r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5731
Expires: Thu, 29 Sep 2022 15:28:28 GMT
Date: Thu, 29 Sep 2022 13:52:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 13:15:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z1t1ry4NqRwcAalJ6azvov91xRylu9MeH7IHxyoi_CFgHaylnw3iYw==
Age: 2225
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3246
Expires: Thu, 29 Sep 2022 14:47:03 GMT
Date: Thu, 29 Sep 2022 13:52:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JPqgzZhutCYGZRucNQf8LmwY76KSvB29F/hWBUm+dz1zqNaWvlfP9WsWCtjawd82xsRyO5U09yQ=
x-amz-request-id: GNQ4J3DXFYWK6X2D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 13:50:38 GMT
age: 139
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 13:52:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
beat.com.ph/online.bdo.com.ph/personal/87145/sso/login.php
37.48.65.155302 Found 11 B URL HTTP/1.1 beat.com.ph/online.bdo.com.ph/personal/87145/sso/login.php
IP 37.48.65.155:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert fortinet Phishing
GET /online.bdo.com.ph/personal/87145/sso/login.php HTTP/1.1
Host: beat.com.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 29 Sep 2022 13:52:57 GMT
location: http://irene-eux.com/zcvisitor/061a8dc5-3ffe-11ed-a0e0-12ab73c168f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
server: nginx
set-cookie: sid=060e23fa-3ffe-11ed-b23f-9afe31ce16c4; path=/; domain=.beat.com.ph; expires=Tue, 17 Oct 2090 17:07:04 GMT; max-age=2147483647; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 13:29:33 GMT
Expires: Thu, 29 Sep 2022 14:26:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j3Nu5Sd06QHoik-jZO_m0KpQLXbSfY1kvp-WnfuSNBNQFfUDnDDX7A==
Age: 1404
irene-eux.com/zcvisitor/061a8dc5-3ffe-11ed-a0e0-12ab73c168f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
35.174.150.83200 996 B URL HTTP/1.1 irene-eux.com/zcvisitor/061a8dc5-3ffe-11ed-a0e0-12ab73c168f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
IP 35.174.150.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 81a5de5fd2ca3ecb5f2e77ea1aef22fc
7b02f51ff038b131efdd9cec2aca45e67fe1e231
d6f93408b96e053e8c67e8b8ec65efbf35105cfd0f21d0f8f5b05edfcd933c00
GET /zcvisitor/061a8dc5-3ffe-11ed-a0e0-12ab73c168f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97 HTTP/1.1
Host: irene-eux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Thu, 29 Sep 2022 13:52:58 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: gFlYsqMY
irene-eux.com/zcredirect?visitid=061a8dc5-3ffe-11ed-a0e0-12ab73c168f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
35.174.150.83200 516 B URL HTTP/1.1 irene-eux.com/zcredirect?visitid=061a8dc5-3ffe-11ed-a0e0-12ab73c168f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 35.174.150.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 67536ed136eadc3dda9cf4ee357205a7
0353bc325187f0d9bbe2a3dcbf5fe714e65e3b43
73f4d39b1a8d3f51fc4b82e9032836203d1d48b191c9946915106469e6080d40
GET /zcredirect?visitid=061a8dc5-3ffe-11ed-a0e0-12ab73c168f9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: irene-eux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcvisitor/061a8dc5-3ffe-11ed-a0e0-12ab73c168f9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Thu, 29 Sep 2022 13:52:58 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: NQeSRuGm
