{"report_id":"5e65b11e-e262-47c0-82df-7b3c3e32d3c2","version":6,"status":"done","tags":[],"date":"2024-06-03T20:38:45Z","url":{"schema":"http","addr":"fly.bluejaymobi.com/click?offer_id=85064\u0026pid=3554\u0026sub2=Cdbb99037afb50\u0026sub5=19116\u0026sub6=https://pcsx4.com/\u0026sub7=https://d1ydwcc58seja0.cloudfront.net/public/ct?cpguid=\u0026pr=0\u0026it=409121\u0026w=2560\u0026h=1392\u0026key=59856\u0026m=0\u0026r=%1D%01%01%05%06OZZ%05%16%06%0DA[%16%1A%18Z","fqdn":"fly.bluejaymobi.com","domain":"bluejaymobi.com","tld":"com"},"ip":{"addr":"172.67.176.182","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"title":"Action Blocked!"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T14:26:47Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"openvisiting.com","ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":8,"received_data":84697,"sent_data":4507,"comment":"","tags":null,"fingerprints":null},{"fqdn":"wurfl.io","ip":{"addr":"13.51.49.85","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"domain_registered":"2014-03-25","domain_rank":17880,"first_seen":"2014-04-09 15:37:32","last_seen":"2024-06-01 21:17:55","alert_count":0,"request_count":1,"received_data":2213,"sent_data":392,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2024-06-02 19:33:00","alert_count":0,"request_count":1,"received_data":14661,"sent_data":472,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mdm.eumarkdepot.com","ip":{"addr":"216.104.36.158","port":0,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"domain_registered":"2021-10-11","domain_rank":0,"first_seen":"2024-01-24 11:19:28","last_seen":"2024-02-28 23:13:57","alert_count":0,"request_count":1,"received_data":1542,"sent_data":562,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":634,"first_seen":"2012-05-21 19:28:02","last_seen":"2024-06-03 07:03:25","alert_count":0,"request_count":1,"received_data":30925,"sent_data":410,"comment":"","tags":null,"fingerprints":null},{"fqdn":"get.geojs.io","ip":{"addr":"104.26.0.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-18","domain_rank":17418,"first_seen":"2017-03-30 20:44:25","last_seen":"2024-06-02 23:45:28","alert_count":0,"request_count":1,"received_data":56540,"sent_data":404,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2024-06-03 01:00:17","alert_count":0,"request_count":3,"received_data":50023,"sent_data":1565,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fly.bluejaymobi.com","ip":{"addr":"104.21.35.146","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":770,"sent_data":707,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cpa.gbengene.com","ip":{"addr":"34.90.81.51","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2021-06-18","domain_rank":0,"first_seen":"2021-06-25 08:20:23","last_seen":"2021-06-25 08:20:23","alert_count":0,"request_count":1,"received_data":579,"sent_data":566,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mediaservingoc.com","ip":{"addr":"95.217.42.163","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"2024-02-21","domain_rank":0,"first_seen":"2024-02-21 09:22:49","last_seen":"2024-03-26 22:05:04","alert_count":1,"request_count":1,"received_data":646,"sent_data":725,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T20:38:21Z","timestamp":1717447101,"ip_dst":{"addr":"104.26.0.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51996,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI","source":"{\"timestamp\":\"2024-06-03T20:38:21.614474+0000\",\"flow_id\":1242455282105882,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":51996,\"dest_ip\":\"104.26.0.100\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2039595,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2022_10_28\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_10_28\"]}},\"tls\":{\"sni\":\"get.geojs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":914,\"bytes_toclient\":5262,\"start\":\"2024-06-03T20:38:21.605722+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-06-03T20:38:21Z","timestamp":1717447101,"ip_dst":{"addr":"104.26.0.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51996,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI","source":"{\"timestamp\":\"2024-06-03T20:38:21.614474+0000\",\"flow_id\":1140393974251034,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.3\",\"src_port\":51996,\"dest_ip\":\"104.26.0.100\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2039595,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2022_10_28\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_10_28\"]}},\"tls\":{\"sni\":\"get.geojs.