutral-20220210.js
2.22.239.226200 OK 15 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/scripts/sections/ProductsNeutral-20220210.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Unicode text, UTF-8 text, with very long lines (44247)
Hash 113f9ed1e1470c771cdd10389feacfe5
21acf3d8d8f9b237a2647f03c0a268acfa865d19
866cfcf421e8eac6a992b6b9f639db6bc1f75f3c9fdbac2fc70084e06a73dc29
GET /content/dam/f-secure/en/consumer/scripts/sections/ProductsNeutral-20220210.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 10 Feb 2022 10:43:42 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 15299
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/scripts/sections/Articles-20220120.js
2.22.239.226200 OK 11 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/scripts/sections/Articles-20220120.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Unicode text, UTF-8 text, with very long lines (33749)
Hash fe89503cd3354b342c68991d54d71fc0
298ad1baf50d6169fb158f7527f0c0f30221dff1
7ff66b6224bbeae764ace4c08b93961860ea77c94135b4187587163d8aa3e31a
GET /content/dam/f-secure/en/consumer/scripts/sections/Articles-20220120.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 07:55:21 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 11407
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/scripts/sections/Tab-20220224.js
2.22.239.226200 OK 20 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/scripts/sections/Tab-20220224.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 2cafc53bb1a159132d8a3e11144a4354
c39d512e59961eb12314e5749d04b3f819294912
3eaab060fff51d51b55e90c2c405840651d7c1edc0d458198477b79ded27285c
GET /content/dam/f-secure/en/consumer/scripts/sections/Tab-20220224.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 24 Feb 2022 11:18:26 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 19923
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/scripts/sections/ValueStripe-20220301.js
2.22.239.226200 OK 7.3 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/scripts/sections/ValueStripe-20220301.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type Unicode text, UTF-8 text, with very long lines (14472), with LF, NEL line terminators
Hash a4e29850c429f78f28d07886cdd5ad83
9ad217125d043425febd6c4fbdd9a82d8c53f29b
b1dd89f928e6a8076d0b0b916c97bbedf487e97c4d5e95b94e74bbc0cff1fd3e
GET /content/dam/f-secure/en/consumer/scripts/sections/ValueStripe-20220301.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-encoding: gzip
content-type: application/javascript
last-modified: Tue, 01 Mar 2022 11:48:53 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 7282
unused62: 8096267
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/content/modal/v1/modal/clientlibs.min.6edfba9c47ed33e3b8de974ddd4a4fc2.css
2.22.239.226200 OK 503 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/content/modal/v1/modal/clientlibs.min.6edfba9c47ed33e3b8de974ddd4a4fc2.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
Hash b223215f38951b7c108e8465e7f33cd8
9ecde414ad564f35c66539ceca3e0b78abc5d827
b30cab4636a7c7391fbf8b0031be6b79a4dac0e3e34dd6a683c96b4ce93ef300
GET /etc.clientlibs/f-secure/components/content/modal/v1/modal/clientlibs.min.6edfba9c47ed33e3b8de974ddd4a4fc2.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Thu, 12 May 2022 16:21:44 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 503
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/countryNavigation/v1/countryNavigation/clientlibs.min.44425ae3b54a919739b3cb82a8f80144.css
2.22.239.226200 OK 3.7 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/countryNavigation/v1/countryNavigation/clientlibs.min.44425ae3b54a919739b3cb82a8f80144.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (4448)
Hash 7955d0ce08f8c4a4a4d65777aebacfea
01b49376793cdff8c53410b89b2df633315f7e07
7e647861d848c38c8454b69dd02dfce2440d9c75ef3089b1a2be54adf5c25184
GET /etc.clientlibs/f-secure/components/structure/countryNavigation/v1/countryNavigation/clientlibs.min.44425ae3b54a919739b3cb82a8f80144.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Mon, 28 Feb 2022 13:28:17 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 3735
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/header/v1/header/clientlibs.min.beca89b0e1c38f12e48a6bf46470caba.css
2.22.239.226200 OK 578 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/header/v1/header/clientlibs.min.beca89b0e1c38f12e48a6bf46470caba.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
Hash 24f9169a88469e0a9ecaf3a75d8edae9
0139831e1edb3f441185fd40d438de7aa23f6b5f
5c6a6b0ac038e54256cbba3df5e9fe0721e668af1ac1c8248da5085e759d9f53
GET /etc.clientlibs/f-secure/components/structure/header/v1/header/clientlibs.min.beca89b0e1c38f12e48a6bf46470caba.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Mon, 28 Feb 2022 13:37:03 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 578
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/siteSearch/v1/siteSearch/clientlibs.min.9bde4ff27961edfbfe091a8f94168a63.css
