thndzgh.mm.wy5532.com/
185.107.56.200200 OK 482 B IP 185.107.56.200:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (482), with no line terminators
Hash 2c4b3ab03905abcda227a701c218dee6
997ddc3ee3806eceea0cdf10cbece8bdf11bf5dc
ae7d3ed80194b8d802286e033e730b690b57db7ae89080d2d3c1e92a91e8cf32
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: thndzgh.mm.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 482
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 03:15:01 GMT
server: nginx
set-cookie: sid=ab7bbf48-776f-11ed-96dd-f2ed634f2216; path=/; domain=.wy5532.com; expires=Wed, 27 Dec 2090 06:29:09 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9991
Expires: Fri, 09 Dec 2022 06:01:33 GMT
Date: Fri, 09 Dec 2022 03:15:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7637
Expires: Fri, 09 Dec 2022 05:22:19 GMT
Date: Fri, 09 Dec 2022 03:15:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 03:08:17 GMT
content-type: application/json
age: 405
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7202
Expires: Fri, 09 Dec 2022 05:15:04 GMT
Date: Fri, 09 Dec 2022 03:15:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eH/y6VommAtFe9HyRbXSspcjx8xNE3+XQVbhGSJDXimvgnW2RoMm5VneukyI1VTHOEtFkVa4cmHLpRmR29Joyg==
x-amz-request-id: 9RVQKBYZ2TCP512B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 02:48:09 GMT
age: 1613
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 03:15:02 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
thndzgh.mm.wy5532.com/favicon.ico
185.107.56.200404 Not Found 9 B URL HTTP/1.1 thndzgh.mm.wy5532.com/favicon.ico
IP 185.107.56.200:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: thndzgh.mm.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thndzgh.mm.wy5532.com/
Cookie: sid=ab7bbf48-776f-11ed-96dd-f2ed634f2216
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Fri, 09 Dec 2022 03:15:01 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 03:07:59 GMT
age: 423
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1358
Cache-Control: max-age=108867
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:03 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:29:30 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
thndzgh.mm.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDU2MjkwMiwiaWF0IjoxNjcwNTU1NzAyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25nMzNxdTdsbWNvbzlrcXMycTF0YzIiLCJuYmYiOjE2NzA1NTU3MDIsInRzIjoxNjcwNTU1NzAyMDUwNjc2fQ.aReYaU9k77qaQ-U2JGpqijKI0J5yq-9OorgYswJEby0&sid=ab7bbf48-776f-11ed-96dd-f2ed634f2216
185.107.56.200302 Found 11 B URL HTTP/1.1 thndzgh.mm.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDU2MjkwMiwiaWF0IjoxNjcwNTU1NzAyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25nMzNxdTdsbWNvbzlrcXMycTF0YzIiLCJuYmYiOjE2NzA1NTU3MDIsInRzIjoxNjcwNTU1NzAyMDUwNjc2fQ.aReYaU9k77qaQ-U2JGpqijKI0J5yq-9OorgYswJEby0&sid=ab7bbf48-776f-11ed-96dd-f2ed634f2216
IP 185.107.56.200:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDU2MjkwMiwiaWF0IjoxNjcwNTU1NzAyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25nMzNxdTdsbWNvbzlrcXMycTF0YzIiLCJuYmYiOjE2NzA1NTU3MDIsInRzIjoxNjcwNTU1NzAyMDUwNjc2fQ.aReYaU9k77qaQ-U2JGpqijKI0J5yq-9OorgYswJEby0&sid=ab7bbf48-776f-11ed-96dd-f2ed634f2216 HTTP/1.1
Host: thndzgh.mm.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://thndzgh.mm.wy5532.com/
Cookie: sid=ab7bbf48-776f-11ed-96dd-f2ed634f2216
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Fri, 09 Dec 2022 03:15:02 GMT
location: http://btpnav.com/click?data=VF9RMEo3NWRKWk5FVE8weUZzWmpUNVNkMG1iMXJuVVpsQm8zZHhHR3g3bE1uUkEtbHk0TUw5dDh4akZXaVV6MjlXMGtXLUREUkx0YWlUdEVaZzNaUlVMT19IczVpS0MwNkNUOFUzU2UzV29MZ0pOSENlMk5OTHZ2R0t6ZmM5TGp0TF9TaFB0d1hhX2p3c2ZRaVotMXBRMg2&id=16ce8a16-0c7c-4a89-836c-cbf725f12f30
server: nginx
set-cookie: sid=ab7bbf48-776f-11ed-96dd-f2ed634f2216; path=/; domain=.wy5532.com; expires=Wed, 27 Dec 2090 06:29:10 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
35.161.148.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.148.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: To4Jh0O+f41fNfdaQwj+6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SiSicvJKgpJF59yjEXuJqKjqZ4g=
btpnav.com/click?data=VF9RMEo3NWRKWk5FVE8weUZzWmpUNVNkMG1iMXJuVVpsQm8zZHhHR3g3bE1uUkEtbHk0TUw5dDh4akZXaVV6MjlXMGtXLUREUkx0YWlUdEVaZzNaUlVMT19IczVpS0MwNkNUOFUzU2UzV29MZ0pOSENlMk5OTHZ2R0t6ZmM5TGp0TF9TaFB0d1hhX2p3c2ZRaVotMXBRMg2&id=16ce8a16-0c7c-4a89-836c-cbf725f12f30
192.99.158.241200 OK 5.4 kB URL HTTP/1.1 btpnav.com/click?data=VF9RMEo3NWRKWk5FVE8weUZzWmpUNVNkMG1iMXJuVVpsQm8zZHhHR3g3bE1uUkEtbHk0TUw5dDh4akZXaVV6MjlXMGtXLUREUkx0YWlUdEVaZzNaUlVMT19IczVpS0MwNkNUOFUzU2UzV29MZ0pOSENlMk5OTHZ2R0t6ZmM5TGp0TF9TaFB0d1hhX2p3c2ZRaVotMXBRMg2&id=16ce8a16-0c7c-4a89-836c-cbf725f12f30
IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (320), with CRLF line terminators
Hash a7d35420bbae14223138d7cd286f45f6
2b491e15607071caf1be9508808a6efbc3e2b0af
291058aec942489f8a48c7707c6a23c0440702dae728faf7826a52bd01135dfe
GET /click?data=VF9RMEo3NWRKWk5FVE8weUZzWmpUNVNkMG1iMXJuVVpsQm8zZHhHR3g3bE1uUkEtbHk0TUw5dDh4akZXaVV6MjlXMGtXLUREUkx0YWlUdEVaZzNaUlVMT19IczVpS0MwNkNUOFUzU2UzV29MZ0pOSENlMk5OTHZ2R0t6ZmM5TGp0TF9TaFB0d1hhX2p3c2ZRaVotMXBRMg2&id=16ce8a16-0c7c-4a89-836c-cbf725f12f30 HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://thndzgh.mm.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: ReZSWaDcmNJofbT=ReZSWaDcmNJofbT; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Fri, 09 Dec 2022 03:15:03 GMT
Content-Length: 5412
btpnav.com/Redirect/
192.99.158.241302 Found 269 B IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d671f020523c441af38027193c7f85d1
fad9867c7890cd175f78ea9f031fe42498f8edd1
0eafa5cb53dcf23ca0a8a2e39ffd238c56b8c00407742fabd3171b786b502fe4
POST /Redirect/ HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 329
Origin: http://btpnav.com
Connection: keep-alive
Referer: http://btpnav.com/click?data=VF9RMEo3NWRKWk5FVE8weUZzWmpUNVNkMG1iMXJuVVpsQm8zZHhHR3g3bE1uUkEtbHk0TUw5dDh4akZXaVV6MjlXMGtXLUREUkx0YWlUdEVaZzNaUlVMT19IczVpS0MwNkNUOFUzU2UzV29MZ0pOSENlMk5OTHZ2R0t6ZmM5TGp0TF9TaFB0d1hhX2p3c2ZRaVotMXBRMg2&id=16ce8a16-0c7c-4a89-836c-cbf725f12f30
Cookie: ReZSWaDcmNJofbT=ReZSWaDcmNJofbT
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://belia-glp.com/zcvisitor/abc8c455-776f-11ed-b6a6-0a4ca7444559/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=845a1b10-65bf-11ed-9d73-128084d1ce51
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Fri, 09 Dec 2022 03:15:02 GMT
Content-Length: 269
belia-glp.com/zcvisitor/abc8c455-776f-11ed-b6a6-0a4ca7444559/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=845a1b10-65bf-11ed-9d73-128084d1ce51
3.212.50.125200 1.1 kB URL HTTP/1.1 belia-glp.com/zcvisitor/abc8c455-776f-11ed-b6a6-0a4ca7444559/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=845a1b10-65bf-11ed-9d73-128084d1ce51
IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4850b867157c15c07b8de57136d9d433
a7a0e2617b12b6189624bed3f7f1c053ffd3f5be
41f051278bdf3abb2e67a0a004b52dcc298628b09201ad5bbe59d1f9b90ff626
GET /zcvisitor/abc8c455-776f-11ed-b6a6-0a4ca7444559/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=845a1b10-65bf-11ed-9d73-128084d1ce51 HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://btpnav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 09 Dec 2022 03:15:03 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: PLyrCdEB
belia-glp.com/zcredirect?visitid=abc8c455-776f-11ed-b6a6-0a4ca7444559&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.212.50.125200 848 B URL HTTP/1.1 belia-glp.com/zcredirect?visitid=abc8c455-776f-11ed-b6a6-0a4ca7444559&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (381)
Hash 0c87571c668e4c99ad0a7b3778e6c2d0
6ef00653866b72afcdd66af0012092010c04a4d0
8f6320b018362e18f8a34f4ff2c89fa3ef0e0aca629a4a812031f3764de2544d
GET /zcredirect?visitid=abc8c455-776f-11ed-b6a6-0a4ca7444559&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcvisitor/abc8c455-776f-11ed-b6a6-0a4ca7444559/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=845a1b10-65bf-11ed-9d73-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 09 Dec 2022 03:15:04 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: PLyrCdEB
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5745
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:15:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5745
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:15:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5745
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 03:15:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 19420
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:15:09 GMT
age: 61195
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdad09879-539d-47c2-b00f-c42de83925b1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdad09879-539d-47c2-b00f-c42de83925b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9316e6fcb6eb5f47473eb710872f09e5
368be3ba9d57fb8ed8a936041bb0f4154ae680f1
aa0d429845b669baf996324cb7a5d4b001558c48480b4da43e9b81bdbc335e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdad09879-539d-47c2-b00f-c42de83925b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10517