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":914,\"bytes_toclient\":5262,\"start\":\"2024-06-03T20:38:21.605722+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"mediaservingoc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"e67906ab4373125a18eb2b5a75f59bd2","sha1":"58ed4e16ee46029764b9e9faef0e08a6c2c3be5e","sha256":"c38ba39cea630681f6bdc6acc7eade251530622bc6f10dda7f1fd77af189a1df","sha512":"789dcdcfc69f5ae890dfb33d285626129e12879a59baa155468a4256641dc3f23433ff6f5af1a6456ca594e6fa01f325ef4edaf6b52b6315129839267275f5b3","ssdeep":"","tlshash":"67500000000300030000000c0000000030000003033000000c0000c00003c00330000c","size":6,"data":"","first_seen":"2023-03-07T13:46:59Z","last_seen":"2026-04-08T10:58:17.23461Z","times_seen":2013,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.geojs.io/v1/ip/country.js","fqdn":"get.geojs.io","domain":"geojs.io","tld":"io"},"ip":{"addr":"104.26.0.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"556a4c662d7a21ece8d6b3307033d9a6","sha1":"5611699ae304503cfb0484da581258aa66af23bf","sha256":"9d5b00990d47b0f7347971e11ff2b42e98c3648528baf1a28df1aa919caca061","sha512":"dbfbdd1d235677b2f1d5793e96e6f1e84fb5f6113f272da9238f5baa378108c7705964e2dfeedb80f6506d33d692a5a5074afe1d99a85af15bd0b0281fdd0995","ssdeep":"","tlshash":"ceb0123d2024cf19dc788a4c7833ad7333850705812f441048c4cb071a444f80324044","size":82,"data":"","first_seen":"2024-02-25T03:29:57Z","last_seen":"2024-08-31T08:32:39.468533Z","times_seen":228,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wurfl.io/wurfl.js","fqdn":"wurfl.io","domain":"wurfl.io","tld":"io"},"ip":{"addr":"13.51.49.85","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e56ee18d87f62dc6297b5d332d1b081","sha1":"63b4003113f47f2602ac99e828ebf7d615dac68f","sha256":"2bf5cac174101bde02ebd7664e6dac3f41c3206a3aee299ca2153f4e96d5fd9e","sha512":"7bfcc74ad4b18d6aaecae81668aa61a56ac56e3c93d9a51498aca9de72a6b74bed25451ee1d664f55a4d72a2a1a2126b287d8aeffb2265bcbc43f54ca9d1554b","ssdeep":"96:JSSxNvbsXtA5Slu/wyJ/nfO0j4lzlGAelBJl+dl9YlIaP6SMW7mPF+G:o27/w8Pkpc7J0XY2U6SMPEG","tlshash":"d781958af2c2e863c219987713db741e773341869896899930f5cbd48d7e47b0926bf1","size":3977,"data":"","first_seen":"2024-03-24T12:36:23Z","last_seen":"2024-12-30T04:12:41.499725Z","times_seen":947,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7e918bf5b597d0d996dc1bbf961b82ec","sha1":"090ef5932117ff1710e542f3960ac373c21405a1","sha256":"ab28104af480202e38484d2b456e6cb8056c6e584173db44e541ef8f3c3f34e4","sha512":"7087ab20131d8ebb399945c03b27aa05bc6a0d72d46a0bc305a029d508c647411ec8afe8a285293077bf0957df122b1b35510405565e3935ffc4904b926241b0","ssdeep":"","tlshash":"bfc0125f680b44512852183034021256706d7c130b4cb88bb932e0d9159905b15db67c","size":172,"data":"","first_seen":"2024-08-19T20:52:41.134716Z","last_seen":"2024-08-19T20:52:41.134716Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/script.js","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8e8ad12b42350341e870a648dbfa1363","sha1":"6a5ce0d03d3d8b244a4671a824131b19cbade987","sha256":"252b35641180eb6f5ef167a3abf6dcef81b012f3d902cc0f46bb009fcd6451b5","sha512":"02d909cd85b407db8e82aaeea527f6edde1cf23ba44553c66f8c936ca4de59a591a8fe19a7e399584b9e827493aa1eed2c80e0ce1543f8030be438325b9b7476","ssdeep":"","tlshash":"b141ce0f706816b99e63fe28977e440a36b732046212c611fd5c6d810b9e67cf6e12fd","size":2029,"data":"","first_seen":"2024-02-25T03:29:57Z","last_seen":"2026-01-10T10:45:05.643882Z","times_seen":920,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-09T13:23:34.590283Z","times_seen":138160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"fly.bluejaymobi.com/click?offer_id=85064\u0026pid=3554\u0026sub2=Cdbb99037afb50\u0026sub5=19116\u0026sub6=https://pcsx4.com/\u0026sub7=https://d1ydwcc58seja0.cloudfront.net/public/ct?cpguid=\u0026pr=0\u0026it=409121\u0026w=2560\u0026h=1392\u0026key=59856\u0026m=0\u0026r=%1D%01%01%05%06OZZ%05%16%06%0DA[%16%1A%18Z","fqdn":"fly.bluejaymobi.com","domain":"bluejaymobi.com","tld":"com"},"ip":{"addr":"104.21.35.146","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-03T20:38:20.038277522Z","timestamp":1717447100038,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /click?offer_id=85064\u0026pid=3554\u0026sub2=Cdbb99037afb50\u0026sub5=19116\u0026sub6=https://pcsx4.com/\u0026sub7=https://d1ydwcc58seja0.cloudfront.net/public/ct?cpguid=\u0026pr=0\u0026it=409121\u0026w=2560\u0026h=1392\u0026key=59856\u0026m=0\u0026r=%1D%01%01%05%06OZZ%05%16%06%0DA[%16%1A%18Z HTTP/1.1\r\nHost: fly.bluejaymobi.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 03 Jun 2024 20:38:20 GMT\r\ncontent-length: 0\r\nlocation: https://cpa.gbengene.com/click?pid=1373\u0026offer_id=78348\u0026sub5=3554_19116\u0026sub3=85064\u0026sub4=%5BPIN%5D+PL++Access+to+XRAcademy\r\nx-adjust-use-original-forwarded-for: 1\r\nreferer: \r\nreferrer-policy: no-referrer\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=oRWYOSmOElnPviwFvgvyW0TfRqfv4wKCoboZaAWaISvVnL1AMPwUWDuN54VP62ZgeqMnWS%2B6rAg2JmmdV%2FlknDkH2BT6b5BNPr4eOnq8SpjiE4dz7Te44uREecW30nAjk3YEG7Dj\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 88e27c76cc975687-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T13:28:35.973848Z","times_seen":13540758,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"cpa.gbengene.com/click?pid=1373\u0026offer_id=78348\u0026sub5=3554_19116\u0026sub3=85064\u0026sub4=%5BPIN%5D+PL++Access+to+XRAcademy","fqdn":"cpa.gbengene.com","domain":"gbengene.com","tld":"com"},"ip":{"addr":"34.90.81.51","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-03T20:38:20.407131262Z","timestamp":1717447100407,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /click?pid=1373\u0026offer_id=78348\u0026sub5=3554_19116\u0026sub3=85064\u0026sub4=%5BPIN%5D+PL++Access+to+XRAcademy HTTP/1.1\r\nHost: cpa.gbengene.