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5066
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 13:52:58 GMT
Last-Modified: Thu, 29 Sep 2022 12:28:32 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr061a8dc53ffe11eda0e012ab73c168f95eac37376e2d4a4e921b66f5e92e64a2067885f6bf1968e8d1
35.180.17.130200 OK 310 B URL HTTP/2 track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr061a8dc53ffe11eda0e012ab73c168f95eac37376e2d4a4e921b66f5e92e64a2067885f6bf1968e8d1
IP 35.180.17.130:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 86090bae95b265e814893a609575e81e
73462601c68163b5970cd7cfe6e9c0e5ff6a7fb5
b7751c3b0b2ab04b8d077a96f70035ccb25abd6083b2ff484f3b2353da7ee82d
GET /tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr061a8dc53ffe11eda0e012ab73c168f95eac37376e2d4a4e921b66f5e92e64a2067885f6bf1968e8d1 HTTP/1.1
Host: track.domainparkingmanager.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://irene-eux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Thu, 29 Sep 2022 13:52:58 GMT
content-length: 310
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iohVAoari8oNcl7FO4rPww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ihhwij7wmkjq3D/eXjqyaCfcd/s=
track.domainparkingmanager.it/favicon.ico
35.180.17.130404 Not Found 1.2 kB URL HTTP/2 track.domainparkingmanager.it/favicon.ico
IP 35.180.17.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
GET /favicon.ico HTTP/1.1
Host: track.domainparkingmanager.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr061a8dc53ffe11eda0e012ab73c168f95eac37376e2d4a4e921b66f5e92e64a2067885f6bf1968e8d1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Thu, 29 Sep 2022 13:52:58 GMT
content-length: 1245
X-Firefox-Spdy: h2
track.domainparkingmanager.it/tm2.ashx?&source=zp-1-1891178&pubid=zr061a8dc53ffe11eda0e012ab73c168f95eac37376e2d4a4e&cost=0.010000
35.180.17.130302 Found 158 B URL HTTP/2 track.domainparkingmanager.it/tm2.ashx?&source=zp-1-1891178&pubid=zr061a8dc53ffe11eda0e012ab73c168f95eac37376e2d4a4e&cost=0.010000
IP 35.180.17.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c184564c5f290572d03b0323eea4a55c
69da0e3bf633ce90de367906bec08827b7bf6bc4
12c579efcf0764649601111907e6c63bb7e31b074bc3c4fa78da027c7f1ef362
GET /tm2.ashx?&source=zp-1-1891178&pubid=zr061a8dc53ffe11eda0e012ab73c168f95eac37376e2d4a4e&cost=0.010000 HTTP/1.1
Host: track.domainparkingmanager.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr061a8dc53ffe11eda0e012ab73c168f95eac37376e2d4a4e921b66f5e92e64a2067885f6bf1968e8d1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: private
content-type: text/html; charset=utf-8
location: https://service.no.like.it/in.ashx?c=1171
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Thu, 29 Sep 2022 13:52:58 GMT
content-length: 158
X-Firefox-Spdy: h2
service.no.like.it/in.ashx?c=1171
35.180.205.178302 Found 202 B URL HTTP/2 service.no.like.it/in.ashx?c=1171
IP 35.180.205.178:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d3baae4232e91c6f72839e3bab4278f1