2.22.239.226200 OK 635 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/siteSearch/v1/siteSearch/clientlibs.min.9bde4ff27961edfbfe091a8f94168a63.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (502)
Hash ed14baa55cb43410478e4c9c1a84a10c
c7ac28725ed251faa6791d8a93d9ac9a9aa5364d
88c94226f9e4a6dce06c8b47c5c1fa80827f787ac37391f370caa2b705b17ded
GET /etc.clientlibs/f-secure/components/structure/siteSearch/v1/siteSearch/clientlibs.min.9bde4ff27961edfbfe091a8f94168a63.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Mon, 28 Feb 2022 13:28:16 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-vhost: publish
content-length: 635
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
addsearch.com/searchui/v3/?key=6156eca05ef73cc2babc21da4a20c344&i=
99.80.22.109200 OK 14 kB URL HTTP/1.1 addsearch.com/searchui/v3/?key=6156eca05ef73cc2babc21da4a20c344&i=
IP 99.80.22.109:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (55761)
Hash 1ae65a6ba8098588e7c36cab03d2b878
f4e5803b0667a963097c87be1aaa567e1652638d
b0697fbfc0fb2c610f93837832ddf57f089adcc20dbdd8b88870f411d2a182df
GET /searchui/v3/?key=6156eca05ef73cc2babc21da4a20c344&i= HTTP/1.1
Host: addsearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 03:50:40 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubdomains;
www.f-secure.com/etc.clientlibs/f-secure/components/structure/navigation/v1/navigation/clientlibs.min.955939910b41c219f8495085b280d5e5.css
2.22.239.226200 OK 3.0 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/navigation/v1/navigation/clientlibs.min.955939910b41c219f8495085b280d5e5.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (1252)
Hash d55b4acfafa0f23f7561d95a1662a5c2
5df8d734644b22544254c4f4a0ce4b4a5db91890
6ce560ac90bf683e3d2c7346cf7d3a75a81b32defefa305da254172b3d98641d
GET /etc.clientlibs/f-secure/components/structure/navigation/v1/navigation/clientlibs.min.955939910b41c219f8495085b280d5e5.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css;charset=utf-8
last-modified: Mon, 28 Feb 2022 13:37:03 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 2967
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/brand/logo/brand-logo-f-secure-white.svg
1.4 kB URL www.f-secure.com/content/dam/f-secure/en/brand/logo/brand-logo-f-secure-white.svg
IP :0
File type gzip compressed data, from Unix\012- data
Hash b30193d6e17925d5526a4c695afb45fd
ce13d2dc5657e6b064abd24eb142ac53b19efa10
da8e876e013fe8faf41b9bf9bddf50ca0fc18ba73b6ea04adacb899a4fe857e7
GET /content/dam/f-secure/en/brand/logo/brand-logo-f-secure-white.svg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
www.f-secure.com/content/dam/f-secure/en/frontpage/images/heroes/device-is-protected.png
2.22.239.226200 OK 57 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/frontpage/images/heroes/device-is-protected.png
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type PNG image data, 217 x 464, 8-bit/color RGBA, non-interlaced\012- data
Hash c53bf1ddf41af53fd704bafa81b1ca5f
b78f0e3674116a3f844d1b847b3eda779584423a
ead16732139d585ee0eb46b33eceb313ef7b5ec75ce53dacac9c9de66df1a131
GET /content/dam/f-secure/en/frontpage/images/heroes/device-is-protected.png HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/png
last-modified: Thu, 20 Jan 2022 06:45:31 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 57019
cache-control: no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main.min.723ae680ccddaf4c7c4ee53f15604935.js
2.22.239.226200 OK 2.4 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main.min.723ae680ccddaf4c7c4ee53f15604935.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (536)
Hash 96e7930ac66769a8bf2e2dc59d23f413
a70c41a9e34224e1b8722b6b637c42da8040d4c4
541d5e281eaf4a4d05201187dda392625f48fd7ec947bea3a18bc3038cf02c36
GET /etc.clientlibs/f-secure/clientlibs/main.min.723ae680ccddaf4c7c4ee53f15604935.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript;charset=utf-8
last-modified: Mon, 28 Feb 2022 13:28:15 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 2406
unused62: 8096267
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/footer/v1/footer/clientlibs.min.c38b3ff0fee469b2b72e9eb7b6b2c35e.js
2.22.239.226200 OK 632 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/footer/v1/footer/clientlibs.min.c38b3ff0fee469b2b72e9eb7b6b2c35e.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (540)
Hash 40ca8ada3c6058a2030ba9bafd92b7f7
25765fe43c35878ef717e72b4a8ad62650b4f676
a69d2996d51446543914799c3551105e0d1633dca0b32d1b19b4068841b5ef71
GET /etc.clientlibs/f-secure/components/structure/footer/v1/footer/clientlibs.min.c38b3ff0fee469b2b72e9eb7b6b2c35e.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript;charset=utf-8
last-modified: Thu, 15 Apr 2021 05:49:42 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 632
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/newsletter/v1/newsletter/clientlibs.min.135495e6391833d5ee35cab188ff0b6c.js