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Mon, 03 Jun 2024 20:38:20 GMT\r\ncontent-length: 0\r\nlocation: https://mdm.eumarkdepot.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472\u0026utm_campaign=Main\u00261=1373_3554_19116\u0026cid=665e29bcb34b940001dcf500\r\nx-adjust-use-original-forwarded-for: 1\r\nreferer: \r\nreferrer-policy: no-referrer\r\nset-cookie: afclick=665e29bcb34b940001dcf500; expires=Tue, 03 Jun 2025 20:38:20 GMT; secure; SameSite=None\nafoffers={\"78348\":1717447100}; expires=Tue, 03 Jun 2025 20:38:20 GMT; secure; SameSite=None\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T13:28:35.973848Z","times_seen":13540758,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mediaservingoc.com/click.php?key=glg0el5milh3xjhb2jhu\u0026subid=M7376379127126818886\u0026partner_id=20961\u0026pid=20961-f319d943-354e3016\u0026campaign_id=9626e6\u0026browser=Firefox\u0026device=Mozilla+Firefox\u0026app_name=unknown\u0026geo=NO\u0026carrier=NO+WiFi\u0026pcid=9626e6_20961-f319d943-354e3016\u0026pg=20961-NO","fqdn":"mediaservingoc.com","domain":"mediaservingoc.com","tld":"com"},"ip":{"addr":"95.217.42.163","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-03T20:38:21.180Z","timestamp":1717447101180,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mediaservingoc.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Apr 2024 19:41:20 GMT","end":"Sat, 20 Jul 2024 19:41:19 GMT"},"fingerprint":{"sha1":"5F:3A:2A:6B:6A:18:7A:54:45:E7:19:86:E9:B2:FD:20:A2:53:EC:C9","sha256":"42:F3:21:8B:75:F3:95:F1:0B:63:00:33:8E:4A:02:27:20:6C:2F:76:4D:B7:4C:F6:87:F7:2C:A7:34:00:A4:B4"}}},"request":{"raw":"GET /click.php?key=glg0el5milh3xjhb2jhu\u0026subid=M7376379127126818886\u0026partner_id=20961\u0026pid=20961-f319d943-354e3016\u0026campaign_id=9626e6\u0026browser=Firefox\u0026device=Mozilla+Firefox\u0026app_name=unknown\u0026geo=NO\u0026carrier=NO+WiFi\u0026pcid=9626e6_20961-f319d943-354e3016\u0026pg=20961-NO HTTP/1.1\r\nHost: mediaservingoc.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx/1.26.0\r\nDate: Mon, 03 Jun 2024 20:38:21 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nSet-Cookie: uclick=g6ft1n3y; expires=Tue, 04-Jun-2024 20:38:21 GMT; Max-Age=86400; path=/; secure; SameSite=none\nuclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07; expires=Tue, 04-Jun-2024 20:38:21 GMT; Max-Age=86400; path=/; secure; SameSite=none\r\nLocation: https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07\r\nStrict-Transport-Security: max-age=31536000\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T13:28:35.973848Z","times_seen":13540758,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":87,"dns":0,"connect":27,"send":0,"wait":60,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-03","alert":"Sinkholed","trigger":"mediaservingoc.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"mdm.eumarkdepot.com/favicon.ico","fqdn":"mdm.eumarkdepot.com","domain":"eumarkdepot.com","tld":"com"},"ip":{"addr":"216.104.36.158","port":0,"asn":32475,"as":"SINGLEHOP-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-03T20:38:21.437517253Z","timestamp":1717447101437,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: mdm.eumarkdepot.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mdm.eumarkdepot.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472\u0026utm_campaign=Main\u00261=1373_3554_19116\u0026cid=665e29bcb34b940001dcf500\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\nserver: nginx\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1150\r\nlast-modified: Fri, 11 Aug 2023 10:37:02 GMT\r\netag: \"64d60f4e-47e\"\r\nexpires: Tue, 04 Jun 2024 20:38:21 GMT\r\ncache-control: max-age=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nalt-svc: h3=\":443\"; ma=604800; persist=1\r\naccept-ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1150,"size_decoded":1150,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"91abe01116ab422c598e9c8af72cf4da","sha1":"0f2815fe8e067d48537ad168225ab4674271fa27","sha256":"b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc","sha512":"a4d5b20c3014153b6b382c43404917bd2cb5bd2a59bb1e981f5a19eb7dbdec185ace288e9700428d24e5ac623e45d04905e706f0c45a1642b1aa6c091213c23c","ssdeep":"","tlshash":"172122f879c64fb4c438be3f3c4a9ae5ea70aa35efa0831316030446d42dbfd0825595","first_seen":"2023-04-05T07:36:26Z","last_seen":"2026-04-08T05:45:17.162171Z","times_seen":5060,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/images/arrow.png","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.592Z","timestamp":1717447101592,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openvisiting.