x-amzn-requestid: 23d8ce86-b859-43b5-8daa-bed31c10ed24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwV5JEuGoAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6390036d-320dbe9f7805aa015f368a57;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4n0-mwpoP40Sb-pGAx3b0DkzVaAwencDR4XBRMcl9o6ysPM5C5DzLA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 03:46:05 GMT
age: 84539
etag: "368be3ba9d57fb8ed8a936041bb0f4154ae680f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34a9b9b25e57f612db5560cd05e44cce
433e295328d6c821a1df907c232bff4195e2860b
139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZPGd-oAMF5OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gkClPXMpz53Lmf56qAHXyd3IcOjTGjcBonaTpq2_4v7XRxPFv8q8QA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:49:12 GMT
age: 19552
etag: "433e295328d6c821a1df907c232bff4195e2860b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:34:32 GMT
age: 31232
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 77455
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
belia-glp.com/favicon.ico
3.212.50.125404 653 B URL HTTP/1.1 belia-glp.com/favicon.ico
IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: belia-glp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belia-glp.com/zcredirect?visitid=abc8c455-776f-11ed-b6a6-0a4ca7444559&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Fri, 09 Dec 2022 03:15:04 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: PLyrCdEB
cartining-specute.com/zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwmt2ag8kb97t6r1l2ikvfvnm%26sub2%3D%26sub3%3D%26l%3D1661789823wmt2ag8kb97t6r1l2ikvfvnm&caid=ab08cabd-9843-4037-9808-c0a5ae2b7bdc&zpid=abc8c455-776f-11ed-b6a6-0a4ca7444559&cid=wmt2ag8kb97t6r1l2ikvfvnm&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwmt2ag8kb97t6r1l2ikvfvnm%26sub2%3D%26sub3%3D%26l%3D1661789823wmt2ag8kb97t6r1l2ikvfvnm&caid=ab08cabd-9843-4037-9808-c0a5ae2b7bdc&zpid=abc8c455-776f-11ed-b6a6-0a4ca7444559&cid=wmt2ag8kb97t6r1l2ikvfvnm&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2F1.no04trckingmic.com%2Fclick%3Fpid%3D631%26offer_id%3D314%26sub1%3Dwmt2ag8kb97t6r1l2ikvfvnm%26sub2%3D%26sub3%3D%26l%3D1661789823wmt2ag8kb97t6r1l2ikvfvnm&caid=ab08cabd-9843-4037-9808-c0a5ae2b7bdc&zpid=abc8c455-776f-11ed-b6a6-0a4ca7444559&cid=wmt2ag8kb97t6r1l2ikvfvnm&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://belia-glp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wmt2ag8kb97t6r1l2ikvfvnm&sub2=&sub3=&l=1661789823wmt2ag8kb97t6r1l2ikvfvnm
pragma: no-cache
set-cookie: cc-v4=WBCz%2B%2BXpN7CJj4tP%2BpsTPvCCAVAli7MGx4Y1mVTObXIUk6vxnzHSl5DLdh%2BjTf38v2%2B7PRt6DMz%2BNicz%2BV7tFgQcq1tzPPj1IIVtqkQ4AfzUnYLanuZjWn28inV6HuwHtItQhYEDOhB%2FTEinPmno3g%3D%3D; Max-Age=31536000; Expires=Sat, 09-Dec-2023 03:15:04 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ef0c380c754d04031c3e031ba64391eb
9515c0e628b486c7a5da1f1fbbd71025ffc911fa
4921609a724b28c6bbfda1dce901dc36ac43a348e0a9c0ea1900ec26338298c6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:15:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 13:31:01 GMT
Expires: Wed, 14 Dec 2022 13:31:00 GMT
Etag: "9515c0e628b486c7a5da1f1fbbd71025ffc911fa"
Cache-Control: max-age=468355,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776a93035a0d0b06-OSL
1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wmt2ag8kb97t6r1l2ikvfvnm&sub2=&sub3=&l=1661789823wmt2ag8kb97t6r1l2ikvfvnm
34.141.137.168302 Found 0 B URL HTTP/2 1.no04trckingmic.com/click?pid=631&offer_id=314&sub1=wmt2ag8kb97t6r1l2ikvfvnm&sub2=&sub3=&l=1661789823wmt2ag8kb97t6r1l2ikvfvnm
IP 34.141.137.168:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=631&offer_id=314&sub1=wmt2ag8kb97t6r1l2ikvfvnm&sub2=&sub3=&l=1661789823wmt2ag8kb97t6r1l2ikvfvnm HTTP/1.1
Host: 1.no04trckingmic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://belia-glp.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 0
location: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6392a8381a953400015672b5; expires=Sat, 09 Dec 2023 03:15:04 GMT; secure; SameSite=None
afoffers={"314":1670555704}; expires=Sat, 09 Dec 2023 03:15:04 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
185.222.108.79200 OK 12 kB URL HTTP/2 www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6411), with CRLF line terminators
Hash 8ce482679de4ae9f2095671185920ed8
ca7da0079d963482fc1b8ec5c36c6523e20f79d1
0d88e9f9656da65e60285ca36e4e3e5582d73b35b78e8ec46db9d37ab024359e
GET /landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__ HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://belia-glp.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: httpd
set-cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; domain=.motenorskejenter.com; expires=Thu, 26-Jan-2023 03:15:05 GMT; path=/
ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; domain=.motenorskejenter.com; expires=Thu, 26-Jan-2023 03:15:05 GMT; path=/
MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; expires=Sun, 11-Dec-2022 03:15:05 GMT; path=/
__RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; path=/; HttpOnly
ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c;Path=/;Domain=www.motenorskejenter.com
x-aspnetmvc-version: 3.0
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 11527
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 20 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (65394)
Hash 69dafb2461f11ad0643eed49ef88d95c
3c834bcfd66c37046fd00580bc4298ef27c54bd0
2b4c59e4fe79433cb2158192434a377e5995e352a95db5567eeaca2b13b6f634
GET /Content/Landers/fontawesome/fontawesome-all.min.css?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d48eb0de4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 20233
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 9.8 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (29137)
Hash fe6c34b1df591cda0c96574c7f257443
0a62aad248c0dbbb8830db6e90641cf75a78b2b1
2374d5ef0b79f492cff9a936457a5deb9853cd9f74f01bf7e0c653e7c0e3ce7c
GET /Content/Landers/jquery-ui-1.12.1/jquery-ui.min.css?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d0d2aade4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 9844
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/landers-default.css?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 1.3 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/landers-default.css?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 5038c461ab70a489c48ec28f138dd098
e8ab1ed9659a57f83d95bc1e6da0c5bbb213f144
389f94f065064881738443dc4b4b81547446683b2a6a75007fcbf5b31d02233b
GET /Content/Landers/landers-default.css?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 15:15:48 GMT
accept-ranges: bytes
etag: "f7914a7997fad81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 1287
X-Firefox-Spdy: h2
www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
185.222.108.79200 OK 9.7 kB URL HTTP/2 www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a85827a6da64bfadfec349ffed065d2e
d0592ac4b97aeb08dcf480338a90a0bba30ffa58
8169a9a745bc208ad3a7c74a75daab8eb6e65379ba62cf828b172b65e6b72f3d
GET /landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Wed, 07 Dec 2022 23:02:20 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 9694
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/modal-popup.css?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 642 B URL HTTP/2 www.motenorskejenter.com/Content/Landers/modal-popup.css?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 2a3cf91ce193937fffd15431626b17a5
2599e4dd9b131811959e312048392590b2feae36
643efce94839100318eb69a589733922075c8b6f9e89d283afa9a0beba76bcee
GET /Content/Landers/modal-popup.css?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "d0d2aade4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 642
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71
185.222.108.79200 OK 552 B URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type PNG image data, 29 x 10, 8-bit colormap, non-interlaced\012- data
Hash e2d18104fb00ce266f0ef2e76f735219
e396ab6b693de90ab0b37c00adaf60e4e95f99fc
de240d711f7f63a63f704cdc6c70d1e89e206d4a0c62889caf7500e50f157d12
GET /Landers/DisplayImage/2019_1325_160_footerlogo.png?c=6221bdd1-da8b-43b2-a48e-00e31f1fbc71 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 07 Oct 2019 13:56:01 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 552
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 91 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (32074)
Hash d42c336053327b851f6b0f46647223f6
cfa3258c251e1c5d93bff2c2789a947e35f48cc7
0c400c92206c20de505b7f327ad5d8de77b66806492565cca629eda7118f4add
GET /Content/Landers/jquery-ui-1.12.1/jquery-ui.min.js?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:54 GMT
accept-ranges: bytes
etag: "5999b6de4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 91268
X-Firefox-Spdy: h2
www.motenorskejenter.com/Scripts/APIScripts/APILandersSignup.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 12 kB URL HTTP/2 www.motenorskejenter.com/Scripts/APIScripts/APILandersSignup.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (36867), with no line terminators
Hash 54a1da9c8142bf4eefae2e38c137795c
71a45053fe7e7233f27ef6bc2c64eb3b89a57616
ddfd1baa38329a39a9037ff4fe39b498a39db763c8a52d1a06aa6dd000e71639
GET /Scripts/APIScripts/APILandersSignup.min.js?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 17 Oct 2022 11:22:09 GMT