2.22.239.226200 OK 327 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/newsletter/v1/newsletter/clientlibs.min.135495e6391833d5ee35cab188ff0b6c.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (319)
Hash a61f5eb5fbea058f1aae6895b4f5df61
bf12a5839601a7696b2fa03b9508b98df70845f6
fc7dc8a8cecb389a4c8c361a496bf37fd5c73b221091b4e28a17df120ee17794
GET /etc.clientlibs/f-secure/components/structure/newsletter/v1/newsletter/clientlibs.min.135495e6391833d5ee35cab188ff0b6c.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript;charset=utf-8
last-modified: Wed, 16 Mar 2022 15:40:19 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 327
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/content/modal/v1/modal/clientlibs.min.fdb0d56133863c24da8ea4a0a8c31a93.js
2.22.239.226200 OK 796 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/content/modal/v1/modal/clientlibs.min.fdb0d56133863c24da8ea4a0a8c31a93.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (529)
Hash 4adc15b6aa60aa136980a0bb558257fb
a26d1eacab8d180d2a4f105765e74c3eff3b153d
ccdf9f5005d908dfff00ff82f069cc72a95ba4613ba4901155f0064662464126
GET /etc.clientlibs/f-secure/components/content/modal/v1/modal/clientlibs.min.fdb0d56133863c24da8ea4a0a8c31a93.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript;charset=utf-8
last-modified: Tue, 16 Nov 2021 13:47:04 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 796
unused62: 8096267
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/header/v1/header/clientlibs.min.c6a798f3c80c31e7f6fb333f6887f345.js
2.22.239.226200 OK 298 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/header/v1/header/clientlibs.min.c6a798f3c80c31e7f6fb333f6887f345.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (513)
Hash 1ac1d06129eb4b50ccd3e4112e2e692a
3d3f230d070f6e4ceaafb41afa67f512416cbbfa
b5b93ca22cdc11a9979b2d84d3c22267ca0a75fdcaca4f9dea3b79764ff6e205
GET /etc.clientlibs/f-secure/components/structure/header/v1/header/clientlibs.min.c6a798f3c80c31e7f6fb333f6887f345.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript;charset=utf-8
last-modified: Wed, 12 May 2021 06:46:01 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 298
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/structure/siteSearch/v1/siteSearch/clientlibs.min.6dcfac1e2b77cc738170453dd1fb15f4.js
2.22.239.226200 OK 380 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/structure/siteSearch/v1/siteSearch/clientlibs.min.6dcfac1e2b77cc738170453dd1fb15f4.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (502)
Hash c582aea406ec7913b644e30490f61364
71ad0475e8192c3608b3373bf60995608186ad0b
2e23cd02f37c870525a6338e31b4339652412ae9dbaed45ada235309b3450ee2
GET /etc.clientlibs/f-secure/components/structure/siteSearch/v1/siteSearch/clientlibs.min.6dcfac1e2b77cc738170453dd1fb15f4.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript;charset=utf-8
last-modified: Mon, 24 Jun 2019 09:59:10 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 380
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/scripts/web-vitals.iife.js
2.22.239.226200 OK 1.7 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/scripts/web-vitals.iife.js
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (4396)
Hash c6888d805783e78520fc28064fe6a60f
2ef232e3d2937ab874d06735702412f7ab9c1c3e
b34a60e92c2f1b6d1799321233b3159afb6c78fb5152664e5051683f452fac8a
GET /content/dam/f-secure/en/consumer/scripts/web-vitals.iife.js HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 13:41:50 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 1724
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/components/content/react/v1/react/clientlibs/site.min.0db1396e53cf884ba83bb96dd6eda5ac.css
2.22.239.226200 OK 32 B URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/components/content/react/v1/react/clientlibs/site.min.0db1396e53cf884ba83bb96dd6eda5ac.css
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type ASCII text, with no line terminators
Hash 0db1396e53cf884ba83bb96dd6eda5ac
d89a5a1a20dd4489851bf5d836fd6ff99be2e443
8da30b38cf2df735718ce2f9d7db4da6f18d5dfe97a576603f107a356e683969
GET /etc.clientlibs/f-secure/components/content/react/v1/react/clientlibs/site.min.0db1396e53cf884ba83bb96dd6eda5ac.css HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css;charset=utf-8
last-modified: Tue, 16 Nov 2021 13:47:05 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 32
expires: Tue, 06 Dec 2022 03:50:40 GMT
pragma: no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
cache-control: max-age=15552000
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/brand/icons/function/icon-open-dropdown-menu.svg
2.22.239.226200 OK 170 B URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/brand/icons/function/icon-open-dropdown-menu.svg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash cb120d03e6a4b6e132f3768ec60d19d4
2b718c0802c481645b3d2df89fac2cad51979105
d4afc64a0517c1af2136a7162fef1802fdbafb97cd59ef6bf4250f021e3654c0