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 16:12:59 GMT","end":"Wed, 14 Aug 2024 16:12:58 GMT"},"fingerprint":{"sha1":"9C:4F:CA:60:E9:D2:4D:BB:8B:63:12:A3:FC:EF:CA:2A:6E:1E:77:BB","sha256":"45:91:F1:B0:44:B1:FE:B4:9B:F1:12:99:1A:59:85:D9:B8:41:79:F0:84:6C:C3:96:21:17:02:A8:53:FA:54:0F"}}},"request":{"raw":"GET /3p/images/arrow.png HTTP/1.1\r\nHost: openvisiting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 2938\r\nlast-modified: Sun, 04 Feb 2024 19:21:22 GMT\r\netag: \"65bfe3b2-b7a\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1588\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=mlWPLLLhS%2FLVF8bpnlwfVF8eEBocUQn6vgyFkCsc7tamojFAw57dpWA%2B3Uox2bZHBUgvlPybdtI%2Bn9VNxeMlfL3QkCGnrMBKWLMmhIg%2FXKGK7mwq57bznhOvkT%2FYeeGlrve%2F\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e27c80e81e568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2938,"size_decoded":2938,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"d190208ba37115f53c9a9057a130fcf3","sha1":"5019f7d77731be18d40c89b746a247af4eb91853","sha256":"25da48f054c6205c8c98783dcf2ca52813c0448180f5313fd17c95604d2ab901","sha512":"7b71b4ec16f18e170556253c236f5e9fd7bee6e70398a17a97bdb0b886d1474c263e7abf9f8d9c0e0fd3c5264574db48761708daa314c5e0dedccc10d909ca43","ssdeep":"","tlshash":"5b514aeff1e8ac66ce6051ab5b903c7124541fede84699a2007aba965a72a0cb3050c4","first_seen":"2024-02-25T03:29:58Z","last_seen":"2026-01-10T10:45:05.635203Z","times_seen":921,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/images/check.png","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.591Z","timestamp":1717447101591,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openvisiting.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 16:12:59 GMT","end":"Wed, 14 Aug 2024 16:12:58 GMT"},"fingerprint":{"sha1":"9C:4F:CA:60:E9:D2:4D:BB:8B:63:12:A3:FC:EF:CA:2A:6E:1E:77:BB","sha256":"45:91:F1:B0:44:B1:FE:B4:9B:F1:12:99:1A:59:85:D9:B8:41:79:F0:84:6C:C3:96:21:17:02:A8:53:FA:54:0F"}}},"request":{"raw":"GET /3p/images/check.png HTTP/1.1\r\nHost: openvisiting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 2649\r\nlast-modified: Sun, 04 Feb 2024 19:21:22 GMT\r\netag: \"65bfe3b2-a59\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1588\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=nZdA0%2FdzbFs2%2BfIv1Kg6sWmTs1UfyfUZwNxtGc2CZJVun6PbT1PzRY1mSkW0DY1IY0mo415M17wbSX7Fhcf0igwfk7Wdn7UOH7wkn5UbelZ2m36yDOsL0Dv7Getq5ZWIfH2%2B\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e27c80e81d568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2649,"size_decoded":2649,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"c0879fd8363b5549b2ed0cec9b042b3b","sha1":"abeba0b0e5727a368e6bc963aecad9da8ec6f341","sha256":"7879caae870090c87c28a02d608dd25d1988b6887c30f5ea99a3777964d905f5","sha512":"3bb3b047e2d68c665bb05350c65decd23eba42831fcd85a79e9d928b25447e47d5186b3727047858deb4b9f0a5f832236851f308d4bcc8accb07d65a9db76728","ssdeep":"","tlshash":"c8513b1ca2e2b1684b990696364c2ac1bc06ea14dc040f9bc799010d5ee87bc4d2f656","first_seen":"2024-02-25T03:29:58Z","last_seen":"2026-01-10T10:45:05.643102Z","times_seen":921,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/images/logo.png","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.590Z","timestamp":1717447101590,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openvisiting.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 16:12:59 GMT","end":"Wed, 14 Aug 2024 16:12:58 GMT"},"fingerprint":{"sha1":"9C:4F:CA:60:E9:D2:4D:BB:8B:63:12:A3:FC:EF:CA:2A:6E:1E:77:BB","sha256":"45:91:F1:B0:44:B1:FE:B4:9B:F1:12:99:1A:59:85:D9:B8:41:79:F0:84:6C:C3:96:21:17:02:A8:53:FA:54:0F"}}},"request":{"raw":"GET /3p/images/logo.png HTTP/1.1\r\nHost: openvisiting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 3210\r\nlast-modified: Sun, 04 Feb 2024 19:21:22 GMT\r\netag: \"65bfe3b2-c8a\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1588\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=P3%2BC2R9KDbWcVUJIUa1mRjb7%2BwFAOmXIhBqP5BfqJMr9a8ZVGa76PhlDClXjQ5BBcBKDg8Kx4NMdGgawIKD6Er0P%2B6WWtxiam%2BJjmCyDFdkUcbZVDbxYlmHO3zn%2F%2FennU2EK\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e27c80e81c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3210,"size_decoded":3210,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"15a34b8fc618b2d90712f47874c211cc","sha1":"d1d998d74f30c2b5344de2f9f3f3ef4ac2fe03bb","sha256":"3be024377b052ad72a32aa5de6eabbddf6fd4168d4579cc865c872d8e57fca36","sha512":"fe23d9eec7b3c017278f36e80a5ab04e980052ed0e106932af950a826026ee2ad6eba068f7b0a8c11104db5e6a00d191c7892cd8737d92798336d88a1be0ff36","ssdeep":"","tlshash":"34612bc78380ed2ef5b6783ec057821bb1b01cd24c616621655e84a7d6b21b772ef483","first_seen":"2024-02-25T03:29:58Z","last_seen":"2026-01-10T10:45:05.646422Z","times_seen":921,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/script.js","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.578Z","timestamp":1717447101578,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openvisiting.