8881218624feeb16f2633c3fc25d106c679b3067
6ff9c443812d08260f976f0bab8e518f77769cbb3ae0507ceaf26d106b75e73c
GET /in.ashx?c=1171 HTTP/1.1
Host: service.no.like.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track.domainparkingmanager.it/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
location: https://no.like.it/Search?q=tips til konfirmasjon pynt&country=no&language=no
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
set-cookie: clkmrctrvsprx=http://domainparking.io/out.aspx?keyword=tips+til+konfirmasjon+pynt&c=1171&logcookie=24530920; domain=no.like.it; expires=Thu, 29-Sep-2022 13:53:58 GMT; path=/; secure; SameSite=None
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Thu, 29 Sep 2022 13:52:58 GMT
content-length: 202
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f7d750cb38b3e194308d8925b04a8c88
52ca8076e3635a4d95eeacd57814ff781dcd293c
3c42fd19783d561986ac6d21975f017beb30ccff96a8223fa0be37d5d2785add
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C42FD19783D561986AC6D21975F017BEB30CCFF96A8223FA0BE37D5D2785ADD"
Last-Modified: Wed, 28 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17516
Expires: Thu, 29 Sep 2022 18:44:55 GMT
Date: Thu, 29 Sep 2022 13:52:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3321
Expires: Thu, 29 Sep 2022 14:48:20 GMT
Date: Thu, 29 Sep 2022 13:52:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3321
Expires: Thu, 29 Sep 2022 14:48:20 GMT
Date: Thu, 29 Sep 2022 13:52:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3321
Expires: Thu, 29 Sep 2022 14:48:20 GMT
Date: Thu, 29 Sep 2022 13:52:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LwYd0qn4P-zh1W4GvU8vNEo3_TZHEqtErAj3UKx7a82LIDaBsiXE-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:04:20 GMT
age: 67719
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:58 GMT
age: 56881
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33d8a1c1782f57095619cfba8c58a4a5
9f21cefa8882ea63961ae2eb51b7cd406b2358d6
47c04dd3680f76a5bc54157c64d64dcb7dea517c8dace4fdcf8e46df43fa9cae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10272
x-amzn-requestid: 443e641f-25dc-456c-bb7f-ae23153dc52d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVSwECzoAMFpeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633268de-20524e433a72428653175a94;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: U4PCOUZJFTvrqjsqGT3JpVnrbjqvkvG4vvqZbyFGk1ri0k_U33N3TA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:58:34 GMT
age: 35665
etag: "9f21cefa8882ea63961ae2eb51b7cd406b2358d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 88076712-b2bb-4aee-81a7-ae35201748ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKZtEXeoAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdd7-317a47e2018160b928a40ff9;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VztBCwvlCphzQJw_HAODqlJjRAaYDoKFzmkAYhrhUTZJ5rmNtNSzuQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 57753
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: ff9cdb43-e7f3-4fb3-a2c9-28059f7749e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtFlRoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-2b426b8e379fb9da122731e6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v_9XHswnO6iHo9-XgqSOIDYxa_RSEzQTDqJ5Uoi5pB9sJ3kl3H-XSQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 23:45:29 GMT
age: 50850
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 57797
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
no.like.it/Search?q=tips%20til%20konfirmasjon%20pynt&country=no&language=no
185.25.205.112200 OK 9.5 kB URL HTTP/2 no.like.it/Search?q=tips%20til%20konfirmasjon%20pynt&country=no&language=no
IP 185.25.205.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7234), with CRLF, LF line terminators
Hash c774202b743c48512742446895143c89
cd449e28b05fba25dbad90e70a92b6a85f1b66ba
5a149047a3f2fb28c0f29780fc2664ee8256ef24e71746db997cd5639fb8f1e8
GET /Search?q=tips%20til%20konfirmasjon%20pynt&country=no&language=no HTTP/1.1
Host: no.like.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track.domainparkingmanager.it/
Connection: keep-alive
Cookie: clkmrctrvsprx=http://domainparking.io/out.aspx?keyword=tips+til+konfirmasjon+pynt&c=1171&logcookie=24530920
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 29 Sep 2022 13:50:12 GMT
content-length: 9507
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed8d6ec40376562f5bb4fae1652cc110
6910ffb0c6a68c3a33faa6151e3f1951a7ec389b
d66a2981e24e1a88da3f0beadd60cd744826719b4e39cfa3b2194993969534a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 13:52:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 74761b26dcc751cca4af38da2a9cdce9
6b77bf6c517f1b98bdc4d8e61100c42aaeaa3901
8bad81c93823db478d5ed1b1bc51bd8cd547e5e0dea789de3693b0f4cb6efd31
GET /recaptcha/api.js?render=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.like.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 29 Sep 2022 13:52:59 GMT
date: Thu, 29 Sep 2022 13:52:59 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3826037172731ac33e566808c9618388
226e9205194fb0446af7fef47c68749add90d966
692f1898c2850d619cb42a23932602bc680abe6634e2b04906304311d2eccf27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 13:52:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash db46f2642454f8a62dafca71c12cfa4e
8ee02cf8957d49a780390e945204db43cb46484e
0e68abed950898788bb3db6899b7ed8e20b48a894cb068a50286e5ebbb4df9c8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 13:52:59 GMT
Last-Modified: Thu, 29 Sep 2022 12:25:58 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _dnVWY_WZ0HNT-VdhlM6ozcvw8JWPG8dRynJ-uVVJIuJhc3kKOyLSA==
Age: 5221
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 033e9c00dfd7c059f1bdef095e090c95
3d2ae4c5be8d2278ccbc3ad918960b88579a3abd
8217c2c21cb0961523c529faf6582a341617e83e4cd01bd64c8715765551299b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 13:53:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.like.it
Connection: keep-alive
Referer: https://no.like.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 314825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yu.imageadvantage.net/6/44/31/0315800BCD9CAB8A49F66D52B1E.jpg?pid=9653.100&qs=yvFxpqx%26wrp%27lttirvtbxprw%24wzsz%29jh%7D%3E%7C%7Dz7thsy%7Fnrrn%2Fsu%29%7Dxs%3EU%7Fq%7D%24Rpsll%7Bqhtouq%291%27Gwo%23ovhly%26r%7Fiy%21663904%27ikvFW%7Bpwz%23%7Ex%7Dbqm%23jz%27Q%7Etw%29Ovokouvezktt1%29Vhtp%26onzlsntj%29sn%21qgyn%24wsnyh%7B%25%27Ity%23Yeyu%7Eqlwk%27gntqnv%27ez%26dux%27ez%26w%7Biuhjx%23%7Dms%21zlr%7Bksfrshumnf%25lh%7Cxls3&d=www.partyking.no
54.230.111.96302 Moved Temporarily 915 B URL HTTP/1.1 yu.imageadvantage.net/6/44/31/0315800BCD9CAB8A49F66D52B1E.jpg?pid=9653.100&qs=yvFxpqx%26wrp%27lttirvtbxprw%24wzsz%29jh%7D%3E%7C%7Dz7thsy%7Fnrrn%2Fsu%29%7Dxs%3EU%7Fq%7D%24Rpsll%7Bqhtouq%291%27Gwo%23ovhly%26r%7Fiy%21663904%27ikvFW%7Bpwz%23%7Ex%7Dbqm%23jz%27Q%7Etw%29Ovokouvezktt1%29Vhtp%26onzlsntj%29sn%21qgyn%24wsnyh%7B%25%27Ity%23Yeyu%7Eqlwk%27gntqnv%27ez%26dux%27ez%26w%7Biuhjx%23%7Dms%21zlr%7Bksfrshumnf%25lh%7Cxls3&d=www.partyking.no
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (648)
Hash a31eafddd5c7c7fcbb55a8bdc2f3fb97
fc705e55a43bd8290d36cb105e7c3a1ec081a61f
190ee9ef9a849bf917e6ec0d344b2f9791c20d806730ea11f2c1c109eb195680
GET /6/44/31/0315800BCD9CAB8A49F66D52B1E.jpg?pid=9653.100&qs=yvFxpqx%26wrp%27lttirvtbxprw%24wzsz%29jh%7D%3E%7C%7Dz7thsy%7Fnrrn%2Fsu%29%7Dxs%3EU%7Fq%7D%24Rpsll%7Bqhtouq%291%27Gwo%23ovhly%26r%7Fiy%21663904%27ikvFW%7Bpwz%23%7Ex%7Dbqm%23jz%27Q%7Etw%29Ovokouvezktt1%29Vhtp%26onzlsntj%29sn%21qgyn%24wsnyh%7B%25%27Ity%23Yeyu%7Eqlwk%27gntqnv%27ez%26dux%27ez%26w%7Biuhjx%23%7Dms%21zlr%7Bksfrshumnf%25lh%7Cxls3&d=www.partyking.no HTTP/1.1
Host: yu.imageadvantage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.like.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=iso-8859-1
Content-Length: 915
Connection: keep-alive
Date: Thu, 29 Sep 2022 13:53:00 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/6/44/31/0315800BCD9CAB8A49F66D52B1E&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7thsy%257Fnrrn%252Fsu%2529%257Dxs%253EU%257Fq%257D%2524Rpsll%257Bqhtouq%25291%2527Gwo%2523ovhly%2526r%257Fiy%2521663904%2527ikvFW%257Bpwz%2523%257Ex%257Dbqm%2523jz%2527Q%257Etw%2529Ovokouvezktt1%2529Vhtp%2526onzlsntj%2529sn%2521qgyn%2524wsnyh%257B%2525%2527Ity%2523Yeyu%257Eqlwk%2527gntqnv%2527ez%2526dux%2527ez%2526w%257Biuhjx%2523%257Dms%2521zlr%257Bksfrshumnf%2525lh%257Cxls3&d=www.partyking.no
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: goWK76j4_AVwC5NHovmLwisAIEm6YujrZs4PBL0CBqivM3OBGkSwdQ==
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash db46f2642454f8a62dafca71c12cfa4e
8ee02cf8957d49a780390e945204db43cb46484e
0e68abed950898788bb3db6899b7ed8e20b48a894cb068a50286e5ebbb4df9c8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 13:52:59 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nt1S7xZ8wSlH1iICII9rgi9mkiY1xto6R60fcpRf3au2QZPRzVebhQ==
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 89fa9e6da618aa3f7990c00b586d6faf
ab38a0f12d182d9105663b295d44287f92aac05f
510a4d1ad464a5b2c20e6563918d7cc3a423c4ee63570edb7552f2a4df6c167a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 13:53:00 GMT
Last-Modified: Thu, 29 Sep 2022 13:45:37 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0IVEhAfwFUqjeQav8fP5qnuv9xH0RZNXwUaw3yNnfKpYzZyiPAU43g==
Age: 443
yu.imageadvantage.net/1/18/C7/A472AABE3E3B97DD3834ECAE2D7.jpg?pid=9653.100&qs=yvFxpqx%26wrp%27lttirvtbxprw%24wzsz%29jh%7D%3E%7C%7Dz7w%7Cqjxn%7Ep5ot5Inw%7Bbwzltpls4Qrwjpsrgvssu%27yzoFt%C2%80oy%26wrp%27lttirvtbxprw%244%21Suupiz%21Xz%C3%BB%7Bw%7Bf%25v%C3%A8%29Jltygu%7Dmrmjx%29miz%3EU%7Fq%7D0%27Ejqr%7Bezktth%7B%24vh%25Sh%7B%24%7Bjq%26Nxrmjwsd%7Cnvo3%26Dux%27ez%26W%7Biuhjx%23xk%27M%7Etujwr%21Qkynvpol%27&d=www.superkul.no%2FFestartikler%2FKonfirmasjon
54.230.111.96302 Moved Temporarily 926 B URL HTTP/1.1 yu.imageadvantage.net/1/18/C7/A472AABE3E3B97DD3834ECAE2D7.jpg?pid=9653.100&qs=yvFxpqx%26wrp%27lttirvtbxprw%24wzsz%29jh%7D%3E%7C%7Dz7w%7Cqjxn%7Ep5ot5Inw%7Bbwzltpls4Qrwjpsrgvssu%27yzoFt%C2%80oy%26wrp%27lttirvtbxprw%244%21Suupiz%21Xz%C3%BB%7Bw%7Bf%25v%C3%A8%29Jltygu%7Dmrmjx%29miz%3EU%7Fq%7D0%27Ejqr%7Bezktth%7B%24vh%25Sh%7B%24%7Bjq%26Nxrmjwsd%7Cnvo3%26Dux%27ez%26W%7Biuhjx%23xk%27M%7Etujwr%21Qkynvpol%27&d=www.superkul.no%2FFestartikler%2FKonfirmasjon
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (659)
Hash 14c31cc78084f94a7382678bc70ef944
268e7e28c84f4ff60b0e368305ccdb1640498199
fc28d1e1fb5ed48901689ea47be8b513c14315ccdc34206a1e437ec70e122776
GET /1/18/C7/A472AABE3E3B97DD3834ECAE2D7.jpg?pid=9653.100&qs=yvFxpqx%26wrp%27lttirvtbxprw%24wzsz%29jh%7D%3E%7C%7Dz7w%7Cqjxn%7Ep5ot5Inw%7Bbwzltpls4Qrwjpsrgvssu%27yzoFt%C2%80oy%26wrp%27lttirvtbxprw%244%21Suupiz%21Xz%C3%BB%7Bw%7Bf%25v%C3%A8%29Jltygu%7Dmrmjx%29miz%3EU%7Fq%7D0%27Ejqr%7Bezktth%7B%24vh%25Sh%7B%24%7Bjq%26Nxrmjwsd%7Cnvo3%26Dux%27ez%26W%7Biuhjx%23xk%27M%7Etujwr%21Qkynvpol%27&d=www.superkul.no%2FFestartikler%2FKonfirmasjon HTTP/1.1
Host: yu.imageadvantage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.like.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=iso-8859-1
Content-Length: 926
Connection: keep-alive
Date: Thu, 29 Sep 2022 13:53:00 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/1/18/C7/A472AABE3E3B97DD3834ECAE2D7&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7w%257Cqjxn%257Ep5ot5Inw%257Bbwzltpls4Qrwjpsrgvssu%2527yzoFt%25C2%2580oy%2526wrp%2527lttirvtbxprw%25244%2521Suupiz%2521Xz%25C3%25BB%257Bw%257Bf%2525v%25C3%25A8%2529Jltygu%257Dmrmjx%2529miz%253EU%257Fq%257D0%2527Ejqr%257Bezktth%257B%2524vh%2525Sh%257B%2524%257Bjq%2526Nxrmjwsd%257Cnvo3%2526Dux%2527ez%2526W%257Biuhjx%2523xk%2527M%257Etujwr%2521Qkynvpol%2527&d=www.superkul.no%252FFestartikler%252FKonfirmasjon
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wj782VWzmXL2q1-NmH-i1JZkic2wAMv7bxIj-UZ8Asf7JuxoidNHZg==
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 436862
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 565469
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
no.like.it/favicon.ico
185.25.205.112200 OK 9.1 kB IP 185.25.205.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6112), with CRLF, LF line terminators
Hash 160d373b47b079c3ff8060cbf8b07eee
20856bbce4f43fbcd7c2011fd632bc39d432881e
6106ebfce71b1bf053cb861466d99680d05393472a9f1ddb840a9ab8ff062e74
GET /favicon.ico HTTP/1.1
Host: no.like.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.like.it/Search?q=tips%20til%20konfirmasjon%20pynt&country=no&language=no
Cookie: clkmrctrvsprx=http://domainparking.io/out.aspx?keyword=tips+til+konfirmasjon+pynt&c=1171&logcookie=24530920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Thu, 29 Sep 2022 13:50:13 GMT
content-length: 9099
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 556ea631652cbb77ff38dbe3bbc8c4d1
ba797da9b2d6942161fa02a0e431de4868b84327
130dab67cb6d80c741a7f2dadfd536bd6900204880dc3b68b2afbfa53dd3d781
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8754
x-amzn-requestid: 175fc592-ed89-44fb-8cf7-8a4404f59d4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZC5OcHKkIAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633108c2-2c0c36007bc8bcb56a54e8a1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 02:04:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -AhTOJwgY3-DnA_pYXdBL18wPP_fNeyDmZjkdkQ2J-xrBZSyRcdK3Q==
via: 1.1 71e7943ea0729c284a06faa05a567236.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:10:22 GMT
age: 67364
etag: "ba797da9b2d6942161fa02a0e431de4868b84327"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mr0.imageadvantage.net/MRH/MediaHandler.php?path=/6/44/31/0315800BCD9CAB8A49F66D52B1E&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7thsy%257Fnrrn%252Fsu%2529%257Dxs%253EU%257Fq%257D%2524Rpsll%257Bqhtouq%25291%2527Gwo%2523ovhly%2526r%257Fiy%2521663904%2527ikvFW%257Bpwz%2523%257Ex%257Dbqm%2523jz%2527Q%257Etw%2529Ovokouvezktt1%2529Vhtp%2526onzlsntj%2529sn%2521qgyn%2524wsnyh%257B%2525%2527Ity%2523Yeyu%257Eqlwk%2527gntqnv%2527ez%2526dux%2527ez%2526w%257Biuhjx%2523%257Dms%2521zlr%257Bksfrshumnf%2525lh%257Cxls3&d=www.partyking.no
54.230.111.99200 OK 0 B URL HTTP/2 mr0.imageadvantage.net/MRH/MediaHandler.php?path=/6/44/31/0315800BCD9CAB8A49F66D52B1E&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7thsy%257Fnrrn%252Fsu%2529%257Dxs%253EU%257Fq%257D%2524Rpsll%257Bqhtouq%25291%2527Gwo%2523ovhly%2526r%257Fiy%2521663904%2527ikvFW%257Bpwz%2523%257Ex%257Dbqm%2523jz%2527Q%257Etw%2529Ovokouvezktt1%2529Vhtp%2526onzlsntj%2529sn%2521qgyn%2524wsnyh%257B%2525%2527Ity%2523Yeyu%257Eqlwk%2527gntqnv%2527ez%2526dux%2527ez%2526w%257Biuhjx%2523%257Dms%2521zlr%257Bksfrshumnf%2525lh%257Cxls3&d=www.partyking.no
IP 54.230.111.99:0
GET /MRH/MediaHandler.php?path=/6/44/31/0315800BCD9CAB8A49F66D52B1E&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7thsy%257Fnrrn%252Fsu%2529%257Dxs%253EU%257Fq%257D%2524Rpsll%257Bqhtouq%25291%2527Gwo%2523ovhly%2526r%257Fiy%2521663904%2527ikvFW%257Bpwz%2523%257Ex%257Dbqm%2523jz%2527Q%257Etw%2529Ovokouvezktt1%2529Vhtp%2526onzlsntj%2529sn%2521qgyn%2524wsnyh%257B%2525%2527Ity%2523Yeyu%257Eqlwk%2527gntqnv%2527ez%2526dux%2527ez%2526w%257Biuhjx%2523%257Dms%2521zlr%257Bksfrshumnf%2525lh%257Cxls3&d=www.partyking.no HTTP/1.1
Host: mr0.imageadvantage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.like.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Thu, 29 Sep 2022 13:53:00 GMT
server: Apache/2.4.18 (Ubuntu)
cache-control: no-cache, no-store
mrhdebug: initialize START w:/MRH/MediaHandler.php?path=/6/44/31/0315800BCD9CAB8A49F66D52B1E&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7thsy%257Fnrrn%252Fsu%2529%257Dxs%253EU%257Fq%257D%2524Rpsll%257Bqhtouq%25291%2527Gwo%2523ovhly%2526r%257Fiy%2521663904%2527ikvFW%257Bpwz%2523%257Ex%257Dbqm%2523jz%2527Q%257Etw%2529Ovokouvezktt1%2529Vhtp%2526onzlsntj%2529sn%2521qgyn%2524wsnyh%257B%2525%2527Ity%2523Yeyu%257Eqlwk%2527gntqnv%2527ez%2526dux%2527ez%2526w%257Biuhjx%2523%257Dms%2521zlr%257Bksfrshumnf%2525lh%257Cxls3&d=www.partyking.no|| @ 1664459580.632||
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B7Df3NgPxf2GJ2vPdp-fK9DoXx8DtJzGNNBFF_nj81w1xSpMu8BjiA==
X-Firefox-Spdy: h2
mr0.imageadvantage.net/MRH/MediaHandler.php?path=/1/18/C7/A472AABE3E3B97DD3834ECAE2D7&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7w%257Cqjxn%257Ep5ot5Inw%257Bbwzltpls4Qrwjpsrgvssu%2527yzoFt%25C2%2580oy%2526wrp%2527lttirvtbxprw%25244%2521Suupiz%2521Xz%25C3%25BB%257Bw%257Bf%2525v%25C3%25A8%2529Jltygu%257Dmrmjx%2529miz%253EU%257Fq%257D0%2527Ejqr%257Bezktth%257B%2524vh%2525Sh%257B%2524%257Bjq%2526Nxrmjwsd%257Cnvo3%2526Dux%2527ez%2526W%257Biuhjx%2523xk%2527M%257Etujwr%2521Qkynvpol%2527&d=www.superkul.no%252FFestartikler%252FKonfirmasjon
54.230.111.99200 OK 0 B URL HTTP/2 mr0.imageadvantage.net/MRH/MediaHandler.php?path=/1/18/C7/A472AABE3E3B97DD3834ECAE2D7&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7w%257Cqjxn%257Ep5ot5Inw%257Bbwzltpls4Qrwjpsrgvssu%2527yzoFt%25C2%2580oy%2526wrp%2527lttirvtbxprw%25244%2521Suupiz%2521Xz%25C3%25BB%257Bw%257Bf%2525v%25C3%25A8%2529Jltygu%257Dmrmjx%2529miz%253EU%257Fq%257D0%2527Ejqr%257Bezktth%257B%2524vh%2525Sh%257B%2524%257Bjq%2526Nxrmjwsd%257Cnvo3%2526Dux%2527ez%2526W%257Biuhjx%2523xk%2527M%257Etujwr%2521Qkynvpol%2527&d=www.superkul.no%252FFestartikler%252FKonfirmasjon
IP 54.230.111.99:0
GET /MRH/MediaHandler.php?path=/1/18/C7/A472AABE3E3B97DD3834ECAE2D7&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7w%257Cqjxn%257Ep5ot5Inw%257Bbwzltpls4Qrwjpsrgvssu%2527yzoFt%25C2%2580oy%2526wrp%2527lttirvtbxprw%25244%2521Suupiz%2521Xz%25C3%25BB%257Bw%257Bf%2525v%25C3%25A8%2529Jltygu%257Dmrmjx%2529miz%253EU%257Fq%257D0%2527Ejqr%257Bezktth%257B%2524vh%2525Sh%257B%2524%257Bjq%2526Nxrmjwsd%257Cnvo3%2526Dux%2527ez%2526W%257Biuhjx%2523xk%2527M%257Etujwr%2521Qkynvpol%2527&d=www.superkul.no%252FFestartikler%252FKonfirmasjon HTTP/1.1
Host: mr0.imageadvantage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.like.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 29 Sep 2022 13:53:00 GMT
server: Apache/2.4.18 (Ubuntu)
cache-control: no-cache, no-store
mrhdebug: initialize START w:/MRH/MediaHandler.php?path=/1/18/C7/A472AABE3E3B97DD3834ECAE2D7&mt=04&pid=9653.100&qs=yvFxpqx%2526wrp%2527lttirvtbxprw%2524wzsz%2529jh%257D%253E%257C%257Dz7w%257Cqjxn%257Ep5ot5Inw%257Bbwzltpls4Qrwjpsrgvssu%2527yzoFt%25C2%2580oy%2526wrp%2527lttirvtbxprw%25244%2521Suupiz%2521Xz%25C3%25BB%257Bw%257Bf%2525v%25C3%25A8%2529Jltygu%257Dmrmjx%2529miz%253EU%257Fq%257D0%2527Ejqr%257Bezktth%257B%2524vh%2525Sh%257B%2524%257Bjq%2526Nxrmjwsd%257Cnvo3%2526Dux%2527ez%2526W%257Biuhjx%2523xk%2527M%257Etujwr%2521Qkynvpol%2527&d=www.superkul.no%252FFestartikler%252FKonfirmasjon|| @ 1664459580.5112||
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QRJGZQCZXnm-laGy_dpMHFnr-pBFVj0MLvMx-wBlC6hjC5kPmD_V3w==
X-Firefox-Spdy: h2