GET /content/dam/f-secure/en/brand/icons/function/icon-open-dropdown-menu.svg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.f-secure.com/etc.clientlibs/f-secure/components/structure/navigation/v1/navigation/clientlibs.min.955939910b41c219f8495085b280d5e5.css
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="icon-open-dropdown-menu.svg"
content-encoding: gzip
content-type: image/svg+xml
last-modified: Tue, 12 Jan 2021 13:50:14 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 170
unused62: 8096267
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/frontpage/images/heroes/garden-party-at-evening.jpg
2.22.239.226200 OK 166 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/frontpage/images/heroes/garden-party-at-evening.jpg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1269x575, components 3\012- data
Size 166 kB (166369 bytes)
Hash 8d58ba9f9f1bdb5d246e3aad4f375bfd
68b78924777d7bb78daecbd9e9500af456a5480b
96fe28eeb81bf8d96b34a7ac1c1453fb392798f35b6758828ac3bcbbf0e0bac3
GET /content/dam/f-secure/en/frontpage/images/heroes/garden-party-at-evening.jpg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/jpeg
last-modified: Thu, 20 Jan 2022 06:45:33 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 166369
date: Tue, 06 Dec 2022 03:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db53e0cead1a5b94542200916082138c
be4c53080a45d17a91d9f0b351508e96387be7e2
510f285dea9063c0d8d7dccc6ef80e63bc8af384c1bdbd1a2449a9f312c09130
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "510F285DEA9063C0D8D7DCCC6EF80E63BC8AF384C1BDBD1A2449A9F312C09130"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6932
Expires: Tue, 06 Dec 2022 05:46:12 GMT
Date: Tue, 06 Dec 2022 03:50:40 GMT
Connection: keep-alive
www.f-secure.com/content/dam/f-secure/en/consumer/images/illustrations/ransomware-pattern.svg
2.22.239.226200 OK 16 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/images/illustrations/ransomware-pattern.svg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 2e0863e4b13468c84547a3c45f2adf95
1fe921c178865b685bae6145e4bbd455e51d3c0e
c740678fc4a93505c7182b13a302bdef155d14dc0708bcd15fa504c8b9a99bbc
GET /content/dam/f-secure/en/consumer/images/illustrations/ransomware-pattern.svg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="ransomware-pattern.svg"
content-encoding: gzip
content-type: image/svg+xml
last-modified: Wed, 26 Jan 2022 16:58:42 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 15596
cache-control: no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/frontpage/images/heroes/family-walking-in-a-field.jpg
2.22.239.226200 OK 196 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/frontpage/images/heroes/family-walking-in-a-field.jpg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1269x575, components 3\012- data
Size 196 kB (196474 bytes)
Hash bdaffff0d224807d71d8cdf542ae3b7c
a0c6cbb1ba1f42319cb8ec0acc4e474a7fdb6f2f
9a1d483d851f17a55c7bee06c3536cc48a54e4bada8eb9aca28314315dba553e
GET /content/dam/f-secure/en/frontpage/images/heroes/family-walking-in-a-field.jpg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/jpeg
last-modified: Thu, 20 Jan 2022 06:45:31 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 196474
unused62: 8096267
cache-control: no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/images/lifestyle/working-aside-desk-checking-phone.jpg
2.22.239.226200 OK 165 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/images/lifestyle/working-aside-desk-checking-phone.jpg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x781, components 3\012- data
Size 165 kB (164730 bytes)
Hash b1009b7b430bcca110be7bf3a5994ef9
4b0b7521d933dc5aa0a6349548995b95aac766b3
a8eda5a11a6d96f2cfef19810f1ca9b49940402ad53c657032832e3b92e14d25
GET /content/dam/f-secure/en/consumer/images/lifestyle/working-aside-desk-checking-phone.jpg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/jpeg
last-modified: Thu, 20 Jan 2022 09:33:19 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 164730
cache-control: no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/frontpage/images/heroes/man-takes-a-landscape-photo-of-a-lake-and-mountains.jpg
2.22.239.226200 OK 212 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/frontpage/images/heroes/man-takes-a-landscape-photo-of-a-lake-and-mountains.jpg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1269x575, components 3\012- data
Size 212 kB (211965 bytes)
Hash 88161c368d4d868d254e715da76889f4
fbbcd919f4c76683b1bf5a1378d20f8aa4f9fa63
ca977103f5238b43ce38adaa3d6acd70b5d66f0bebbf095e37e0ca11289a585a
GET /content/dam/f-secure/en/frontpage/images/heroes/man-takes-a-landscape-photo-of-a-lake-and-mountains.jpg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/jpeg
last-modified: Thu, 20 Jan 2022 06:45:34 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 211965
date: Tue, 06 Dec 2022 03:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
assets.f-secure.com/fs-cookie-consent.js?v=6