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 16:12:59 GMT","end":"Wed, 14 Aug 2024 16:12:58 GMT"},"fingerprint":{"sha1":"9C:4F:CA:60:E9:D2:4D:BB:8B:63:12:A3:FC:EF:CA:2A:6E:1E:77:BB","sha256":"45:91:F1:B0:44:B1:FE:B4:9B:F1:12:99:1A:59:85:D9:B8:41:79:F0:84:6C:C3:96:21:17:02:A8:53:FA:54:0F"}}},"request":{"raw":"GET /3p/script.js HTTP/1.1\r\nHost: openvisiting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 06 Feb 2024 10:52:54 GMT\r\netag: W/\"65c20f86-7ed\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1648\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=HYUM96jsynfgMvnqTu%2B1G5%2FQ8mYc%2FkI%2BEzBRawo3HD7UIRLbvQDUVEL4tK3WF8jMxq4e%2BUgesp15WAglOqbmMCHysg2tn2jsQViGBd0GJPtaVClAIg%2FO4vxiodfYNpUBEd91\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e27c80cff4568d-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1260,"size_decoded":2029,"mime_type":"application/javascript","magic":"assembler source, ASCII text","md5":"8e8ad12b42350341e870a648dbfa1363","sha1":"6a5ce0d03d3d8b244a4671a824131b19cbade987","sha256":"252b35641180eb6f5ef167a3abf6dcef81b012f3d902cc0f46bb009fcd6451b5","sha512":"02d909cd85b407db8e82aaeea527f6edde1cf23ba44553c66f8c936ca4de59a591a8fe19a7e399584b9e827493aa1eed2c80e0ce1543f8030be438325b9b7476","ssdeep":"","tlshash":"b141ce0f706816b99e63fe28977e440a36b732046212c611fd5c6d810b9e67cf6e12fd","first_seen":"2024-02-25T03:29:57Z","last_seen":"2026-01-10T10:45:05.643882Z","times_seen":920,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/style.css","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.586Z","timestamp":1717447101586,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openvisiting.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 16:12:59 GMT","end":"Wed, 14 Aug 2024 16:12:58 GMT"},"fingerprint":{"sha1":"9C:4F:CA:60:E9:D2:4D:BB:8B:63:12:A3:FC:EF:CA:2A:6E:1E:77:BB","sha256":"45:91:F1:B0:44:B1:FE:B4:9B:F1:12:99:1A:59:85:D9:B8:41:79:F0:84:6C:C3:96:21:17:02:A8:53:FA:54:0F"}}},"request":{"raw":"GET /3p/style.css HTTP/1.1\r\nHost: openvisiting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 02 Feb 2024 21:21:55 GMT\r\netag: W/\"65bd5cf3-ebe\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1648\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=M8gL5Owdi3%2BzEhRm1NBfS4lWG%2FB%2Bsv%2FaSEYUcWJ0oYOkgr%2BVpnUAArL%2FdpjdFJTpNnGjKgbgVEv34TSWgtkmT7fW9NZG8jm4t3%2FCscozON%2BfCabBbKYLyApABawQTsLHyqHD\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e27c80d802568d-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1612,"size_decoded":3774,"mime_type":"text/css","magic":"ASCII text","md5":"4fab41811a8c6b717a86f86ab4de0105","sha1":"06a085af05ca6879b83eac1498eead0ceddaadac","sha256":"8cc56e01ec04772b51e8d8a3f8e0cb740a44a501c992a37b10515001cef94d4c","sha512":"d6358c5282d76852bfbb1a7067e3f237dfcd648242fe2a2533debecfa7d589e23d85f2deb3c0b3c6d329653719bcb1f9fecd7fbbd2893eb825eba5331cc6d56f","ssdeep":"","tlshash":"5a711597daab5c8b7816d8a42b365781235d4013904bee7d7fb5329ccf840f442b274c","first_seen":"2024-02-25T03:29:57Z","last_seen":"2026-01-10T10:45:05.641323Z","times_seen":287,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.7.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.584Z","timestamp":1717447101584,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Tue, 11 Jul 2023 00:00:00 GMT","end":"Sun, 14 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"D2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D","sha256":"B1:CA:3A:23:BA:70:1D:18:3F:EC:99:D7:BE:6D:B2:FD:66:5F:5C:A7:7D:7F:C1:FC:16:D1:FD:89:4B:CC:15:34"}}},"request":{"raw":"GET /jquery-3.7.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-155ed\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\nage: 3304897\r\nx-served-by: cache-lga21978-LGA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 5, 497482\r\nx-timer: S1717447102.666840,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30336\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30336,"size_decoded":87533,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-04-09T13:23:34.590283Z","times_seen":138160,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":79,"dns":1,"connect":16,"send":0,"wait":13,"receive":6,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.geojs.io/v1/ip/country.js","fqdn":"get.geojs.io","domain":"geojs.io","tld":"io"},"ip":{"addr":"104.26.0.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.583Z","timestamp":1717447101583,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"geojs.io","organization":""},"issuer":{"commonName":"E1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 May 2024 03:56:39 GMT","end":"Wed, 07 Aug 2024 03:56:38 GMT"},"fingerprint":{"sha1":"C3:06:D9:51:7B:AF:AE:6F:83:04:6F:80:F3:39:B6:68:8F:E6:E5:1F","sha256":"02:50:84:28:1E:B7:E5:23:F7:6B:BF:4A:8E:07:F0:4F:3B:46:D1:70:92:5F:1D:9B:D0:0B:A7:6F:50:FB:17:82"}}},"request":{"raw":"GET /v1/ip/country.js HTTP/1.1\r\nHost: get.geojs.