accept-ranges: bytes
etag: "25e740b21ae2d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 12124
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Scripts/APIScripts/APICookieFunctions.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 515 B URL HTTP/2 www.motenorskejenter.com/Scripts/APIScripts/APICookieFunctions.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (602), with no line terminators
Hash aa89779ff46171a494219e66429d2736
324e2364ca8f4f2de73a26676bd2b3fb7af83b97
824e5e6151075e795344346f116467aa22e01709179943bd1d6cea2fbcea4824
GET /Scripts/APIScripts/APICookieFunctions.min.js?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "8d9a13e04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 515
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4
185.222.108.79200 OK 716 B URL HTTP/2 www.motenorskejenter.com/Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with CRLF line terminators
Hash af9e146a5236ee89a3ca7335033bc2c6
ed66ea42374c5427ef228abff24495380fbf0c9d
7beebfb0406f5f2dbafd4d46d9ad53ae25b5c6004fa12c24f77b3cddc00b40a7
GET /Landers/GetJavascript/1325?countryId=160&c=d3d11de7-e90d-45cc-a651-e37d54e4f3e4 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Wed, 07 Dec 2022 23:02:20 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 716
X-Firefox-Spdy: h2
www.motenorskejenter.com/Scripts/ExternalScoringService/ExternalScoringService.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 484 B URL HTTP/2 www.motenorskejenter.com/Scripts/ExternalScoringService/ExternalScoringService.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (500)
Hash 6b53b65cce940f1d71a3d21a06d88aef
9e903f441d3b6a7a1c6adb9a0ce1d79a7cefb9f5
9e67aa64d97d39c52cdfdff6f2a79af415f1a39f4871099d0728727a31c5f62e
GET /Scripts/ExternalScoringService/ExternalScoringService.min.js?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=7776000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:57 GMT
accept-ranges: bytes
etag: "66494fe04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 484
X-Firefox-Spdy: h2
www.motenorskejenter.com/Scripts/ExternalScoringService/EHawkTalon.js?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 17 kB URL HTTP/2 www.motenorskejenter.com/Scripts/ExternalScoringService/EHawkTalon.js?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (22228), with CRLF line terminators
Hash 0e64756cd3ae508f4bbb1d3e983d6ec9
8d5a6f62cfa307827db2f53b582c552db0e7ff57
efefe1d4bc68844f7f4686d8ee5f4da92f99506bb769dc565aee8412a9c0653d
GET /Scripts/ExternalScoringService/EHawkTalon.js?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=7776000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:57 GMT
accept-ranges: bytes
etag: "20864ee04ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 17439
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=GCOnLoadCallBack
142.250.74.132200 OK 578 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=GCOnLoadCallBack
IP 142.250.74.132:0
File type ASCII text, with very long lines (909), with no line terminators
Hash bcf24f0dad66b5d5917f5e7445be1d90
776e5e391cb239b99ab4ecb1c5af65552559d336
5bf5a4bab8fa450d9833e719d5fd2355fe7ab576a159ab013de9e29bccd5059f
GET /recaptcha/api.js?onload=GCOnLoadCallBack HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Dec 2022 03:15:05 GMT
date: Fri, 09 Dec 2022 03:15:05 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 578
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-P3PN8TQ
142.250.74.168200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P3PN8TQ
IP 142.250.74.168:0
File type ASCII text, with very long lines (6140)
Hash 5863229776a56bdd0e6246403fdd08be
597c2ffe3a1845d0c8d7b94da7122329c5cd1719
0de93d62682f9b7e2f3137916298ebdf6b7ff0ec5cb7ecdbc304ceae5387ed62
GET /gtm.js?id=GTM-P3PN8TQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 03:15:05 GMT
expires: Fri, 09 Dec 2022 03:15:05 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65483
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.motenorskejenter.com/Scripts/jquery-3.1.1.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 40 kB URL HTTP/2 www.motenorskejenter.com/Scripts/jquery-3.1.1.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Unicode text, UTF-8 text, with very long lines (65266)
Hash a41c4155df999613d1ffc5cbc8beab8d
cbca27587222173118ee6245c870d6cd9668b3b7
c2068251a72fc8259ceb1f6a1eb20c6860c81761e14a13e1e131a07fe4985bce
GET /Scripts/jquery-3.1.1.min.js?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=7776000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "d88effdf4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 39515