35.228.112.245200 OK 17 kB URL HTTP/2 assets.f-secure.com/fs-cookie-consent.js?v=6
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (46812)
Hash daf08ddb7de0cd95198bed8e5662a26d
82dcd62cb31539aa127a941d2c419a870ef20469
1bcdd00d91e09daceabb0684cbe60b225cf9dfe4a4d8529ab8ef981e10f89b35
GET /fs-cookie-consent.js?v=6 HTTP/1.1
Host: assets.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Cookie: country=NO; _gcl_au=1.1.1650017645.1670298638
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 34411
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 18:17:09 GMT
etag: "b8e8c9eabcae07cbf74fdbd8ebcf5f78-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GKJRX85GZM1HVJGVYEFV92AT
content-length: 16983
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/images/illustrations/product-selector-man.svg
2.22.239.226200 OK 20 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/images/illustrations/product-selector-man.svg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 7468b2cd37c57adc40aa8d0e9c74740f
754783cceb9cd8dc879e6f8ecb664449b8af7bfc
9c406c628ebdb8cc8881370e43577384e2a6d047fc9fe8c19bd81c2a2b2e3473
GET /content/dam/f-secure/en/consumer/images/illustrations/product-selector-man.svg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638; _ga_84EXLXMFY5=GS1.1.1670298637.1.1.1670298637.0.0.0; _ga=GA1.1.1755014778.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="product-selector-man.svg"
content-encoding: gzip
content-type: image/svg+xml
last-modified: Mon, 10 Jan 2022 06:56:45 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 20444
cache-control: no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/images/illustrations/binary-virus.png
2.22.239.226200 OK 51 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/images/illustrations/binary-virus.png
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type PNG image data, 466 x 241, 8-bit/color RGBA, non-interlaced\012- data
Hash d40529b32d44e2db0d4ae45e5d85ef10
c218488422170075802c0a7083c584515296c47e
2c4c696212c84bd663493e6b87c8b0805704c441101c16b1ca24cef2670d2e62
GET /content/dam/f-secure/en/consumer/images/illustrations/binary-virus.png HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638; _ga_84EXLXMFY5=GS1.1.1670298637.1.1.1670298637.0.0.0; _ga=GA1.1.1755014778.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment
content-type: image/png
last-modified: Mon, 10 Jan 2022 07:53:34 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 50766
cache-control: no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/images/icons/blue-ball-total.svg
2.22.239.226200 OK 1.1 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/images/icons/blue-ball-total.svg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2679), with no line terminators
Hash c7d3889b23e992896f0d4258770ebb4a
4508e3958e45be986cf45b6bdc56d13cc2951a49
9143603d59137f28a5ca6fe7da614804a84b7efdfd6b5fa09f3e974fff001d3b
GET /content/dam/f-secure/en/consumer/images/icons/blue-ball-total.svg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638; _ga_84EXLXMFY5=GS1.1.1670298637.1.1.1670298637.0.0.0; _ga=GA1.1.1755014778.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="blue-ball-total.svg"
content-encoding: gzip
content-type: image/svg+xml
last-modified: Mon, 25 Jan 2021 07:57:21 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 1072
cache-control: no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/images/icons/blue-ball-safe.svg
2.22.239.226200 OK 712 B URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/images/icons/blue-ball-safe.svg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1324), with no line terminators
Hash e4afe652fbcb57a979351beee4f16293
a2d7521d60403a8bcb6d53c9cea0829db4520049
36f093e0ed124a2738444518c9e9d384e57ff9379d8e783e5448489fa689218e
GET /content/dam/f-secure/en/consumer/images/icons/blue-ball-safe.svg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638; _ga_84EXLXMFY5=GS1.1.1670298637.1.1.1670298637.0.0.0; _ga=GA1.1.1755014778.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="blue-ball-safe.svg"
content-encoding: gzip
content-type: image/svg+xml
last-modified: Mon, 25 Jan 2021 07:57:23 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher1euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 712
unused62: 8096267
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/images/icons/blue-ball-freedome.svg
2.22.239.226200 OK 390 B URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/images/icons/blue-ball-freedome.svg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (643), with no line terminators
Hash a4cb0c36254e49f72d09a77cf3b78767
6f3e05c8f25153541626313b85c2b135a0689cc3
35130b8eff46dcb0b38c1b0a88ab3e43fe98a5497483fd9843239672af6dff3f
GET /content/dam/f-secure/en/consumer/images/icons/blue-ball-freedome.svg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638; _ga_84EXLXMFY5=GS1.1.1670298637.1.1.1670298637.0.0.0; _ga=GA1.1.1755014778.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="blue-ball-freedome.svg"