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nx-request-id: 10d82a7d01ff03e9ca696d82b94df136-AMS\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, private, max-age=0\r\nx-geojs-location: AMS\r\ncf-cache-status: BYPASS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Ojr5U9EKdccFw2RsTF5DjCW4q05vVlQlxLSKP0JF1J2aE0UuQ%2Fmb8LJbnvfWxTAnmgdAU5qoKohIzfVTLXnGjY1f%2BKK5hrGJ4um7H3Sifk5jv%2FF2pMHKVRmXeqxGVA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 88e27c81698db50b-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55604,"size_decoded":82,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"556a4c662d7a21ece8d6b3307033d9a6","sha1":"5611699ae304503cfb0484da581258aa66af23bf","sha256":"9d5b00990d47b0f7347971e11ff2b42e98c3648528baf1a28df1aa919caca061","sha512":"dbfbdd1d235677b2f1d5793e96e6f1e84fb5f6113f272da9238f5baa378108c7705964e2dfeedb80f6506d33d692a5a5074afe1d99a85af15bd0b0281fdd0995","ssdeep":"","tlshash":"ceb0123d2024cf19dc788a4c7833ad7333850705812f441048c4cb071a444f80324044","first_seen":"2024-02-25T03:29:57Z","last_seen":"2024-08-31T08:32:39.468533Z","times_seen":228,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":86,"dns":30,"connect":1,"send":0,"wait":69,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wurfl.io/wurfl.js","fqdn":"wurfl.io","domain":"wurfl.io","tld":"io"},"ip":{"addr":"13.51.49.85","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.581Z","timestamp":1717447101581,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wurfl.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 23 Aug 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"84:98:DD:3B:AF:04:6D:BB:FE:28:6C:10:1A:EF:71:B5:3C:48:38:97","sha256":"30:15:AF:25:12:C1:4B:5F:46:FB:23:BD:14:F6:E3:3C:06:7C:BA:62:DE:9D:C3:48:0E:29:16:6F:70:03:9C:E4"}}},"request":{"raw":"GET /wurfl.js HTTP/1.1\r\nHost: wurfl.io\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ch: Sec-Ch-Ua, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Full-Version, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version\r\nCache-Control: no-cache\r\nContent-Encoding: br\r\nContent-Type: application/javascript\r\nCross-Origin-Embedder-Policy: cross-origin\r\nCross-Origin-Opener-Policy: cross-origin\r\nCross-Origin-Resource-Policy: cross-origin\r\nDate: Mon, 03 Jun 2024 20:38:21 GMT\r\nVary: accept-encoding, user-agent, sec-ch-ua, sec-ch-ua-arch, sec-ch-ua-bitness, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-mobile, sec-ch-ua-model, sec-ch-ua-platform, sec-ch-ua-platform-version\r\nContent-Length: 1488\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1488,"size_decoded":3977,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3512)","md5":"4e56ee18d87f62dc6297b5d332d1b081","sha1":"63b4003113f47f2602ac99e828ebf7d615dac68f","sha256":"2bf5cac174101bde02ebd7664e6dac3f41c3206a3aee299ca2153f4e96d5fd9e","sha512":"7bfcc74ad4b18d6aaecae81668aa61a56ac56e3c93d9a51498aca9de72a6b74bed25451ee1d664f55a4d72a2a1a2126b287d8aeffb2265bcbc43f54ca9d1554b","ssdeep":"96:JSSxNvbsXtA5Slu/wyJ/nfO0j4lzlGAelBJl+dl9YlIaP6SMW7mPF+G:o27/w8Pkpc7J0XY2U6SMPEG","tlshash":"d781958af2c2e863c219987713db741e773341869896899930f5cbd48d7e47b0926bf1","first_seen":"2024-03-24T12:36:23Z","last_seen":"2024-12-30T04:12:41.499725Z","times_seen":947,"resource_available":true,"data":null}},"time_used":502,"timings":{"blocked":226,"dns":48,"connect":45,"send":0,"wait":44,"receive":0,"ssl":134},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.852Z","timestamp":1717447101852,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 13 May 2024 07:31:25 GMT","end":"Mon, 05 Aug 2024 07:31:24 GMT"},"fingerprint":{"sha1":"58:31:72:3C:50:20:A6:E5:54:6A:03:86:57:71:48:CB:E7:EF:75:55","sha256":"39:E3:0F:E0:7F:B1:12:6C:23:E2:30:F9:3B:67:ED:29:7B:C9:C8:E2:BD:54:3F:E2:EA:F9:B1:0F:8F:D8:95:AA"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://openvisiting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15920\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 31 May 2024 19:20:05 GMT\r\nexpires: Sat, 31 May 2025 19:20:05 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 11 May 2022 19:24:45 GMT\r\ncontent-type: font/woff2\r\nage: 263896\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15920,"size_decoded":15920,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15920, version 1.0","md5":"3a44e06eb954b96aa043227f3534189d","sha1":"23cef6993ddb2b2979e8e7647fc3763694e2ba7d","sha256":"b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e","sha512":"fab970b250dd88064730bd2603c530f3503abb0af4e4095786877f9660a159bf4ad98c5abea2e95eb39ae8c13417736b5772fcb9f87941ff5e0f383cb172997f","ssdeep":"384:sShqOXQlaSchOwK0uFvRqq3xR/xb5OY3aU/lHS9WE2YeK1os:sShJKaScJK0uFvRvxb5OY3aU/lHkmK","tlshash":"cc62cf5c6a901684c67c29b63b6d616be9a1cd50c2ab73904fdba317d30d3a1e0298fd","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-04-09T13:29:26.505936Z","times_seen":63971,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":74,"dns":2,"connect":7,"send":0,"wait":8,"receive":2,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.846Z","timestamp":1717447101846,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 