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TBF4SKT&l=newDataLayer
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TBF4SKT&l=newDataLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 178e18303a45ee8f5c77f4e0804c3edf
0553da1ad62d6e4596aaf1164735ccebf8b346fc
2f4b1a148f9b7b9eea1fbe9c7141d256e2b026d0326add87db6867c9a771189c
GET /gtm.js?id=GTM-TBF4SKT&l=newDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 03:15:05 GMT
expires: Fri, 09 Dec 2022 03:15:05 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf
185.222.108.79200 OK 13 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type PNG image data, 241 x 217, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b71759f08141db8fdbe17cf10554ffd
5d9cc4cd25a359dfaacc3fc32e57ee6e303f0051
c134236c058b0fc67e1b0c9ff2677bba26d61403e77627f4c897f21183562ecb
GET /Landers/DisplayImage/2020_1325_160_sprite-icons.png?c=8858dd8b-f1fa-40b9-b955-a840010ca6cf HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:43 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 13297
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57
185.222.108.79200 OK 22 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x1250, components 3\012- data
Hash 42ff332b55cd131984c597327ed43dea
7fb54e1d6cd6f75a5202bf58cc5db9bf882df832
cd06ea0c96a20ff45504ae1c57d50416e5de0aa2f4ac2c8124d2146b75da77b8
GET /Landers/DisplayImage/2020_1325_160_spritethumbs.jpg?c=91e46f4d-1aa4-4aaa-87fb-db9fa5f5aa57 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:49 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 22262
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3
185.222.108.79200 OK 26 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Hash 2516f50dc3ef7805aab58c61bdb56795
e0e191429642aabc0f9cd14c2dd41ab4f77faa19
4a4e1e3da45aacaf275a732805c2295778b1270c492493b28b56eb4b26963777
GET /Landers/DisplayImage/2020_1325_160_imageslide02.jpg?c=eb28dad9-e8c4-4a09-b74f-980819c070f3 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:11 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 25722
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8
185.222.108.79200 OK 37 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Hash 17b23ee00b30b0d9dc2ed950d8417f7e
017617fef4a0e7cb2785975b0ef917d448b25407
2e21c332f1c02b7e494e57705bb294ca8ff159a88e00e911e8dde292e67ae814
GET /Landers/DisplayImage/2020_1325_160_imageslide01.jpg?c=51adcfdb-6b8d-48d1-85f8-4ad601e09fc8 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:07 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 36686
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0
185.222.108.79200 OK 37 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Hash e15aed53b2e37eb06758351ca0827ae1
7d38e0c356827fdd6e17f61c4dc7430d49ac35af
78b30456af5d324e7f47781001acd8bd748828782570c716de37f99c7556fe4c
GET /Landers/DisplayImage/2020_1325_160_imageslide03.jpg?c=dc692280-edb5-4a0e-a356-260cf8b01cf0 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:16 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 36739
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide04.jpg?c=62b5a52c-7c0a-476a-ab5c-41b40f6ab373
185.222.108.79200 OK 27 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_imageslide04.jpg?c=62b5a52c-7c0a-476a-ab5c-41b40f6ab373
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x604, components 3\012- data
Hash 9840627b617a3dff4e3e93c839c2a045
9745370bdb912c7e7ee33bf56510be449e67d3c5
c13974fb4021aab1322a35a242c8000abf760064cbbca6ede007165a3b27238e
GET /Landers/DisplayImage/2020_1325_160_imageslide04.jpg?c=62b5a52c-7c0a-476a-ab5c-41b40f6ab373 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/jpeg
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:21 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 27446
X-Firefox-Spdy: h2
www.motenorskejenter.com/Content/Landers/webfonts/fa-solid-900.woff2
185.222.108.79200 OK 118 kB URL HTTP/2 www.motenorskejenter.com/Content/Landers/webfonts/fa-solid-900.woff2
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type Web Open Font Format (Version 2), TrueType, length 117536, version 329.-17761\012- data
Size 118 kB (117536 bytes)
Hash e57324a466c24a207fd9ad0f5f5e3c9c
2f9b04644e684a6bb1033e297cc474c57aa267f2
5538a328926c9517ffb8670fccce94f6137d58c21ff4b10ecd772abfa16a012b
GET /Content/Landers/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.motenorskejenter.com/Content/Landers/fontawesome/fontawesome-all.min.css?v=4a0107555464a01765bee1ed354489d6e7253709
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/font-woff2
last-modified: Fri, 29 Jul 2022 13:26:55 GMT
accept-ranges: bytes