content-encoding: gzip
content-type: image/svg+xml
last-modified: Mon, 25 Jan 2021 07:57:22 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 390
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/content/dam/f-secure/en/consumer/images/icons/blue-ball-id-protection.svg
2.22.239.226200 OK 1.5 kB URL HTTP/2 www.f-secure.com/content/dam/f-secure/en/consumer/images/icons/blue-ball-id-protection.svg
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2914), with no line terminators
Hash 960b433b363463a6a21c3b7448be3f7f
73e81ce9fd6b07dd52b5fccdf27be7333a38b9b9
08d1196e6abd4efe3e542cc18dff0111b93fdd28341b0bdcbc542b2ec9233f84
GET /content/dam/f-secure/en/consumer/images/icons/blue-ball-id-protection.svg HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638; _ga_84EXLXMFY5=GS1.1.1670298637.1.1.1670298637.0.0.0; _ga=GA1.1.1755014778.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: attachment; filename="blue-ball-id-protection.svg"
content-encoding: gzip
content-type: image/svg+xml
last-modified: Mon, 25 Jan 2021 07:57:22 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: ALLOW-FROM https://www.withsecure.com/
x-vhost: publish
content-length: 1498
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
assets.f-secure.com/localizations/no_NO.json
35.228.112.245200 OK 1.2 kB URL HTTP/2 assets.f-secure.com/localizations/no_NO.json
IP 35.228.112.245:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (723)
Hash d6b5f3cdc47cee5b62a69fd2183f4294
8847cc2677c324d9c46fc8bb01d6ab4d95146c6c
57fdcbe7f46109f0fcd32c50b89fd19c54e33153c8366b81e1a4376b665cd949
GET /localizations/no_NO.json HTTP/1.1
Host: assets.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Origin: https://www.f-secure.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 23446
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/json
date: Mon, 05 Dec 2022 21:19:54 GMT
etag: "152a8d35d2b1d07cce00af85442662be-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GKJRX8B0MTH3VCFS5SGYW7WS
content-length: 1186
X-Firefox-Spdy: h2
www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/apple-touch-icon.png
2.22.239.226200 OK 1.8 kB URL HTTP/2 www.f-secure.com/etc.clientlibs/f-secure/clientlibs/main/resources/apple-touch-icon.png
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 8ad2dd95c0fd7b7f57077f7053789b33
34eff772f8eabe70a4669a043a73c355c6619a09
fd2fd0417b066afcbb95406aa2858cdbb5d66490ccd91b6fec1e6516dce74d97
GET /etc.clientlibs/f-secure/clientlibs/main/resources/apple-touch-icon.png HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638; _ga_84EXLXMFY5=GS1.1.1670298637.1.1.1670298637.0.0.0; _ga=GA1.1.1755014778.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 13 Aug 2019 09:47:08 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 1836
cache-control: public, no-cache
date: Tue, 06 Dec 2022 03:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.f-secure.com/favicon.ico
2.22.239.226200 OK 3.5 kB URL HTTP/2 www.f-secure.com/favicon.ico
IP 2.22.239.226:0
ASN #1299 Telia Company AB
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash dc8297c7235e3b2c01e28697a7d8b8a1
b28cc34a34a5a578aa8a85ae0bd9b2a86c0465d8
d111eac71e077df300443a194714729ce6d1ca101eb6beec3813f2a84369ee12
GET /favicon.ico HTTP/1.1
Host: www.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/no?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate?x-clickref=1100lwnDUdG8&utm_source=cleverbridge&utm_medium=affiliate&utm_campaign=cleverbridge+affiliate
Connection: keep-alive
Cookie: AWSELB=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; AWSELBCORS=3D59A5571248B9DD74ADC8C97097A7B9B554B0C99A90E15640719686BF4291CC9AB7C76BF4883D12BD56DA3C2FB91BDE88E790C2945692AC9F9CCA4DD5E3BD1979C7B42BEF; country=NO; _gcl_au=1.1.1650017645.1670298638; _ga_84EXLXMFY5=GS1.1.1670298637.1.1.1670298637.0.0.0; _ga=GA1.1.1755014778.1670298638
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-disposition: inline
content-encoding: gzip
content-type: image/x-icon
last-modified: Tue, 12 Jan 2021 13:59:09 GMT
server: Apache
x-content-type-options: nosniff
x-dispatcher: dispatcher2euwest1
x-frame-options: SAMEORIGIN
x-vhost: publish
content-length: 3505
unused62: 8096267
date: Tue, 06 Dec 2022 03:50:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 02:41:08 GMT
expires: Tue, 06 Dec 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 4172
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: max-age=130575
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:40 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 16:06:55 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/983784718/?random=1670298637555&cv=11&fst=1670298637555&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&auid=1650017645.1670298638&rfmt=3&fmt=4
142.250.74.130200 OK 965 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/983784718/?random=1670298637555&cv=11&fst=1670298637555&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&auid=1650017645.1670298638&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2397), with no line terminators