13 May 2024 07:31:25 GMT","end":"Mon, 05 Aug 2024 07:31:24 GMT"},"fingerprint":{"sha1":"58:31:72:3C:50:20:A6:E5:54:6A:03:86:57:71:48:CB:E7:EF:75:55","sha256":"39:E3:0F:E0:7F:B1:12:6C:23:E2:30:F9:3B:67:ED:29:7B:C9:C8:E2:BD:54:3F:E2:EA:F9:B1:0F:8F:D8:95:AA"}}},"request":{"raw":"GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://openvisiting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15744\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 01 Jun 2024 08:28:58 GMT\r\nexpires: Sun, 01 Jun 2025 08:28:58 GMT\r\ncache-control: public, max-age=31536000\r\nage: 216563\r\nlast-modified: Wed, 11 May 2022 19:24:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15744,"size_decoded":15744,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15744, version 1.0","md5":"15d9f621c3bd1599f0169dcf0bd5e63e","sha1":"7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52","sha256":"f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615","sha512":"d35a47162fc160cd5f806c3bb7feb50ec96fdfc81753660ead22ef33f89be6b1bfd63d1135f6b479d35c2e9d30f2360ffc8819efca672270e230635bcb206c82","ssdeep":"384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/","tlshash":"8162e00158a163ade9b2327ed10b1b91c40660a27d2504e8c6e4fc95fe3d7ed5487b76","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-04-09T13:29:26.531089Z","times_seen":158582,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":85,"dns":1,"connect":20,"send":0,"wait":8,"receive":3,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.850Z","timestamp":1717447101850,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 13 May 2024 07:31:25 GMT","end":"Mon, 05 Aug 2024 07:31:24 GMT"},"fingerprint":{"sha1":"58:31:72:3C:50:20:A6:E5:54:6A:03:86:57:71:48:CB:E7:EF:75:55","sha256":"39:E3:0F:E0:7F:B1:12:6C:23:E2:30:F9:3B:67:ED:29:7B:C9:C8:E2:BD:54:3F:E2:EA:F9:B1:0F:8F:D8:95:AA"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://openvisiting.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15860\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 01 Jun 2024 08:27:17 GMT\r\nexpires: Sun, 01 Jun 2025 08:27:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 216664\r\nlast-modified: Wed, 11 May 2022 19:24:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15860,"size_decoded":15860,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15860, version 1.0","md5":"e9f5aaf547f165386cd313b995dddd8e","sha1":"acdef5603c2387b0e5bffd744b679a24a8bc1968","sha256":"f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860","sha512":"2a71edb5490f286642a874d52a1969f54282bc43cb24e8d5a297e13b320321fb7b7af5524eac609cf5f95ee08d5e4ec5803e2a3c8d13c09f6cc38713c665d0ce","ssdeep":"384:S7qmPTF4N21t//YW2FS6+1XxrsbGmjlAbvqMmtCN:S621tHY4xwbGmjloSM7N","tlshash":"1a62d0058ba5850bf5b907fb0e1ab7ee30664b523c8c42278348073970db47a6b2b1fd","first_seen":"2023-04-05T14:47:55Z","last_seen":"2026-04-09T13:29:26.530013Z","times_seen":89926,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":121,"dns":4,"connect":8,"send":0,"wait":8,"receive":2,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/favicon.ico","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:22.030Z","timestamp":1717447102030,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openvisiting.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 16:12:59 GMT","end":"Wed, 14 Aug 2024 16:12:58 GMT"},"fingerprint":{"sha1":"9C:4F:CA:60:E9:D2:4D:BB:8B:63:12:A3:FC:EF:CA:2A:6E:1E:77:BB","sha256":"45:91:F1:B0:44:B1:FE:B4:9B:F1:12:99:1A:59:85:D9:B8:41:79:F0:84:6C:C3:96:21:17:02:A8:53:FA:54:0F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: openvisiting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 03 Jun 2024 20:38:22 GMT\r\ncontent-type: text/html\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=M2TdvxQ%2FNvQ%2B9N%2F7QASfFaQ%2BdrbuWhZ7uGysZ8WbWgHP4BOpku2DtN3ZWyot4XHkjQIcb670VNS5sUNZmSTOIprOjlgozIG3Js5u8qfYmn2h8Kqd1lRLVHARYsL7GYt6TPO0\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e27c83ac4e568d-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":8576,"size_decoded":153,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"0ddf63b9f0246c8e3feb63e7b8818603","sha1":"c4c01cb7179bb71575503bfd05f7d11c158952ae","sha256":"ac121bcb304c5fa62ccd86c96327a12ea0a7b9165fc50123ee55a9030ff41000","sha512":"8574d1517ee5d0f4c80e74348e86191a11f6dca2e2156cf1fc05f77506fd5d3146af2b01f088be70755fe4f9c19a04da7a4d11dd4df3a174ca4fb5881933f00a","ssdeep":"","tlshash":"47c02b2e35537c4cc5633174b2c37081c0d6933774ba41128480804331cf2a98ac7397","first_seen":"2024-05-04T07:30:37Z","last_seen":"2026-03-28T09:55:50.22317Z","times_seen":314,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-03T20:38:21.337Z","timestamp":1717447101337,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openvisiting.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 16:12:59 GMT","end":"Wed, 14 Aug 2024 16:12:58 GMT"},"fingerprint":{"sha1":"9C:4F:CA:60:E9:D2:4D:BB:8B:63:12:A3:FC:EF:CA:2A:6E:1E:77:BB","sha256":"45:91:F1:B0:44:B1:FE:B4:9B:F1:12:99:1A:59:85:D9:B8:41:79:F0:84:6C:C3:96:21:17:02:A8:53:FA:54:0F"}}},"request":{"raw":"GET /3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07 HTTP/1.1\r\nHost: openvisiting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Lz9OSUEYXse%2BGEEhgH1iORx9nsvEdLX%2B3nCEHQbYrhPGL2nj%2FmQK1O6XFO%2FS2s3LI2DD%2FIaL%2FM8xUcyXbrjr7eITNUH3b4Y7Useb8voP%2FnjlVsjvLXQIvQZkSM%2FxgcHZupkf\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 88e27c7fabc3b515-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3364,"size_decoded":3364,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3596), with no line terminators","md5":"09c299104bff6d5f699d4adc3df69762","sha1":"0370b312d38c0a34f00a753df9790910c9d320ec","sha256":"1a012fa56b234c4507549fb02b41f74fe8994a23b3e404c5b2456f4851207bdf","sha512":"ecf657c55a8d513e0b5bf48b85b9af621e2d32ed63acce4a678d64f25953ee98c470c2c92a66df2efea7c8a81156aa85824877fda8494b7a08d99d93e8cf0dba","ssdeep":"","tlshash":"7b71ba7b64dcd2331a4398c52961672fbc49f218ee1b1b4637ec4af84387a50dc7b584","first_seen":"2024-08-19T20:52:41.132496Z","last_seen":"2024-08-19T20:52:41.132496Z","times_seen":1,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":47,"dns":29,"connect":1,"send":0,"wait":43,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openvisiting.com/3p/images/bg.png","fqdn":"openvisiting.com","domain":"openvisiting.com","tld":"com"},"ip":{"addr":"172.67.202.170","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.801Z","timestamp":1717447101801,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openvisiting.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 16:12:59 GMT","end":"Wed, 14 Aug 2024 16:12:58 GMT"},"fingerprint":{"sha1":"9C:4F:CA:60:E9:D2:4D:BB:8B:63:12:A3:FC:EF:CA:2A:6E:1E:77:BB","sha256":"45:91:F1:B0:44:B1:FE:B4:9B:F1:12:99:1A:59:85:D9:B8:41:79:F0:84:6C:C3:96:21:17:02:A8:53:FA:54:0F"}}},"request":{"raw":"GET /3p/images/bg.png HTTP/1.1\r\nHost: openvisiting.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/3p/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 55530\r\nlast-modified: Sun, 04 Feb 2024 19:21:22 GMT\r\netag: \"65bfe3b2-d8ea\"\r\nstrict-transport-security: max-age=31536000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 1587\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=dWZrL2JX16V6tcg%2BQ2v4UaI9dcmrTfHq%2BypyzOquHjoQGngG76%2BwaorGR7k0%2Fpw27jTxyXUMvLYBfFXjIh0M80O4YfXVp55FAdhKgYcs7%2BD%2Ff9qCOHZYkXJQQVUh3uupjATJ\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 88e27c823a5e568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55530,"size_decoded":55530,"mime_type":"image/png","magic":"PNG image data, 3500 x 3500, 4-bit colormap, non-interlaced","md5":"1d3c98099c0b3e2cda9c3ca2cd6a1a89","sha1":"2bf1561dcfef7eba77215690758f45a8148718df","sha256":"45dc96c114f10246160edc4407b8a4b517b1b27a43e56aedea256906c1c567c7","sha512":"b36d0b104fc3ba01170bc746da82fe91c0ba246691fa376eba290457f3ab0d0a407cc16612cf3da86d802100d7042b9903146208b1e1d9c8ed8eb1a8e611914e","ssdeep":"1536:IPte9oupcbC4w6BgCmpCm+pPjg6akW8nXRG4:d9mbdw6BgCmeFn/","tlshash":"1243ae455d18a360e41d5a3ca1e69c8d6aeedb0bf8c0f455bc7330bf867ebe610d8462","first_seen":"2024-02-25T03:29:58Z","last_seen":"2026-01-10T10:45:05.626975Z","times_seen":915,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://openvisiting.com/3p/?country=Norway\u0026device_name=Desktop\u0026domain=mediaservingoc.com\u0026uclick=g6ft1n3y\u0026uclickhash=g6ft1n3y-g6ft1n3y-ir0-0-523y-ik3y-ikbl-687c07","date":"2024-06-03T20:38:21.588Z","timestamp":1717447101588,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 13 May 2024 07:31:30 GMT","end":"Mon, 05 Aug 2024 07:31:29 GMT"},"fingerprint":{"sha1":"8E:9C:6E:70:61:4E:A0:D8:4A:BD:CA:F0:BF:75:60:FE:A2:36:FB:7A","sha256":"7F:35:B0:46:E8:2E:DF:D1:93:CB:FD:D9:5C:49:8F:25:52:97:60:DE:A7:78:41:AE:C2:94:B7:39:EF:95:0C:CA"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://openvisiting.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 03 Jun 2024 20:38:21 GMT\r\ndate: Mon, 03 Jun 2024 20:38:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14029,"size_decoded":14029,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"9c12b57a25710853b762d48b28545b5c","sha1":"57a79d40792f42232b317bd9529c98efa29fc315","sha256":"35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9","sha512":"01c5a537bfb4b7b589eeebc8055c97b9ed1e3021c9fffbc6de56c6b821b7ebbb13cc046ece6a99bbe43779652e24ce65be67ebcb102a4ada6aca1176c95d9263","ssdeep":"384:DvGzvfvAv7evuvjvEahIrM2iykFAXckrVV4UvcbaMiyXndpGzqpDMV7t21wVre:DvyvfvAvavuvjvEGIr9iykWXc8VV4ucj","tlshash":"9e527a91085b9400eb830cd677cf7e35bd4f61162082c5baebfd68a8addbd22536874d","first_seen":"2024-02-11T16:13:10Z","last_seen":"2026-03-24T12:43:25.674352Z","times_seen":1208,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":119,"dns":4,"connect":25,"send":0,"wait":32,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}