etag: "771516df4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:04 GMT
content-length: 117536
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:400,700&display=swap
142.250.74.106200 OK 928 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:400,700&display=swap
IP 142.250.74.106:0
Hash 24129eb351eedc0b6fcf3488c990c4ac
b2ad816ca5650d866b66d7e008379137ffad5692
1a07b71191f988682e9f20ccc2a0102d50459384e18280cdac1a098e358b5485
GET /css?family=Poppins:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 03:15:05 GMT
date: Fri, 09 Dec 2022 03:15:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:28:50 GMT
expires: Thu, 07 Dec 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 114375
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 12:29:21 GMT
expires: Fri, 08 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 53144
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.motenorskejenter.com/Scripts/APIScripts/APIcaller.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 1.8 kB URL HTTP/2 www.motenorskejenter.com/Scripts/APIScripts/APIcaller.min.js?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type ASCII text, with very long lines (5619), with no line terminators
Hash be2155e78cbc346e4139dc17be34ba92
e137c72ee25a8d81afbc3d9800273f5107131709
bb47f2239f18751800f5ad99823380b4370d7afc4e8d8ac642a6b5cef01c92bd
GET /Scripts/APIScripts/APIcaller.min.js?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 13:26:56 GMT
accept-ranges: bytes
etag: "05081df4ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:05 GMT
content-length: 1760
X-Firefox-Spdy: h2
www.motenorskejenter.com/views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=4a0107555464a01765bee1ed354489d6e7253709
185.222.108.79200 OK 1.2 kB URL HTTP/2 www.motenorskejenter.com/views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=4a0107555464a01765bee1ed354489d6e7253709
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 667f44f56e8a33771a7972f4d34c826e
2aea5fada9366377348fea3da3c4e1a30bd3c8a6
35007e3b9b76d719e791ca2316c7ad245430b9f2ad2be20ecb3e816246d50551
GET /views/_customs/_bpb/ml/mle9/main/images/favicon.ico?v=4a0107555464a01765bee1ed354489d6e7253709 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=7776000
content-type: image/x-icon
last-modified: Fri, 29 Jul 2022 13:27:10 GMT
accept-ranges: bytes
etag: "9fe70e84ea3d81:0"
vary: Accept-Encoding
server: httpd
x-powered-by:
x-aspnet-version:
date: Fri, 09 Dec 2022 03:15:05 GMT
content-length: 1150
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:40:02 GMT
expires: Thu, 07 Dec 2023 13:40:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 135303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/GetEmailProviders?countryId=160
185.222.108.79200 OK 2.6 kB URL HTTP/2 www.motenorskejenter.com/Landers/GetEmailProviders?countryId=160
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type JSON data\012- , ASCII text, with very long lines (2584), with no line terminators
Hash 2c307d337e2268c62f138b71595b0964
836736e096e8a8e4c4e8ceaa5bace5c61b3533ec
723a876f3c193e870165ab4e1659656d5bbc6dcb7d832054f843e42129f458a0
GET /Landers/GetEmailProviders?countryId=160 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/9794790840AA597AD55227C7E49165FDF252718EB970B763689A80A816895291?p=363067&prid=1767487&nas=6392a8381a953400015672b5&pi=314_631__
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c; _gcl_au=1.1.1884507660.1670555705
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: application/json; charset=utf-8
expires: Fri, 08 Dec 2023 15:00:21 GMT
last-modified: Wed, 07 Dec 2022 23:00:58 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:05 GMT
content-length: 2584
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707
185.222.108.79200 OK 2.0 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type PNG image data, 80 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a66304dbc6330dea9bce47045e8cd47
3a20238c81257043a91a84e950d63cd7e6918408
a68f73561fe094b562c154813d9a7938790f09f3366eac11bae2e1bc01de0ada
GET /Landers/DisplayImage/2020_1325_160_bgbtnfemale.png?c=0b9166df-ff27-42e5-8775-8a5e655e4707 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c; _gcl_au=1.1.1884507660.1670555705
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:25 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:05 GMT
content-length: 2003
X-Firefox-Spdy: h2
www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70
185.222.108.79200 OK 1.9 kB URL HTTP/2 www.motenorskejenter.com/Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70
IP 185.222.108.79:0
ASN #205316 Supporta Interactiva B.V.