Hash dfcc756e991d2126a47514e750ba766c
0ba9031d0dfeae26f621dfe8f95413caef2c7774
30e87dd101808e6deab3dc2b1379642bd5f4bfd347754e6a0c5e22fdae456944
GET /pagead/viewthroughconversion/983784718/?random=1670298637555&cv=11&fst=1670298637555&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&auid=1650017645.1670298638&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 03:50:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 965
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 04:05:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: fb2+rwAC+2PCSWe2sbUjs7cuJxHyT5Wc1dOvoV/nCYEYjMcy4XQhBE1P25LtQ/Gzc7ridIS25tHYDXtrkkFWGQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Tue, 06 Dec 2022 03:50:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6479
Cache-Control: max-age=130575
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:40 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 16:06:55 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 843a94f5c86c1834bd0c5b40f8d0cd14
5cdc22bf6f7511cad155a4fb9c392d44dd974c0c
64126a08ff1f07ba3a406e066796d87fec18a3fcd308c72bff379e3a0ecefc1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64126A08FF1F07BA3A406E066796D87FEC18A3FCD308C72BFF379E3A0ECEFC1A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3370
Expires: Tue, 06 Dec 2022 04:46:51 GMT
Date: Tue, 06 Dec 2022 03:50:41 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/983784718/?random=1670298637555&cv=11&fst=1670295600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&fmt=3&is_vtc=1&random=2831572203&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/983784718/?random=1670298637555&cv=11&fst=1670295600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&fmt=3&is_vtc=1&random=2831572203&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/983784718/?random=1670298637555&cv=11&fst=1670295600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&fmt=3&is_vtc=1&random=2831572203&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 03:50:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/983784718/?random=1670298637555&cv=11&fst=1670295600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&fmt=3&is_vtc=1&random=2831572203&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/983784718/?random=1670298637555&cv=11&fst=1670295600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&fmt=3&is_vtc=1&random=2831572203&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/983784718/?random=1670298637555&cv=11&fst=1670295600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&tiba=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&fmt=3&is_vtc=1&random=2831572203&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 03:50:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
location-api.f-secure.com/v1/ip-source
34.141.103.251200 OK 21 B URL HTTP/2 location-api.f-secure.com/v1/ip-source
IP 34.141.103.251:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 0aa45ee453b05b35e79be535193ea06d
fa64b73bd1d7610ecb78f7e6744c2e4f4d85c607
6d0695b09939099687cd3993e0bfaf50ba17c27f7f65d7d50923a9f403ff58ae
GET /v1/ip-source HTTP/1.1
Host: location-api.f-secure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Origin: https://www.f-secure.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://www.f-secure.com
age: 0
cache-control: no-cache
content-type: application/json
date: Tue, 06 Dec 2022 03:50:41 GMT
server: Netlify
strict-transport-security: max-age=31536000
vary: Origin
x-nf-request-id: 01GKJRX8NHWBC28GCSN9B0K6J3
content-length: 21
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 03:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-84EXLXMFY5>m=2oebu0&_p=1232507915&cid=1755014778.1670298638&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1670298637&sct=1&seg=0&dl=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&dt=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&en=cookie_consent&_fv=1&_nsi=1&_ss=1&ep.popup_visible=impression
216.239.34.36204 No Content 86 kB URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-84EXLXMFY5>m=2oebu0&_p=1232507915&cid=1755014778.1670298638&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1670298637&sct=1&seg=0&dl=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&dt=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&en=cookie_consent&_fv=1&_nsi=1&_ss=1&ep.popup_visible=impression
IP 216.239.34.36:0
File type gzip compressed data, from Unix\012- data
Hash 19c9244ac895a2e1504f4f6b591aebbf
7e14460d1a8eb402d1c4c2ac9abca262f4d4a571
fd9c10e014f3ddfad9dc08e3d1e188f829e802f5282e6a806a4b5faafd67dd8b
POST /g/collect?v=2&tid=G-84EXLXMFY5>m=2oebu0&_p=1232507915&cid=1755014778.1670298638&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1670298637&sct=1&seg=0&dl=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&dt=Produkter%20for%20sikkerhet%20og%20personvern%20p%C3%A5%20nettet%20%7C%20F-Secure&en=cookie_consent&_fv=1&_nsi=1&_ss=1&ep.popup_visible=impression HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Origin: https://www.f-secure.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.f-secure.com
date: Tue, 06 Dec 2022 03:50:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1485331568392846&ev=PageView&dl=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&rl=&if=false&ts=1670298638489&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=29&fbp=fb.1.1670298638488.1013417433&it=1670298638177&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1485331568392846&ev=PageView&dl=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&rl=&if=false&ts=1670298638489&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=29&fbp=fb.1.1670298638488.1013417433&it=1670298638177&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1485331568392846&ev=PageView&dl=https%3A%2F%2Fwww.f-secure.com%2Fno%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate%3Fx-clickref%3D1100lwnDUdG8%26utm_source%3Dcleverbridge%26utm_medium%3Daffiliate%26utm_campaign%3Dcleverbridge%2Baffiliate&rl=&if=false&ts=1670298638489&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=29&fbp=fb.1.1670298638488.1013417433&it=1670298638177&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.f-secure.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 06 Dec 2022 03:50:41 GMT
X-Firefox-Spdy: h2
p201298.mybettermb.com/adServe/domainClick?ai=LyBVgUe5lplnDYVH6EgfSGSZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF7a3iDM50AUy15CcQxoHLXkbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-Sbse4s4VAkoGd6KhMYRrNbaSOF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_nsCKidNDxuV5s&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukPHuLOFQJKBnanEV2_AwS6h-aQ7y0U36nX5Y7ugM580FOeEj8aU6D0lmgoOMlJQzH_79M2ktb9mTg&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0
108.168.193.189200 OK 0 B URL HTTP/2 p201298.mybettermb.com/adServe/domainClick?ai=LyBVgUe5lplnDYVH6EgfSGSZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF7a3iDM50AUy15CcQxoHLXkbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-Sbse4s4VAkoGd6KhMYRrNbaSOF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_nsCKidNDxuV5s&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukPHuLOFQJKBnanEV2_AwS6h-aQ7y0U36nX5Y7ugM580FOeEj8aU6D0lmgoOMlJQzH_79M2ktb9mTg&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0
IP 108.168.193.189:0
GET /adServe/domainClick?ai=LyBVgUe5lplnDYVH6EgfSGSZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF7a3iDM50AUy15CcQxoHLXkbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-Sbse4s4VAkoGd6KhMYRrNbaSOF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_nsCKidNDxuV5s&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukPHuLOFQJKBnanEV2_AwS6h-aQ7y0U36nX5Y7ugM580FOeEj8aU6D0lmgoOMlJQzH_79M2ktb9mTg&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0 HTTP/1.1
Host: p201298.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Cookie: rhid=82500392651
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 03:50:38 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
set-cookie: rhid=82500392651; Max-Age=15552000; Expires=Sun, 04-Jun-2023 03:50:38 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_1312948_off_756142_aff_13719_cid_201298-MKKUEI4KDSZ.COM_ts_1670298638; Max-Age=3600; Expires=Tue, 06-Dec-2022 04:50:38 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2
r.srvtrck.com/v2/go?t=2tbpa%2Fdt3x1d7tak1.1od%2F6f7_a%3F6f8e%3D_bds6f9a%266f2_1d96b3b%26cfb_cue%3D20d0c06040952382120b4837v4bbsafaa42b1f%3D0i6fba%269f3_%3Dui2ref1o3caf7adm4c128rfg9.brc%2Fd%3Act5h&e=1&ai=25bfedaba63e4887a03f4a0f0fae54ff&sct=0&ct=1670298638786&cu=392426bc8d724ebcabac4bbbf90162b6&ykuid=8f71a55f79e14f67a8a718188ef46e29&sc=1&cs=916e2ed3340c98df6388803904e79c21
104.19.168.96200 OK 0 B URL HTTP/2 r.srvtrck.com/v2/go?t=2tbpa%2Fdt3x1d7tak1.1od%2F6f7_a%3F6f8e%3D_bds6f9a%266f2_1d96b3b%26cfb_cue%3D20d0c06040952382120b4837v4bbsafaa42b1f%3D0i6fba%269f3_%3Dui2ref1o3caf7adm4c128rfg9.brc%2Fd%3Act5h&e=1&ai=25bfedaba63e4887a03f4a0f0fae54ff&sct=0&ct=1670298638786&cu=392426bc8d724ebcabac4bbbf90162b6&ykuid=8f71a55f79e14f67a8a718188ef46e29&sc=1&cs=916e2ed3340c98df6388803904e79c21
IP 104.19.168.96:0
GET /v2/go?t=2tbpa%2Fdt3x1d7tak1.1od%2F6f7_a%3F6f8e%3D_bds6f9a%266f2_1d96b3b%26cfb_cue%3D20d0c06040952382120b4837v4bbsafaa42b1f%3D0i6fba%269f3_%3Dui2ref1o3caf7adm4c128rfg9.brc%2Fd%3Act5h&e=1&ai=25bfedaba63e4887a03f4a0f0fae54ff&sct=0&ct=1670298638786&cu=392426bc8d724ebcabac4bbbf90162b6&ykuid=8f71a55f79e14f67a8a718188ef46e29&sc=1&cs=916e2ed3340c98df6388803904e79c21 HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ykuid=8f71a55f79e14f67a8a718188ef46e29
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 03:50:38 GMT
content-type: text/html;charset=UTF-8
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77520efc9d08b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2