File type PNG image data, 80 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 26c0a0d619be855ef507fe2682d92d03
de0a3621d65a3c9f5d4006542643bf1941095634
986e8143ddc49d4587ab23ce2c8f9b9fe0ec54052ddd70dd86b43c58f5bf3dd8
GET /Landers/DisplayImage/2020_1325_160_bgbtnmale.png?c=a0112eee-72f1-435d-8b69-316fab07ad70 HTTP/1.1
Host: www.motenorskejenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/landers/getcss/1325?countryId=160&c=2e3f1b5a-eed3-4347-8d8e-6be91cea9ed2
Cookie: ma=QQkQQskW2pZBc2nYHIp2hHlxG-G_2uttM1RwREZttTdX1GtpqH3dayTqFzCqdX0Bjsedm3c4YOckjfPWwdQ7MGeE-2g7Qw5aOqpo1vA4MGxNuCZfqPTkFPPTLunCyBw7hbvcsxt96qY8m0CpAHSPzWDWhAA6aMzbgNJc3iWWERZp1G_INWPdIdKeezbZ4BnKkandXefzN5aXkSgmoz03p6Tynm73CcVa81JAhpHZycw1; MCC=UPC4MYg8SoDvoIY3BHQWLRnxhSZAmajaZjaFLYmNNapfwXSih4kWbINuVJM9Ois9s2qzKSwZ6lRKOKKebB9MFjBSchN3H1Z9kjO17nVQ8v4eVo1rxCbfLvRMLANOzVuB4PNwBXbLY8aLEONPWSM-G9I-OqWXzPWEb8l7YIS7bxHCPIk9Zku4aMkJA84arEvN0Wald1yWtJwwC8o5yRuphYAvfDwHJHgp9C7zcYmYqJ_HdUFVsw08CsrbziEjm6NPuK63HGZNm16A6gVewAk0B6OZnynCPtIjDaM1pZBm2RXV5ognomg0to81J8Tgea-4jBbj_5aKh1OKt19ZBk_SbKwGVZNR-7csOrywB9CPcvZiMDYv_2sCy_WkZk1jHqZMVZcB62KrIkhR8pgd-J-uoP8y5r1gFCYRk4QUsExssYZ0wyneeX6dUh5dK4udn1gt0; __RequestVerificationToken=Psk-2pUtCBRIWOgAodUrxkfncYDiAnJq1ak6tSHuwP0trGl0ct-Ea7Rr5rWxeMI7KFEEIXmPxf9wMeeOftE-vImYBQjrEK3MKtS-KBhWIHc1; ARRAffinity=91179fc9dc2267220e82d49291254969a2acf2a7408884c46bcbb9f1b89c132c; _gcl_au=1.1.1884507660.1670555705
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, no-transform, max-age=31536000
content-type: image/png
expires: Fri, 08 Dec 2023 19:42:14 GMT
last-modified: Mon, 23 Nov 2020 15:34:34 GMT
vary: Accept-Encoding
server: httpd
x-aspnet-version:
x-powered-by:
date: Fri, 09 Dec 2022 03:15:05 GMT
content-length: 1921
X-Firefox-Spdy: h2
ads.exoclick.com/tag_gen.js
205.185.216.10200 OK 515 B URL HTTP/1.1 ads.exoclick.com/tag_gen.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (1030), with no line terminators
Hash 628e0302068ade64b5f411f39d5ce7e5
ff1a609269f34bad5ae67ed1678df3f7b905d018
c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f
GET /tag_gen.js HTTP/1.1
Host: ads.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 03:15:06 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1670555706.dop014.sk1.t,1670555706.cds012.sk1.shn,1670555706.dop014.sk1.t,1670555706.cds251.sk1.c
Access-Control-Allow-Origin: *, *
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 02:46:55 GMT
expires: Fri, 09 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 1691
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-69440332-16&cid=327014111.1670555705&jid=1674424245&gjid=652700775&_gid=1891213622.1670555705&_u=YEBAAAAAAAAAAC~&z=665045150
108.177.14.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-69440332-16&cid=327014111.1670555705&jid=1674424245&gjid=652700775&_gid=1891213622.1670555705&_u=YEBAAAAAAAAAAC~&z=665045150
IP 108.177.14.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-69440332-16&cid=327014111.1670555705&jid=1674424245&gjid=652700775&_gid=1891213622.1670555705&_u=YEBAAAAAAAAAAC~&z=665045150 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.motenorskejenter.com
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.motenorskejenter.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 03:15:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69440332-16&cid=327014111.1670555705&jid=1674424245&_u=YEBAAAAAAAAAAC~&z=492578932
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69440332-16&cid=327014111.1670555705&jid=1674424245&_u=YEBAAAAAAAAAAC~&z=492578932
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69440332-16&cid=327014111.1670555705&jid=1674424245&_u=YEBAAAAAAAAAAC~&z=492578932 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.motenorskejenter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 03:15:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 03:15:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN