bcuiaw.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1274686&wd=488671&d=onccmf.com&tpl=24&rnd=0.8354165091602229&sbid=&sbid2=fernandointent%3A%2F%2Fonccmf.com%2Facce
0 B URL bcuiaw.com/rpe?a=1&s=1&act=17&src=2&p=1054030&st=1274686&wd=488671&d=onccmf.com&tpl=24&rnd=0.8354165091602229&sbid=&sbid2=fernandointent%3A%2F%2Fonccmf.com%2Facce
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /rpe?a=1&s=1&act=17&src=2&p=1054030&st=1274686&wd=488671&d=onccmf.com&tpl=24&rnd=0.8354165091602229&sbid=&sbid2=fernandointent%3A%2F%2Fonccmf.com%2Facce HTTP/1.1
Host: bcuiaw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onccmf.com
DNT: 1
Connection: keep-alive
Referer: https://onccmf.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 23 Sep 2023 22:05:28 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecrwqu.com/cuclc?aid=7383586043630731498&t=1695506728&s=833686
275 B URL ecrwqu.com/cuclc?aid=7383586043630731498&t=1695506728&s=833686
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d1535e5827fe593d308dd0f8839507b2
beb1ab8a6c60451fd5c28dfd2642fc48718e8774
fe78da829727729bd7d0f2981bb39d5856c46b0a893f524fd950b658f6a9cd68
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cuclc?aid=7383586043630731498&t=1695506728&s=833686 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyae1.onccmf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: text/html; charset=utf-8
content-length: 275
location: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671
X-Firefox-Spdy: h2
pyenze.com/images/play-2/icon1.png
7.3 kB URL pyenze.com/images/play-2/icon1.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon1.png HTTP/1.1
Host: pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 7252
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1c54"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
pyenze.com/images/play-2/icon3.png
7.8 kB URL pyenze.com/images/play-2/icon3.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon3.png HTTP/1.1
Host: pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 7847
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1ea7"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
pyenze.com/images/play-2/icon4.png
7.0 kB URL pyenze.com/images/play-2/icon4.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon4.png HTTP/1.1
Host: pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 7032
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1b78"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
pyenze.com/images/play-2/icon5.png
3.3 kB URL pyenze.com/images/play-2/icon5.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon5.png HTTP/1.1
Host: pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 3264
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-cc0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
pyenze.com/images/play-2/icon7.png
3.3 kB URL pyenze.com/images/play-2/icon7.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon7.png HTTP/1.1
Host: pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 3283
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-cd3"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
pyenze.com/images/play-2/icon2.png
4.6 kB URL pyenze.com/images/play-2/icon2.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon2.png HTTP/1.1
Host: pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 4576
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-11e0"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
pyenze.com/images/play-2/icon8.png
4.1 kB URL pyenze.com/images/play-2/icon8.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon8.png HTTP/1.1
Host: pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 4064
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-fe0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
39rb6.pyenze.com/images/play-2/icon1.png
7.3 kB URL 39rb6.pyenze.com/images/play-2/icon1.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon1.png HTTP/1.1
Host: 39rb6.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39rb6.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 7252
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1c54"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
39rb6.pyenze.com/images/play-2/icon2.png
4.6 kB URL 39rb6.pyenze.com/images/play-2/icon2.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon2.png HTTP/1.1
Host: 39rb6.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39rb6.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 4576
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-11e0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
39rb6.pyenze.com/images/play-2/icon3.png
7.8 kB URL 39rb6.pyenze.com/images/play-2/icon3.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon3.png HTTP/1.1
Host: 39rb6.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39rb6.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 7847
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1ea7"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
39rb6.pyenze.com/images/play-2/icon4.png
7.0 kB URL 39rb6.pyenze.com/images/play-2/icon4.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon4.png HTTP/1.1
Host: 39rb6.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39rb6.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 7032
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1b78"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
39rb6.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1
12 kB URL 39rb6.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1
IP
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, from Unix\012- data
Hash edb82d28afa60a7cf933e4b3c3a98c9d
3470d276152bce9aed3510686590187b21954b86
5db23e7b62b61aa05f75733fb1385512312ee1d13f7feb42af14e2584fb0fd90
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1 HTTP/1.1
Host: 39rb6.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyenze.com/
Cookie: truniq=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2
39rb6.pyenze.com/images/play-2/icon7.png
3.3 kB URL 39rb6.pyenze.com/images/play-2/icon7.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon7.png HTTP/1.1
Host: 39rb6.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39rb6.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 3283
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-cd3"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
39rb6.pyenze.com/images/play-2/icon8.png
4.1 kB URL 39rb6.pyenze.com/images/play-2/icon8.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon8.png HTTP/1.1
Host: 39rb6.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39rb6.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_7383586043630731498_488671_2_0&si1=a488671&i=1
Cookie: truniq=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:29 GMT
content-type: image/png
content-length: 4064
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-fe0"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
bcuiaw.com/rpe?a=1&s=1&act=17&src=2&p=1132949&st=1157256&wd=372469&d=pyenze.com&tpl=78&rnd=0.5960192812593149&sbid=a488671&sbid2=
0 B URL bcuiaw.com/rpe?a=1&s=1&act=17&src=2&p=1132949&st=1157256&wd=372469&d=pyenze.com&tpl=78&rnd=0.5960192812593149&sbid=a488671&sbid2=
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /rpe?a=1&s=1&act=17&src=2&p=1132949&st=1157256&wd=372469&d=pyenze.com&tpl=78&rnd=0.5960192812593149&sbid=a488671&sbid2= HTTP/1.1
Host: bcuiaw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://39rb6.pyenze.com
DNT: 1
Connection: keep-alive
Referer: https://39rb6.pyenze.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Sat, 23 Sep 2023 22:05:29 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2
ecrwqu.com/cuclc?aid=10664919086269222357&t=1695506730&s=833686
276 B URL ecrwqu.com/cuclc?aid=10664919086269222357&t=1695506730&s=833686
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 4b45cd6cf285238ae4beb4e13ce37b70
13289c27e37498b9ca77fb50c0eb9cd9c992585f
c8a74cc74d64a3a99b73eb8296a5bf0c20bcd92ed336ad5885ba593bee1fed06
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cuclc?aid=10664919086269222357&t=1695506730&s=833686 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://39rb6.pyenze.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: text/html; charset=utf-8
content-length: 276
location: https://pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469
X-Firefox-Spdy: h2
m38pk.pyenze.com/images/play-2/icon1.png
7.3 kB URL m38pk.pyenze.com/images/play-2/icon1.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon1.png HTTP/1.1
Host: m38pk.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m38pk.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469&i=1
Cookie: truniq=1; prompt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: image/png
content-length: 7252
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1c54"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
m38pk.pyenze.com/images/play-2/icon2.png
4.6 kB URL m38pk.pyenze.com/images/play-2/icon2.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon2.png HTTP/1.1
Host: m38pk.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m38pk.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469&i=1
Cookie: truniq=1; prompt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: image/png
content-length: 4576
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-11e0"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
m38pk.pyenze.com/images/play-2/icon7.png
3.3 kB URL m38pk.pyenze.com/images/play-2/icon7.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon7.png HTTP/1.1
Host: m38pk.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m38pk.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469&i=1
Cookie: truniq=1; prompt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: image/png
content-length: 3283
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-cd3"
x-zone: eu
accept-ranges: bytes
X-Firefox-Spdy: h2
m38pk.pyenze.com/images/play-2/icon5.png
3.3 kB URL m38pk.pyenze.com/images/play-2/icon5.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon5.png HTTP/1.1
Host: m38pk.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m38pk.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469&i=1
Cookie: truniq=1; prompt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: image/png
content-length: 3264
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-cc0"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
m38pk.pyenze.com/images/play-2/icon4.png
7.0 kB URL m38pk.pyenze.com/images/play-2/icon4.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon4.png HTTP/1.1
Host: m38pk.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m38pk.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469&i=1
Cookie: truniq=1; prompt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: image/png
content-length: 7032
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1b78"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
m38pk.pyenze.com/images/play-2/icon8.png
4.1 kB URL m38pk.pyenze.com/images/play-2/icon8.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon8.png HTTP/1.1
Host: m38pk.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m38pk.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469&i=1
Cookie: truniq=1; prompt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: image/png
content-length: 4064
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-fe0"
x-zone: eu4
accept-ranges: bytes
X-Firefox-Spdy: h2
m38pk.pyenze.com/images/play-2/icon3.png
7.8 kB URL m38pk.pyenze.com/images/play-2/icon3.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/play-2/icon3.png HTTP/1.1
Host: m38pk.pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m38pk.pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469&i=1
Cookie: truniq=1; prompt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: image/png
content-length: 7847
last-modified: Wed, 19 Jul 2023 08:21:00 GMT
etag: "64b79cec-1ea7"
x-zone: eu3
accept-ranges: bytes
X-Firefox-Spdy: h2
ecrwqu.com/cuclc?aid=14745348937373796895&t=1695506731&s=954003
179 B URL ecrwqu.com/cuclc?aid=14745348937373796895&t=1695506731&s=954003
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d6592ce511b5a82795473636934cafc0
24b69a87c56c7679e13e778b971f7cdfc2a07835
e5b69e880de6ac7c7dc7ff7723d057824b8a23c2a63e638e9c632ad502b95689
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cuclc?aid=14745348937373796895&t=1695506731&s=954003 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m38pk.pyenze.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 23 Sep 2023 22:05:31 GMT
content-type: text/html; charset=utf-8
content-length: 179
location: https://push.pricecomparedeals.com/track?q=MSNW6l5q6Jzshu
X-Firefox-Spdy: h2
clk.tradedoubler.com/click?p=238499&a=3299469&epi=EVA
302 Found 850 B URL User Request POST HTTP/3 clk.tradedoubler.com/click?p=238499&a=3299469&epi=EVA
IP
Certificate IssuerLet's Encrypt
Subject*.tradedoubler.com
FingerprintDA:41:EB:2C:A6:85:3A:A5:5A:30:E0:63:85:77:85:48:E3:3E:57:80
ValidityTue, 25 Jul 2023 01:29:13 GMT - Mon, 23 Oct 2023 01:29:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 40c5d6bccbfb2e827c69d68855803057
9034773d09f4ca54690bebce4873647de5f08e46
4b515b9473b3edf7e8566908e47c31ced7de8a040d4666285d1090d7d9dba74d
GET /click?p=238499&a=3299469&epi=EVA HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://push.pricecomparedeals.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
date: Sat, 23 Sep 2023 22:05:31 GMT
content-length: 850
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469
12 kB URL pyenze.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19863)
Hash 90b67c37b5aef8059306fede5e1513a6
b63d2e4a8de7afbb5de469e6f50a1a9d3062250f
de917c395455aa213e0acad917f4a3a444861eb9d0059d92c1e526b2d3fbcbe6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_10664919086269222357_372469_2_0&si1=a372469 HTTP/1.1
Host: pyenze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39rb6.pyenze.com/
DNT: 1
Connection: keep-alive
Cookie: truniq=1; prompt=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.1
date: Sat, 23 Sep 2023 22:05:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu4
content-encoding: gzip
X-Firefox-Spdy: h2
clk.tradedoubler.com/click?p=238499&a=3299469&epi=EVA
302 Found 472 B URL User Request POST HTTP/3 clk.tradedoubler.com/click?p=238499&a=3299469&epi=EVA
IP
Certificate IssuerLet's Encrypt
Subject*.tradedoubler.com
FingerprintDA:41:EB:2C:A6:85:3A:A5:5A:30:E0:63:85:77:85:48:E3:3E:57:80
ValidityTue, 25 Jul 2023 01:29:13 GMT - Mon, 23 Oct 2023 01:29:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (472), with no line terminators
Hash 3a04d3d03f309f27d6355b4615c1af05
325256727f41662229abb6bd10e599a4384f8966
18c28510bc8729a092434a5f2ec7d9cc7393223c75853f83b532f257da1a6db8
POST /click?p=238499&a=3299469&epi=EVA HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 376
Origin: https://clk.tradedoubler.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
location: http://redirects.tradedoubler.com/projectr/?utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_medium=affiliate*_td_*KEEP_NEWEST&affiliate_id=3299469&utm_campaign=finnblomster.no*_td_*KEEP_NEWEST&tduid=e781c089bbcbb4fe70a94f0d8606b188&_td_deeplink=http://www.euroflorist.no
set-cookie: EH_0=1z11z1z13Dz1RioA4z16ExyaQdSCKbyFF1u%7a9iOMg%7a0ZE0RrpfAuuHKKX%7aAQmL4I1IufaTHk4hl2fOHPa.BgCM6;expires=Sun, 22-Sep-2024 22:05:32 GMT;path=/;domain=.tradedoubler.com
GUID=1z11zz13DzvlJRgze781c089bbcbb4fe70a94f0d8606b188;expires=Sun, 22-Sep-2024 22:05:32 GMT;path=/;domain=.tradedoubler.com
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
date: Sat, 23 Sep 2023 22:05:32 GMT
content-length: 472
content-type: text/html; charset=ISO-8859-1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clk.tradedoubler.com/favicon.ico
193 B URL clk.tradedoubler.com/favicon.ico
IP
Certificate IssuerLet's Encrypt
Subject*.tradedoubler.com
FingerprintDA:41:EB:2C:A6:85:3A:A5:5A:30:E0:63:85:77:85:48:E3:3E:57:80
ValidityTue, 25 Jul 2023 01:29:13 GMT - Mon, 23 Oct 2023 01:29:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4
GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Cookie: EH_0=1z11z1z13Dz1RioA4z16ExyaQdSCKbyFF1u%7a9iOMg%7a0ZE0RrpfAuuHKKX%7aAQmL4I1IufaTHk4hl2fOHPa.BgCM6; GUID=1z11zz13DzvlJRgze781c089bbcbb4fe70a94f0d8606b188
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 23 Sep 2023 22:05:32 GMT
content-length: 193
content-type: text/html; charset=ISO-8859-1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
redirects.tradedoubler.com/projectr/?utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_medium=affiliate*_td_*KEEP_NEWEST&affiliate_id=3299469&utm_campaign=finnblomster.no*_td_*KEEP_NEWEST&tduid=e781c089bbcbb4fe70a94f0d8606b188&_td_deeplink=http://www.euroflorist.no
302 Found 1 B URL User Request GET HTTP/1.1 redirects.tradedoubler.com/projectr/?utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_medium=affiliate*_td_*KEEP_NEWEST&affiliate_id=3299469&utm_campaign=finnblomster.no*_td_*KEEP_NEWEST&tduid=e781c089bbcbb4fe70a94f0d8606b188&_td_deeplink=http://www.euroflorist.no
IP
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /projectr/?utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_medium=affiliate*_td_*KEEP_NEWEST&affiliate_id=3299469&utm_campaign=finnblomster.no*_td_*KEEP_NEWEST&tduid=e781c089bbcbb4fe70a94f0d8606b188&_td_deeplink=http://www.euroflorist.no HTTP/1.1
Host: redirects.tradedoubler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Cookie: EH_0=1z11z1z13Dz1RioA4z16ExyaQdSCKbyFF1u%7a9iOMg%7a0ZE0RrpfAuuHKKX%7aAQmL4I1IufaTHk4hl2fOHPa.BgCM6; GUID=1z11zz13DzvlJRgze781c089bbcbb4fe70a94f0d8606b188
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-control: no-cache="set-cookie"
Content-Type: text/html; charset=UTF-8
Date: Sat, 23 Sep 2023 22:05:32 GMT
Location: http://www.euroflorist.no?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Server: Apache/2.4.57 (Ubuntu)
Set-Cookie: AWSELB=FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92448B5DC41B6DF8F1BB665B74D1DBC44CACB35A8119CA374522E5CD51D3AB65B8C1BA03E231E71D15DBA2CF9A7C59ACA2;PATH=/;MAX-AGE=30
Content-Length: 1
Connection: keep-alive
www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
200 OK 0 B URL User Request GET HTTP/2 www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
IP
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 301 Moved Permanently
Location: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
ocsp.godaddy.com/
2.1 kB IP
Hash 501fa06d231ff0c0ae0f977c0657c65e
3387040ad8ebde13fc8ecacfcd661a8f5cab3a5a
ac63b68eb69013d39c5c88e9e0ca2f1d434a4cdb1722c48d82233575ca569840
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 23 Sep 2023 22:05:33 GMT
Content-Type: application/ocsp-response
Content-Length: 2107
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 23 Sep 2023 17:24:59 GMT
Expires: Sun, 24 Sep 2023 17:24:59 GMT
ETag: "3387040ad8ebde13fc8ecacfcd661a8f5cab3a5a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
200 OK 52 kB URL User Request GET HTTP/2 www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
IP
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21449), with CRLF, LF line terminators
Hash 36a4b5301b95f487e0ab30cc0e31aa13
41a4f74c85d72f6a40c975f3371f6e11df933906
d03e90c1da2851c5c39038cb1787255c21b0e2cd8856f6f4d3ef1e098f5e9b44
GET /?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; path=/; secure; HttpOnly; SameSite=None; SameSite=None
__RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; path=/; secure; HttpOnly; SameSite=None
FunctionalAgreement=False; expires=Fri, 23-Sep-2033 22:00:00 GMT; path=/; secure; SameSite=None
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:32 GMT
content-length: 51481
X-Firefox-Spdy: h2
www.euroflorist.no/bundles/md22?v=MAm8lu5Odv_5m6fWZ8OFeb7dsIHR2bS37wDVvq3QSic1
200 OK 21 kB URL GET HTTP/2 www.euroflorist.no/bundles/md22?v=MAm8lu5Odv_5m6fWZ8OFeb7dsIHR2bS37wDVvq3QSic1
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Unicode text, UTF-8 text, with very long lines (65484), with no line terminators
Hash 18553255281f58d3057fdf672570e949
4116fa66504ec9d04047bdc0b5adca8d85b2cfa8
cab114f0ebbde13096bdc0a174c12de35688c49d93daa0d1cd8707c8b28d6e82
GET /bundles/md22?v=MAm8lu5Odv_5m6fWZ8OFeb7dsIHR2bS37wDVvq3QSic1 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Sun, 22 Sep 2024 22:05:33 GMT
last-modified: Sat, 23 Sep 2023 22:05:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:32 GMT
content-length: 21391
X-Firefox-Spdy: h2
www.euroflorist.no/Domains/NO/Lang/nb/rebranding_flag.png
200 OK 530 B URL GET HTTP/2 www.euroflorist.no/Domains/NO/Lang/nb/rebranding_flag.png
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type PNG image data, 23 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash a6160855731f327e5970a1d0730c3e5a
f035c6615a974929d65c106ab0c7a547e66ab9b3
5e129628a835c5797903fc22bb49acdb768b9c1a4eaab060870246cdff4c24bb
GET /Domains/NO/Lang/nb/rebranding_flag.png HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/png
last-modified: Thu, 10 Oct 2019 11:10:18 GMT
accept-ranges: bytes
etag: "089874c5b7fd51:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:32 GMT
content-length: 530
X-Firefox-Spdy: h2
www.euroflorist.no/Domains/NO/Lang/en/rebranding_flag.png
200 OK 1.2 kB URL GET HTTP/2 www.euroflorist.no/Domains/NO/Lang/en/rebranding_flag.png
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type PNG image data, 23 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 09c241bfd172f1d4515c7a687f33ce75
330266a1c2bb1b7cde4971e16de1833207facfbd
d4b4d23ca2a5d9868a70db485503c6bf22944bce251420643a6b537721c0048d
GET /Domains/NO/Lang/en/rebranding_flag.png HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/png
last-modified: Thu, 10 Oct 2019 11:10:18 GMT
accept-ranges: bytes
etag: "089874c5b7fd51:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:32 GMT
content-length: 1168
X-Firefox-Spdy: h2
www.euroflorist.no/bundles/criticalJS?v=7x62iPh0jmD5NBhGw-reWNCwyVfsrcn1BcDqkCdZEYc1
200 OK 8.3 kB URL GET HTTP/2 www.euroflorist.no/bundles/criticalJS?v=7x62iPh0jmD5NBhGw-reWNCwyVfsrcn1BcDqkCdZEYc1
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type ASCII text, with very long lines (21239), with no line terminators
Hash f330eb263274690067b9076b04fa3f81
0e4ef9d99ffbbf71fea94b0ea036da4add4c4ef8
2dc7fb1321111221f24a7418cfe51d3e8821b60dd04e653788a724fba040a659
GET /bundles/criticalJS?v=7x62iPh0jmD5NBhGw-reWNCwyVfsrcn1BcDqkCdZEYc1 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sun, 22 Sep 2024 22:05:33 GMT
last-modified: Sat, 23 Sep 2023 22:05:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 8290
X-Firefox-Spdy: h2
www.euroflorist.no/bundles/popupLogin-javascript?v=WnzdqZjgxef2Q5LKOq1Um2Jx5edouaXsxCaEdfj7CD41
200 OK 1.1 kB URL GET HTTP/2 www.euroflorist.no/bundles/popupLogin-javascript?v=WnzdqZjgxef2Q5LKOq1Um2Jx5edouaXsxCaEdfj7CD41
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type ASCII text, with very long lines (2189), with no line terminators
Hash 81c4d78e0bfea8081f544809fada5db1
ef12ac8f9cb7ea06a3ded06dc3c5f02a33f0c0ec
719ade58346529ccb74fec9a687506f6473d93fa4aaa0dad6ecd4471af5651dd
GET /bundles/popupLogin-javascript?v=WnzdqZjgxef2Q5LKOq1Um2Jx5edouaXsxCaEdfj7CD41 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sun, 22 Sep 2024 22:05:33 GMT
last-modified: Sat, 23 Sep 2023 22:05:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 1125
X-Firefox-Spdy: h2
www.euroflorist.no/bundles/picturefill?v=lWV_KU5B89CJ1S1uR3K80DSC8AES10lgvNo6HTlbk4k1
200 OK 6.0 kB URL GET HTTP/2 www.euroflorist.no/bundles/picturefill?v=lWV_KU5B89CJ1S1uR3K80DSC8AES10lgvNo6HTlbk4k1
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type ASCII text, with very long lines (11291), with no line terminators
Hash 292d47989e5d3254e3f66ff467ed3c89
5eef05f0692c74539e7e21f983dbdc4e3621fe6f
6bcdd90fe0fba2df96e22787910c45b7aa75288cb05956729a39324b1d375263
GET /bundles/picturefill?v=lWV_KU5B89CJ1S1uR3K80DSC8AES10lgvNo6HTlbk4k1 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sun, 22 Sep 2024 22:05:33 GMT
last-modified: Sat, 23 Sep 2023 22:05:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 5997
X-Firefox-Spdy: h2
www.euroflorist.no/bundles/optievents?v=k8t_lpIK4KFKUOrXB8JfHWzvWWy9Bk--C1Z_yyt4jJM1
200 OK 280 B URL GET HTTP/2 www.euroflorist.no/bundles/optievents?v=k8t_lpIK4KFKUOrXB8JfHWzvWWy9Bk--C1Z_yyt4jJM1
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type ASCII text, with very long lines (345), with no line terminators
Hash bc9ed78bb71190ef72a8bc66c89ff542
1cc48afbff469a2a6baf411b2ed386c185d1d1c6
c29a18f2da59940a581aa02fcad26c14016f2152bd858bd21fa5ad7cbdcbef2d
GET /bundles/optievents?v=k8t_lpIK4KFKUOrXB8JfHWzvWWy9Bk--C1Z_yyt4jJM1 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sun, 22 Sep 2024 22:05:33 GMT
last-modified: Sat, 23 Sep 2023 22:05:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:32 GMT
content-length: 280
X-Firefox-Spdy: h2
www.euroflorist.no/bundles/locationFirst-javascript?v=FSSTl06FXBE_vtIvI0B95cJmMGJAt0xEJueqlDmqEw41
200 OK 9.0 kB URL GET HTTP/2 www.euroflorist.no/bundles/locationFirst-javascript?v=FSSTl06FXBE_vtIvI0B95cJmMGJAt0xEJueqlDmqEw41
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type ASCII text, with very long lines (28943), with no line terminators
Hash 6ed58500ca5862a45b5decdd82a00aa5
2b080468dd1c28f45cb11c51b4366a4c27a50340
5732b6340fcc940eeeb6461afcc679775eeec74308b029943709a41e8a37991a
GET /bundles/locationFirst-javascript?v=FSSTl06FXBE_vtIvI0B95cJmMGJAt0xEJueqlDmqEw41 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sun, 22 Sep 2024 22:05:33 GMT
last-modified: Sat, 23 Sep 2023 22:05:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 8999
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
2.1 kB IP
Hash 7255882e83a5db927edf63f15acf76a3
081ce8af34b016e83944384e7ed0e3c609831ba1
3d7fa413eec2ef411d7b7f864480118964240606902ffb00a8a70a4b22418a4d
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 23 Sep 2023 22:05:33 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 23 Sep 2023 03:25:32 GMT
Expires: Sun, 24 Sep 2023 03:25:32 GMT
ETag: "081ce8af34b016e83944384e7ed0e3c609831ba1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.starfieldtech.com/
2.1 kB IP
Hash 7255882e83a5db927edf63f15acf76a3
081ce8af34b016e83944384e7ed0e3c609831ba1
3d7fa413eec2ef411d7b7f864480118964240606902ffb00a8a70a4b22418a4d
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 23 Sep 2023 22:05:33 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 23 Sep 2023 03:25:32 GMT
Expires: Sun, 24 Sep 2023 03:25:32 GMT
ETag: "081ce8af34b016e83944384e7ed0e3c609831ba1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdn.euroflorist.com/cmspr/No/screen-hp_osn_298x298_pink_lillies-31x0.webp
200 OK 15 kB URL GET HTTP/2 cdn.euroflorist.com/cmspr/No/screen-hp_osn_298x298_pink_lillies-31x0.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 298x298, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e18c7895c2a3e36b366562a285bf8e9e
6db9125f515ada7e0d62b0ffe3a37553cecb9d6e
639549a6937ff3cbf5894709f91bb3c4df18a4cd0528b70bf018b2198cfefe01
GET /cmspr/No/screen-hp_osn_298x298_pink_lillies-31x0.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 15102
content-type: image/webp
last-modified: Thu, 22 Jun 2023 13:54:37 GMT
accept-ranges: bytes
etag: "c7541e1511a5d91:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0mVMPZQAAAADG81DBjceTRbIH0XGNFmlIQU1TMDRFREdFMTkxMwBlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0LWEPZQAAAABGFrCEicDoSrqxuaNvqqmtU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:33 GMT
X-Firefox-Spdy: h2
design.euroflorist.com/theme/MD22/style.css
200 OK 7.3 kB URL GET HTTP/2 design.euroflorist.com/theme/MD22/style.css
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerStarfield Technologies, Inc.
Subject*.euroflorist.com
FingerprintF4:47:F3:7F:7C:9A:47:45:F0:89:5B:F6:F5:30:39:40:49:44:03:24
ValidityWed, 28 Dec 2022 13:58:43 GMT - Mon, 29 Jan 2024 13:58:43 GMT
File type ASCII text, with very long lines (22813), with no line terminators
Hash ac76c1657f456bae04449125acc5cd22
6fe09aa8d78cd25239263d4e226c969075580690
9af0378f06cfa5e0a1279ba04a05bd6f4ab6f9011f74ee4c800f5e73e516c4c8
GET /theme/MD22/style.css HTTP/1.1
Host: design.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: text/css
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 08:02:29 GMT
accept-ranges: bytes
etag: "80d83029446d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Sat, 23 Sep 2023 22:05:32 GMT
content-length: 7250
set-cookie: livetest-persist=rd568o00000000000000000000ffffc0a86650o443; path=/; Httponly; Secure
strict-transport-security: max-age=16070400; includeSubDomains
X-Firefox-Spdy: h2
cdn.euroflorist.com/cmspr/No/reasons_hydrangea_298x2980.webp
200 OK 15 kB URL GET HTTP/2 cdn.euroflorist.com/cmspr/No/reasons_hydrangea_298x2980.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 298x298, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 503146190e67021ed82e75147c5e7002
979826ae9971adae256c09573453f7c10044eaf8
841398087359d46ee95fefb1d52dd7809b8282cb53bd48e87aa26619ef48ecd2
GET /cmspr/No/reasons_hydrangea_298x2980.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 15228
content-type: image/webp
last-modified: Tue, 30 Aug 2022 12:41:55 GMT
accept-ranges: bytes
etag: "92742fe36dbcd81:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0mVMPZQAAAADhv3UliOa3QZlLE8nVfp7sQU1TMDRFREdFMTkwOQBlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0LWEPZQAAAACCutb07dgRRan6ea0cxJs/U1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:33 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/cmspr/No/screen-hp_osn_298x298_white_lillies-2x0.webp
200 OK 11 kB URL GET HTTP/2 cdn.euroflorist.com/cmspr/No/screen-hp_osn_298x298_white_lillies-2x0.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 298x298, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 792769c03bf9834d4a7312f4cf721980
4c24255b0aa322ee4f0d0ee27af2baa8d3c57c41
765b100aee3a44ec5ddf7e9cf12aef5ed5a81511ef385c5b9719da5fcdca3336
GET /cmspr/No/screen-hp_osn_298x298_white_lillies-2x0.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 10590
content-type: image/webp
last-modified: Thu, 22 Jun 2023 13:54:37 GMT
accept-ranges: bytes
etag: "9b507b1511a5d91:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0mVMPZQAAAABFfAuX7xVyS7zYQNOyayiNQU1TMDRFREdFMTkxNwBlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0LWEPZQAAAABi9bO68Em/Rreh3Zq+vI7AU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:33 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/cmspr/No/screen-hp_osn_298x298_gerbera-6x0.webp
200 OK 16 kB URL GET HTTP/2 cdn.euroflorist.com/cmspr/No/screen-hp_osn_298x298_gerbera-6x0.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 298x298, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba1cefd154f61c92514575239152aae6
d5115613a7609f0650ecc31a83e263cf16c48cfc
80ba84e099b621812f15c48e61480b2160b3ec0796645c6f045fad9d306b1145
GET /cmspr/No/screen-hp_osn_298x298_gerbera-6x0.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 15592
content-type: image/webp
last-modified: Mon, 26 Jun 2023 09:05:47 GMT
accept-ranges: bytes
etag: "5588c865da8d91:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0mlMPZQAAAAClWN6MbRrqRK1DFhQag96DQU1TMDRFREdFMTgxMABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0LWEPZQAAAAA0gMDkQcIvTKPV/YeSgH8SU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:33 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/cmspr/No/desktopautumn2023-n0.webp
200 OK 187 kB URL GET HTTP/2 cdn.euroflorist.com/cmspr/No/desktopautumn2023-n0.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2200x917, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 187 kB (186770 bytes)
Hash 6dfdcb7485062caf8e496aebdd0cedcd
5729e5fde5885c7258e42e861e1c85246ba1cd1f
cb4773d831577f92d213d1afe56c0c2cc74a9e57c8e32e7289bf62304e5dad7f
GET /cmspr/No/desktopautumn2023-n0.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 186770
content-type: image/webp
last-modified: Tue, 29 Aug 2023 20:25:22 GMT
accept-ranges: bytes
etag: "95185efb6dad91:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0nFMPZQAAAAD+aUAqVVixSqrwDNvSzlT7QU1TMDRFREdFMTkxMABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0LWEPZQAAAADEVS7eTb9QQa+jzM9oSrGXU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:33 GMT
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash 1d37f16a113da0066ddacd53cf7e1026
5a2ac55be0b83d5922271a8529ac718946c73d65
096de1fc8df00838f633b4d19f2a68227192a23c073e568e8d0c90daf3b90867
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 23 Sep 2023 22:05:33 GMT
Last-Modified: Sat, 23 Sep 2023 21:55:17 GMT
Server: ECAcc (amb/6AB3)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IulsuzGWzMQaVoGcBZ8bgMGVLgoRmaoipaXGW4UJnlfdJiG__0b3dg==
Age: 616
design.euroflorist.com/theme/MD22/main.js
19 kB URL design.euroflorist.com/theme/MD22/main.js
IP
Certificate IssuerStarfield Technologies, Inc.
Subject*.euroflorist.com
FingerprintF4:47:F3:7F:7C:9A:47:45:F0:89:5B:F6:F5:30:39:40:49:44:03:24
ValidityWed, 28 Dec 2022 13:58:43 GMT - Mon, 29 Jan 2024 13:58:43 GMT
File type ASCII text, with very long lines (42478)
Hash ee0f38c3e308332c9c6b1c84c4f982f6
f434ab09b3ee6bf2526f8c3ad31f327aeccded67
30e831e5657e32480437d73046968967e838dbfad9d8af5b44233d2cda3b47f5
GET /theme/MD22/main.js HTTP/1.1
Host: design.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 08:02:29 GMT
accept-ranges: bytes
etag: "80d83029446d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 18993
set-cookie: livetest-persist=rd568o00000000000000000000ffffc0a86650o443; path=/; Httponly; Secure
strict-transport-security: max-age=16070400; includeSubDomains
X-Firefox-Spdy: h2
eu1-search.doofinder.com/5/script/84ad22aa1e77762a4434d2d4c8a1e3d1.js
200 OK 548 B URL GET HTTP/2 eu1-search.doofinder.com/5/script/84ad22aa1e77762a4434d2d4c8a1e3d1.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerAmazon
Subjectdoofinder.com
Fingerprint86:35:D0:CB:2B:82:BD:15:A3:8A:F7:E3:B5:9C:9A:5D:7C:7D:CC:BD
ValidityTue, 23 May 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT
Hash f6fec98b2c51593a8f834ffe0fb96ff9
f8bb5e767629639e1407aa2e760d6f453d6c21a3
54398166d620a0eb6a0137329e9e66040be78a2ef0c60b9e017d46d74d740669
GET /5/script/84ad22aa1e77762a4434d2d4c8a1e3d1.js HTTP/1.1
Host: eu1-search.doofinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 548
cache-control: public, max-age=3600
content-encoding: gzip
server: Cowboy
vary: accept-encoding
x-request-id: F4emZDpRmm3u0HIDN2hh
X-Firefox-Spdy: h2
www.euroflorist.no/Content/md22/font/BrandonGrotesque/BrandonGrotesqueBold.woff2
200 OK 30 kB URL GET HTTP/2 www.euroflorist.no/Content/md22/font/BrandonGrotesque/BrandonGrotesqueBold.woff2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Web Open Font Format (Version 2), TrueType, length 29564, version 1.0\012- data
Hash 1bfe1c21e486f506f32d25a8f15c6acc
58271bbc42d99863fd1a1a9d2de420fb4a480ef4
5f428f3ea923ddeb2cd220a7b9a6c15d1483c06c9e0fd5ed25a91ed24bf6a301
GET /Content/md22/font/BrandonGrotesque/BrandonGrotesqueBold.woff2 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/font-woff
last-modified: Sat, 18 Jun 2022 11:16:52 GMT
accept-ranges: bytes
etag: "0aa5e9483d81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 29564
X-Firefox-Spdy: h2
www.euroflorist.no/Content/md22/font/BrandonGrotesque/BrandonGrotesqueMedium.woff2
200 OK 30 kB URL GET HTTP/2 www.euroflorist.no/Content/md22/font/BrandonGrotesque/BrandonGrotesqueMedium.woff2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Web Open Font Format (Version 2), TrueType, length 29772, version 1.0\012- data
Hash 431a8c5ff79a3ec305add80c9d9d7d60
08feb999070142e30a546056344a4000b8c0c580
93245546cce89b7c3f2d06da1acaccd5253ee3cb9d59180f9d456678438cb96c
GET /Content/md22/font/BrandonGrotesque/BrandonGrotesqueMedium.woff2 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/font-woff
last-modified: Sat, 18 Jun 2022 11:16:52 GMT
accept-ranges: bytes
etag: "0aa5e9483d81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 29772
X-Firefox-Spdy: h2
www.euroflorist.no/Content/md22/font/GlamourAbsolute/GlamourAbsolute_Regular.woff2
200 OK 22 kB URL GET HTTP/2 www.euroflorist.no/Content/md22/font/GlamourAbsolute/GlamourAbsolute_Regular.woff2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Web Open Font Format (Version 2), TrueType, length 22232, version 1.0\012- data
Hash 5c78fd6344120b36a943b638cdb2a128
bed41a296829c03cfd7a4cb1e9afc466e4b1adef
d1fe229c3d0b596ab771b13ffc08d9c8adf84e67b30ae2e32303a09cf38be2b6
GET /Content/md22/font/GlamourAbsolute/GlamourAbsolute_Regular.woff2 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/font-woff
last-modified: Sat, 18 Jun 2022 11:16:52 GMT
accept-ranges: bytes
etag: "0aa5e9483d81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 22232
X-Firefox-Spdy: h2
www.euroflorist.no/bundles/popupLogin-javascript?v=WnzdqZjgxef2Q5LKOq1Um2Jx5edouaXsxCaEdfj7CD41
200 OK 1.1 kB URL GET HTTP/2 www.euroflorist.no/bundles/popupLogin-javascript?v=WnzdqZjgxef2Q5LKOq1Um2Jx5edouaXsxCaEdfj7CD41
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type ASCII text, with very long lines (2189), with no line terminators
Hash 81c4d78e0bfea8081f544809fada5db1
ef12ac8f9cb7ea06a3ded06dc3c5f02a33f0c0ec
719ade58346529ccb74fec9a687506f6473d93fa4aaa0dad6ecd4471af5651dd
GET /bundles/popupLogin-javascript?v=WnzdqZjgxef2Q5LKOq1Um2Jx5edouaXsxCaEdfj7CD41 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sun, 22 Sep 2024 22:05:34 GMT
last-modified: Sat, 23 Sep 2023 22:05:34 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 1125
X-Firefox-Spdy: h2
www.euroflorist.no/Content/md22/icon/fonts/md22.woff?d9tux6
200 OK 6.9 kB URL GET HTTP/2 www.euroflorist.no/Content/md22/icon/fonts/md22.woff?d9tux6
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Web Open Font Format, TrueType, length 6896, version 1.0\012- data
Hash 4f31953927708d80ae06c82c50478a69
b9a3c465c36c703154f0e5b86d069551210345b5
c22a3ff54a52010962aae88e7127c6dd7af51fc28054fe55d9fea63e7982f33f
GET /Content/md22/icon/fonts/md22.woff?d9tux6 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/font-woff
last-modified: Thu, 01 Dec 2022 16:42:52 GMT
accept-ranges: bytes
etag: "04e43f4a35d91:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 6896
X-Firefox-Spdy: h2
www.euroflorist.no/Content/md22/font/BrandonGrotesque/BrandonGrotesqueRegular.woff2
200 OK 28 kB URL GET HTTP/2 www.euroflorist.no/Content/md22/font/BrandonGrotesque/BrandonGrotesqueRegular.woff2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Web Open Font Format (Version 2), TrueType, length 28204, version 1.0\012- data
Hash 9b4d047cf73b2a38a3e3d3fba4838461
b51d35011b5dd57bda603d3981eb06f8de355e4e
01363b630f1abadee163ff7ac42f14cea0b92ac1c88ca4bcddb148835c04e0af
GET /Content/md22/font/BrandonGrotesque/BrandonGrotesqueRegular.woff2 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/font-woff
last-modified: Sat, 18 Jun 2022 11:16:52 GMT
accept-ranges: bytes
etag: "0aa5e9483d81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 28204
X-Firefox-Spdy: h2
www.euroflorist.no/Content/md22/font/GlamourAbsolute/GlamourAbsolute_Condensed.woff2
200 OK 23 kB URL GET HTTP/2 www.euroflorist.no/Content/md22/font/GlamourAbsolute/GlamourAbsolute_Condensed.woff2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Web Open Font Format (Version 2), TrueType, length 22668, version 1.0\012- data
Hash 666f15873f05fd40aff9815017592f3c
669f460b09a1659f5253370fe90f8dfb0dfa84d7
222145f5b5b3b347bc0b770b10490bf2873ad963e65b912975ebae2b8a6f1331
GET /Content/md22/font/GlamourAbsolute/GlamourAbsolute_Condensed.woff2 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/font-woff
last-modified: Sat, 18 Jun 2022 11:16:52 GMT
accept-ranges: bytes
etag: "0aa5e9483d81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 22668
X-Firefox-Spdy: h2
www.euroflorist.no/Content/md22/font/GlamourAbsolute/GlamourAbsolute_Alt1.woff2
200 OK 16 kB URL GET HTTP/2 www.euroflorist.no/Content/md22/font/GlamourAbsolute/GlamourAbsolute_Alt1.woff2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Web Open Font Format (Version 2), TrueType, length 15620, version 1.0\012- data
Hash a7b295989d8af21f404a649e23d05138
c3ce6563ae90d513b6506ba1e7eb90de735a5406
e5e44a6fb3d72a970ee177216f92715a38e231428ef140408548da62d20d638f
GET /Content/md22/font/GlamourAbsolute/GlamourAbsolute_Alt1.woff2 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/font-woff
last-modified: Sat, 18 Jun 2022 11:18:58 GMT
accept-ranges: bytes
etag: "0bd1f34583d81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 15620
X-Firefox-Spdy: h2
www.euroflorist.no/Content/md22/font/GlamourAbsolute/GlamourAbsolute_Alt2.woff2
200 OK 13 kB URL GET HTTP/2 www.euroflorist.no/Content/md22/font/GlamourAbsolute/GlamourAbsolute_Alt2.woff2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash d823ffb2e514f079e4892f0b94dfed4a
af987f4ea2a4fd59589fef6d413847a427c445e5
20c672e304a61f245eb57b51a4f01b574b331b62842e75ad0a256f6ed31bbb47
GET /Content/md22/font/GlamourAbsolute/GlamourAbsolute_Alt2.woff2 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: application/font-woff
last-modified: Sat, 18 Jun 2022 11:18:58 GMT
accept-ranges: bytes
etag: "0bd1f34583d81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 12700
X-Firefox-Spdy: h2
cdn.euroflorist.com/cmspr/No/overlay_popular_340x340_no0.webp
200 OK 1.8 kB URL GET HTTP/2 cdn.euroflorist.com/cmspr/No/overlay_popular_340x340_no0.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1017dd9ab590d6528f889f374dcc0010
ff279dc28db9d67054ee6be9bf7fb603af7c406e
f45c812e07433e97bb0ae8b64a2d7b67c0144161d031bce309e312780957a2de
GET /cmspr/No/overlay_popular_340x340_no0.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 1770
content-type: image/webp
last-modified: Tue, 26 Jul 2022 13:44:19 GMT
accept-ranges: bytes
etag: "38a950cef5a0d81:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0mFMPZQAAAAD8Mmrj3fQSSJNMDYNk+qyMQU1TMDRFREdFMTgwOQBlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0LmEPZQAAAAC2e0BJSGXvT5ypD+XWlbXpU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:33 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/cmspr/No/overlay_levering-oslo-omegn_340x340_no_(002)0.webp
200 OK 2.6 kB URL GET HTTP/2 cdn.euroflorist.com/cmspr/No/overlay_levering-oslo-omegn_340x340_no_(002)0.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19db18f8e2244a2e917e406e312af821
0374b5884e8a4872e3d02367f273f1518fa56fa2
e123f4062a32d0d4007c3d06f280b1372d3547486f35002a8ef910b042d8a5d2
GET /cmspr/No/overlay_levering-oslo-omegn_340x340_no_(002)0.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 2608
content-type: image/webp
last-modified: Tue, 14 Feb 2023 08:03:19 GMT
accept-ranges: bytes
etag: "7894b5cc4a40d91:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0mVMPZQAAAADuuZp0ibd7QIzsdHSQVzJkQU1TMDRFREdFMTgxNABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0LmEPZQAAAACRvZOlZGTrRIdQTMRWr9nmU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:33 GMT
X-Firefox-Spdy: h2
www.euroflorist.no/Domains/NO/Images/ProductPreloader.svg
200 OK 2.4 kB URL GET HTTP/2 www.euroflorist.no/Domains/NO/Images/ProductPreloader.svg
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 8288dde5fecd7fcdc7483fba1f854373
61a24b7f914a177a8295308bf7449c470f328a39
60c8daf8f7ba41fecb1c6d6b7bf606082573ad4491f75be6ea14a7b75ff25dd8
GET /Domains/NO/Images/ProductPreloader.svg HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/svg+xml
last-modified: Tue, 04 Oct 2022 13:55:14 GMT
accept-ranges: bytes
etag: "0cd44edf8d7d81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
content-length: 2379
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 41d47531a53830929519cbac6bcf752a
c39e4c34f34823397d064f1dd018625b2321f892
77798848ecc76001633e9d6571748a6c58fc655abb7509c4deb52932479e93ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:05:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MKKSCP
200 OK 93 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MKKSCP
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (32953)
Hash ce224ab72bcda9632ee05afb507744e6
c50c4ad2a8be301895bd72da58535c7729cd7b51
6372f25fd8e2407cceb40cbe82a365f1a9447068f02b83100afa3e9de07fc96f
GET /gtm.js?id=GTM-MKKSCP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 22:05:34 GMT
expires: Sat, 23 Sep 2023 22:05:34 GMT
cache-control: private, max-age=900
last-modified: Sat, 23 Sep 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 41d47531a53830929519cbac6bcf752a
c39e4c34f34823397d064f1dd018625b2321f892
77798848ecc76001633e9d6571748a6c58fc655abb7509c4deb52932479e93ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:05:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ekr.zdassets.com/compose/878de286-58a6-4752-b7d2-0b72ea6a099f
89 kB URL ekr.zdassets.com/compose/878de286-58a6-4752-b7d2-0b72ea6a099f
IP
File type JSON data\012- , ASCII text, with very long lines (1443), with no line terminators
Hash 3a1efa2ae39688bbac3483741e30c612
b025562d4d3b2c9feb07b8ed76b0c9a4ac0e9586
d558a9321633d82c3d5329fa4013308d6a46d20bb91ccea16daffe58c68dbc48
GET /compose/878de286-58a6-4752-b7d2-0b72ea6a099f HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:35 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"d558a9321633d82c3d5329fa4013308d"
x-request-id: 7fd8562068311c86-SEA, 7fd8562068311c86-SEA
x-runtime: 0.010970
x-zendesk-zorg: yes
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aoOe7wr21U3jp%2FsW4J4CelouqObVU79I%2BJ%2FKKZQmn60TZkUILGBcErI%2B73WWoSurvrjW78PMP9sh2vy5FBth5rz0NzWmkIQ666aItz2DP1mi5%2FBZwnqswJ74Tt4dJbococ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 80b617051ebe56ae-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-banner.com/v2/524589/banner.js
200 OK 20 kB URL GET HTTP/2 js.hs-banner.com/v2/524589/banner.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint2C:9C:DC:70:87:29:18:51:70:06:6E:2F:4B:4D:E0:23:1F:30:84:18
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (60888)
Hash 7eda0253cdb72074bfadebac6f833109
564740e8277b1fa3adf18c41ba1e5f680901adb9
b77f7bbfd360d2b493a7a6cd3f01719ebce241dfeca163eb88bb088890891c84
GET /v2/524589/banner.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:34 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: R5LDMAJtWbdPQNPL8aQqze2nA7/NT/5uQx5qEbjCW0Urz8y//7MNC9yys4xtQFruvzRr4Pku2ZV9YXf4HLVAywYaUBeNACFQtSDccOjYQe4=
x-amz-request-id: YATPRMVDEDTAX13E
last-modified: Tue, 05 Sep 2023 15:54:21 GMT
etag: W/"7eda0253cdb72074bfadebac6f833109"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: 7VIOtsfSWHYV7AfY6aTMecR_5edwSGFU
access-control-allow-origin: https://www.euroflorist.se
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Sat, 23 Sep 2023 22:05:29 GMT
x-envoy-upstream-service-time: 32
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-fznd8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 9bba3dc8-f7ad-4661-889c-73c53cffcb7e
x-request-id: 9bba3dc8-f7ad-4661-889c-73c53cffcb7e
cf-cache-status: HIT
age: 177
server: cloudflare
cf-ray: 80b617052e41b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.doofinder.com/media/js/doofinder-classic.7.latest.min.js
200 OK 185 kB URL GET HTTP/2 cdn.doofinder.com/media/js/doofinder-classic.7.latest.min.js
IP
ASN #60068 Datacamp Limited
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerLet's Encrypt
Subject1648062886.rsc.cdn77.org
Fingerprint74:59:88:99:99:89:0D:4F:E7:2B:06:12:98:FF:BC:0A:B9:7F:E1:FA
ValidityWed, 13 Sep 2023 16:56:59 GMT - Tue, 12 Dec 2023 16:56:58 GMT
File type gzip compressed data, from Unix\012- data
Size 185 kB (184731 bytes)
Hash 2f1ec396528f27fa40540df0905ef47c
d753066ac2fc993e86fd60433bb6d074802dc391
730dcacade2ebdfad039c3f949402db5c1a0fc612b8bf392b7c296f53699a170
GET /media/js/doofinder-classic.7.latest.min.js HTTP/1.1
Host: cdn.doofinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Sep 2023 13:46:14 GMT
etag: W/"64ff1a26-5d9ad"
cache-control: s-maxage=1036800, max-age=14400
server: CDN77-Turbo
x-77-nzt: AblMCQ334W7/OjcPAA
x-77-nzt-ray: c0a4cc2875f822792e610f6582488037
x-accel-expires: @1695546356
x-accel-date: 1694509556
x-cache: HIT
x-age: 997178
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 997178
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Hf7e2eokd6Q
471 B URL ocsp.pki.goog/s/gts1d4/Hf7e2eokd6Q
IP
Hash d31e5f57d1e8f16afc0dfa3d7a2e924e
6692fcf5c2adae9a5e814b8bfc60c2ed4c825c12
04b4c19a0cc6539b9803de40d6424f7efed7ea768366957ab44ac89ebe9df51a
POST /s/gts1d4/Hf7e2eokd6Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:05:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
200 OK 6.7 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (21661)
Hash ac0abdc1f9e115bd67375758633d6147
4bd462b3cd5585214826f9958ab02bbd51257481
3cea5994dbfeacf40ac1a561612e7f101c0f3139d13e0c5bf48ddde987677f54
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6676
last-modified: Wed, 03 May 2023 13:48:29 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 03:08:57 GMT
cache-control: max-age=86400
etag: "befec09eb386fc68a0869c8d1b529dd6"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AarJv-8-j5h6eRmsKfQOAgBq4Yq-iMdwrAojE0kiKspIeTygVfTYeQ==
age: 69698
X-Firefox-Spdy: h2
bjs.bubbi.ai/euroflorist/v1/js/bubbi.js
200 OK 20 kB URL GET HTTP/2 bjs.bubbi.ai/euroflorist/v1/js/bubbi.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectbjs.bubbi.ai
FingerprintB3:1B:94:98:EE:FC:9C:D7:6B:2C:A6:AB:9C:17:DE:C8:19:6C:2B:F6
ValiditySun, 27 Aug 2023 06:20:01 GMT - Sat, 25 Nov 2023 07:11:53 GMT
File type ASCII text, with very long lines (19833), with no line terminators
Hash 75b926148ff8504d833db6a246d89a75
dea27a918bc00a8d14d8d58223413471004b79d7
ba6508eca1f5a6c48d4a292dfb97c14e6777d0273fbefed8b09fcb04efb65061
GET /euroflorist/v1/js/bubbi.js HTTP/1.1
Host: bjs.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ADPycduCG9yWGA7mmw_jGi81DKTopUH3nESUU2lXjddR648PL9GtmTqye2MPoUQ8fBfdGTNJgX6lgKcZoCMpDVZ1bfRVZQ
date: Sat, 23 Sep 2023 22:05:35 GMT
cache-control: no-store
expires: Sun, 22 Sep 2024 22:05:35 GMT
last-modified: Wed, 20 Sep 2023 06:54:01 GMT
etag: "75b926148ff8504d833db6a246d89a75"
x-goog-generation: 1695192841517871
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 19833
content-type: text/javascript
x-goog-hash: crc32c=s5Izcw==, md5=dbkmFI/4UE2DPbaiRtiadQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 19833
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (45258), with no line terminators
Hash 5758d3b139bb81813a6232bbe21aeb9d
38c60cad0b17319248f863554edc11dae82a8424
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 12981
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ranges: bytes
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA40E4F26E0A4D6982B04320F3490A89 Ref B: OSL30EDGE0312 Ref C: 2023-09-23T22:05:35Z
date: Sat, 23 Sep 2023 22:05:35 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Hf7e2eokd6Q
471 B URL ocsp.pki.goog/s/gts1d4/Hf7e2eokd6Q
IP
Hash d31e5f57d1e8f16afc0dfa3d7a2e924e
6692fcf5c2adae9a5e814b8bfc60c2ed4c825c12
04b4c19a0cc6539b9803de40d6424f7efed7ea768366957ab44ac89ebe9df51a
POST /s/gts1d4/Hf7e2eokd6Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:05:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eu1-search.doofinder.com/5/options/84ad22aa1e77762a4434d2d4c8a1e3d1?www.euroflorist.no
200 OK 232 B URL GET HTTP/2 eu1-search.doofinder.com/5/options/84ad22aa1e77762a4434d2d4c8a1e3d1?www.euroflorist.no
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerAmazon
Subjectdoofinder.com
Fingerprint86:35:D0:CB:2B:82:BD:15:A3:8A:F7:E3:B5:9C:9A:5D:7C:7D:CC:BD
ValidityTue, 23 May 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (304), with no line terminators
Hash d3946d21f3c55d416bc93342b6c5a3d2
aab22aeb6d3fbbbe1f05c65bbbacceaa66ba810e
e974774d27d4a36d89bfa210fb89ce51029b8dbab9bbcc74522cdb89c95bcca9
GET /5/options/84ad22aa1e77762a4434d2d4c8a1e3d1?www.euroflorist.no HTTP/1.1
Host: eu1-search.doofinder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:35 GMT
content-type: application/json; charset=utf-8
content-length: 232
access-control-allow-origin: https://www.euroflorist.no
cache-control: public, max-age=3600
content-encoding: gzip
server: Cowboy
vary: accept-encoding
x-request-id: F4emZJlrNwzUWewCxsmy
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36
3.3 kB URL widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36
IP
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12963)
Hash 7ff20b14c2f38f1c9eb93ce851770771
632fc705bbbb37fa7fdb71910c70583c9ee46bd7
6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60
GET /trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 3267
last-modified: Mon, 08 May 2023 11:42:00 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 21:56:43 GMT
cache-control: max-age=86400
etag: "2922a85ce6caf46f828c097bf7aa1036"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1fiXtGbvm-LvyLlGKRwxYCQo6Vq6FE8NkYxB6-qcUiAQ7HLjtfhtAg==
age: 533
X-Firefox-Spdy: h2
www.euroflorist.no/Domains/No/Images/favicon_md22.ico
200 OK 3.8 kB URL GET HTTP/2 www.euroflorist.no/Domains/No/Images/favicon_md22.ico
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
File type MS Windows icon resource - 1 icon, 30x30, 32 bits/pixel\012- data
Hash 30e1ada6f88a460d45af4c0119dd9e42
3ef2f2cc833d12d90d2cb69111459d481b8209b1
7d2719506aa1d93601154f15e7db5cd7e79dfa12bb821faaf4c6b7344c7170ac
GET /Domains/No/Images/favicon_md22.ico HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False; ApplePaySession=false; _gcl_au=1.1.170544925.1695506735; TRADEDOUBLER=e781c089bbcbb4fe70a94f0d8606b188
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/x-icon
last-modified: Fri, 10 Jun 2022 10:08:42 GMT
accept-ranges: bytes
etag: "031e3fb27cd81:0"
server: Microsoft-IIS/10.0
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:35 GMT
content-length: 3782
X-Firefox-Spdy: h2
bjs.bubbi.ai/euroflorist/v1/chunks-1.0.33/575.js
200 OK 12 kB URL GET HTTP/3 bjs.bubbi.ai/euroflorist/v1/chunks-1.0.33/575.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectbjs.bubbi.ai
FingerprintB3:1B:94:98:EE:FC:9C:D7:6B:2C:A6:AB:9C:17:DE:C8:19:6C:2B:F6
ValiditySun, 27 Aug 2023 06:20:01 GMT - Sat, 25 Nov 2023 07:11:53 GMT
File type ASCII text, with very long lines (11766), with no line terminators
Hash ec97f035551f4aefaebf8c9802cdf664
45994c98f5d440da39e53ffffbb962dd637966e7
4eb0be636e2df0c2e97aaf4182669aa2f812aae5d99894044231dd255cf2f9c7
GET /euroflorist/v1/chunks-1.0.33/575.js HTTP/1.1
Host: bjs.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-guploader-uploadid: ADPycdt-uoh0SYRsjqfb8D7_GxaE60I8qHfWxRAS2wMHIfHBx6rSYAjdGblWjXqDr6HcG30CynlwIIinIAui0wKe4Ayi8TPxjGMx
date: Sat, 23 Sep 2023 22:05:35 GMT
cache-control: no-store
expires: Sun, 22 Sep 2024 22:05:35 GMT
last-modified: Wed, 20 Sep 2023 06:50:08 GMT
etag: "ec97f035551f4aefaebf8c9802cdf664"
x-goog-generation: 1695192607896798
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11766
content-type: text/javascript
x-goog-hash: crc32c=KP10+g==, md5=7JfwNVUfSu+uv4yYAs32ZA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 11766
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bjs.bubbi.ai/euroflorist/v1/chunks-1.0.33/snowplow-2.18.0.js
200 OK 77 kB URL GET HTTP/3 bjs.bubbi.ai/euroflorist/v1/chunks-1.0.33/snowplow-2.18.0.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectbjs.bubbi.ai
FingerprintB3:1B:94:98:EE:FC:9C:D7:6B:2C:A6:AB:9C:17:DE:C8:19:6C:2B:F6
ValiditySun, 27 Aug 2023 06:20:01 GMT - Sat, 25 Nov 2023 07:11:53 GMT
File type ASCII text, with very long lines (65463)
Hash 208715484977b95296392abcdc653897
b4a960f7bc5d46f0a06fe47aba23acd50c93c5d1
98d7df94c09f1e3746c3094981d33f955cc59abb8157dca1ab747a6fa9fe0763
GET /euroflorist/v1/chunks-1.0.33/snowplow-2.18.0.js HTTP/1.1
Host: bjs.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-guploader-uploadid: ADPycdu7clMUchdRoFj3DbUfW3cDrCZaIfNE9NqME_L-N1npl-vMTJl8BZ9oeDugINwOEzTwjFKCf3rIIsbMVkmtBOapizQo7_Oj
date: Sat, 23 Sep 2023 22:05:35 GMT
cache-control: no-store
expires: Sun, 22 Sep 2024 22:05:35 GMT
last-modified: Wed, 20 Sep 2023 06:50:08 GMT
etag: "208715484977b95296392abcdc653897"
x-goog-generation: 1695192608778733
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 76770
content-type: text/javascript
x-goog-hash: crc32c=NDgDRg==, md5=IIcVSEl3uVKWOSq83GU4lw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 76770
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bjs.bubbi.ai/euroflorist/v1/chunks-1.0.33/193.js
200 OK 7.1 kB URL GET HTTP/3 bjs.bubbi.ai/euroflorist/v1/chunks-1.0.33/193.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectbjs.bubbi.ai
FingerprintB3:1B:94:98:EE:FC:9C:D7:6B:2C:A6:AB:9C:17:DE:C8:19:6C:2B:F6
ValiditySun, 27 Aug 2023 06:20:01 GMT - Sat, 25 Nov 2023 07:11:53 GMT
File type ASCII text, with very long lines (7079), with no line terminators
Hash 0e1cc9cfc0ee489d4e663d71c980d8f5
457e99871dedd47442d28c054505a65903176afd
07e3f33fd45234b9944b1d17c73c23bc8546be5ac3121f50fb52c74e3bd23da9
GET /euroflorist/v1/chunks-1.0.33/193.js HTTP/1.1
Host: bjs.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-guploader-uploadid: ADPycdtQxfwzHv0-2arYRa4_GrmtANz510Bu9agzAH3JAMzSER75HlNIoKcxx1KIWClQC-WwzGYBdg2GOaH_56bgcqWVLd3eitL-
date: Sat, 23 Sep 2023 22:05:35 GMT
cache-control: no-store
expires: Sun, 22 Sep 2024 22:05:35 GMT
last-modified: Wed, 20 Sep 2023 06:50:08 GMT
etag: "0e1cc9cfc0ee489d4e663d71c980d8f5"
x-goog-generation: 1695192608368590
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7079
content-type: text/javascript
x-goog-hash: crc32c=fX0lTA==, md5=DhzJz8DuSJ1OZj1xyYDY9Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 7079
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.godaddy.com/
2.1 kB IP
Hash 2df1bac931d5ab08adec3f76a19834f6
7e633a2d5631b120d96b6f22aa1d1e238557cb72
1df86bea85bb9787ef94ffaa2fae4b69e4de4e8f17134cfee0aa8bff097eaf25
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 23 Sep 2023 22:05:36 GMT
Content-Type: application/ocsp-response
Content-Length: 2107
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 23 Sep 2023 00:23:41 GMT
Expires: Sun, 24 Sep 2023 00:23:41 GMT
ETag: "7e633a2d5631b120d96b6f22aa1d1e238557cb72"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
200 OK 31 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
IP
Requested by https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36#locale=nb-NO&reviewLanguages=nb&stars=4%2C5&styleHeight=140px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64030), with no line terminators
Hash 3fa26c6b17fba93f8bcd7d06942c855f
d18b16a63a255435a06dbbe983dc2c6d4ad21a43
476eb4812628241e4cae4bfe99da2275f10e2569a56f0f290fa06f81b7b67f6c
GET /trustboxes/53aa8912dec7e10d38f59f36/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 31409
last-modified: Mon, 08 May 2023 11:42:17 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 06:22:00 GMT
cache-control: max-age=86400
etag: "60fe166092712d93cc87039640675ef6"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SUk26ZYSc9yFVjhJh4JFpMfDgSBxEpODdHwHm3gLHZOHV7J_k1lRIw==
age: 56617
X-Firefox-Spdy: h2
cdn.euroflorist.com/Products/600x600/BOU20_112M.webp
200 OK 63 kB URL GET HTTP/2 cdn.euroflorist.com/Products/600x600/BOU20_112M.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 62243b5ef4a8d54f71909073d93cc40a
b21c39058a69c5f262d120a9b8d92d4923cf36d3
2a4ba03e0ae6e5dca75a019584b203e96a3726a1c5029e45b6667e6edf9f2db2
GET /Products/600x600/BOU20_112M.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 62872
content-type: image/webp
last-modified: Thu, 23 Jul 2020 09:07:35 GMT
accept-ranges: bytes
etag: "6a2ef9b4d060d61:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0rFMPZQAAAABo7vZR8c6eR5O5bcFeMgkzQU1TMDRFREdFMTgxNABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0MGEPZQAAAADRdb4nexNWSb0Bdd8Y1+EBU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:35 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/Products/600x600/BOU19_95M.webp
200 OK 63 kB URL GET HTTP/2 cdn.euroflorist.com/Products/600x600/BOU19_95M.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 39173b0e22bd02832c52db9eb2e76bdd
f42db6c305d207e8cd3df9d09ff1790b925624bb
d3393df6799e291a1e4db91e8a40edc0f53048e80324303f33ff71649b3d8340
GET /Products/600x600/BOU19_95M.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 62652
content-type: image/webp
last-modified: Tue, 27 Aug 2019 08:55:07 GMT
accept-ranges: bytes
etag: "7dd66120b55cd51:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0rFMPZQAAAABke1aHKexIQZCJ5eKSkY+zQU1TMDRFREdFMTgxNgBlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0MGEPZQAAAAAFiH+7i6KLTYv/WJ9ASH4YU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:35 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/Products/600x600/BOU20_36M.webp
200 OK 66 kB URL GET HTTP/2 cdn.euroflorist.com/Products/600x600/BOU20_36M.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7a907fc26359fc20c82f0957c7dfd878
c57fe94611aaee415247438f21783bc6d9242c27
886d29e6308d796c982b42bfa8a533737a5e0a1cb48bcc288360728036e08836
GET /Products/600x600/BOU20_36M.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 66254
content-type: image/webp
last-modified: Tue, 01 Oct 2019 12:13:16 GMT
accept-ranges: bytes
etag: "0d6ac9a5178d51:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0rFMPZQAAAABGYazBLtdcR7uTTg0BkAZkQU1TMDRFREdFMTgxNABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0MGEPZQAAAABNbx0ZmYnXSrVqiOxDmbCrU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:35 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/Products/600x600/BOU23_56EFM.webp
200 OK 75 kB URL GET HTTP/2 cdn.euroflorist.com/Products/600x600/BOU23_56EFM.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9dc445792e4cbf8a7a45c348883f1b82
d30ca842b4f64a77a1c0fded8724c86899ca2cbf
ed1f84d382d867e210a4e133d4ca705511d1bc178743a4890796e00ed6a7444b
GET /Products/600x600/BOU23_56EFM.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 74802
content-type: image/webp
last-modified: Tue, 02 May 2023 11:31:10 GMT
accept-ranges: bytes
etag: "2df33298e97cd91:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 0rFMPZQAAAABOuTBoGPsNSrdRG9JM2/RZQU1TMDRFREdFMTgxMgBlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0MGEPZQAAAADFd42/g/PRQ7FH3FF2Kx7QU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:35 GMT
X-Firefox-Spdy: h2
ssgtm.euroflorist.no/g/collect?v=2&tid=G-JCYN5YS23G>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695506734112&_s=1&cu=NOK&sid=1695506736&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=view_promotion&_fv=1&_ss=1&ep.coupon=&epn.custom_timestamp=1695506735275&ep.creative_name=desktopautumn2023-n0.jpg&ep.creative_slot=homepagebanner&ep.address=&ep.user_data._tag_mode=MANUAL&up.email=&tfd=3376&richsstsse
200 OK 65 B URL GET HTTP/1.1 ssgtm.euroflorist.no/g/collect?v=2&tid=G-JCYN5YS23G>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695506734112&_s=1&cu=NOK&sid=1695506736&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=view_promotion&_fv=1&_ss=1&ep.coupon=&epn.custom_timestamp=1695506735275&ep.creative_name=desktopautumn2023-n0.jpg&ep.creative_slot=homepagebanner&ep.address=&ep.user_data._tag_mode=MANUAL&up.email=&tfd=3376&richsstsse
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjectssgtm.euroflorist.no
Fingerprint46:0D:73:DE:9F:D6:F4:7A:F9:B7:96:69:5C:B2:47:37:DB:D5:7F:BA
ValidityFri, 25 Nov 2022 14:06:30 GMT - Wed, 27 Dec 2023 14:06:30 GMT
Hash 83a02fe42f8c2198e7c608aff363aa49
7b20ae1014450492cc708e3c9dc7522b05c2effd
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
GET /g/collect?v=2&tid=G-JCYN5YS23G>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695506734112&_s=1&cu=NOK&sid=1695506736&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=view_promotion&_fv=1&_ss=1&ep.coupon=&epn.custom_timestamp=1695506735275&ep.creative_name=desktopautumn2023-n0.jpg&ep.creative_slot=homepagebanner&ep.address=&ep.user_data._tag_mode=MANUAL&up.email=&tfd=3376&richsstsse HTTP/1.1
Host: ssgtm.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.170544925.1695506735; _ga_X3PETQRWQE=GS1.1.1695506735.1.0.1695506735.60.0.0; _ga=GA1.1.1377842983.1695506736; _ga_JCYN5YS23G=GS1.1.1695506736.1.1.1695506736.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain
Date: Sat, 23 Sep 2023 22:05:36 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.euroflorist.no
Cache-Control: no-cache
Set-Cookie: FPLC=eMRqboNVQXbLYbcv6jVB5EmQPbq9zj52U7NgKgVheINUGk%2Bc0zVNAU2DA3DkwuZ6UICWVoEXh%2BHrdswhXXhw7v8cLoPtyagHw1bCvebrPZBmcdmFuVKC2bFcw5dmgw%3D%3D; Max-Age=72000; Domain=euroflorist.no; Path=/; Secure
FPID=FPID2.2.92vvsXbWNFfmKxKTaAnVdWKh7s%2BHqUSbbkDgEtVD4Hc%3D.1695506736; Max-Age=63072000; Domain=euroflorist.no; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
x-accel-buffering: no
ocsp.pki.goog/s/gts1d4/Fl3tWAjy28s
472 B URL ocsp.pki.goog/s/gts1d4/Fl3tWAjy28s
IP
Hash c10d7c692e537f6d01baf64c511e4185
43ec48f3467614825a391eb26d83f31b025c6b0e
fdf0da4b48cf484bc0caacb732b5a8d772764ec47659bdddc35d367e9eb36efc
POST /s/gts1d4/Fl3tWAjy28s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:05:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/Fl3tWAjy28s
472 B URL ocsp.pki.goog/s/gts1d4/Fl3tWAjy28s
IP
Hash c10d7c692e537f6d01baf64c511e4185
43ec48f3467614825a391eb26d83f31b025c6b0e
fdf0da4b48cf484bc0caacb732b5a8d772764ec47659bdddc35d367e9eb36efc
POST /s/gts1d4/Fl3tWAjy28s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:05:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL POST HTTP/3 ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectef-stream.bubbi.ai
FingerprintF7:E3:B3:D5:F1:56:96:54:EB:AB:BF:4E:64:90:5D:6B:BB:6D:FA:66
ValiditySun, 13 Aug 2023 21:01:50 GMT - Sat, 11 Nov 2023 21:55:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ef-stream.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.euroflorist.no/
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.euroflorist.no
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 10
server: akka-http/10.1.12
date: Sat, 23 Sep 2023 22:05:36 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL POST HTTP/3 ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectef-stream.bubbi.ai
FingerprintF7:E3:B3:D5:F1:56:96:54:EB:AB:BF:4E:64:90:5D:6B:BB:6D:FA:66
ValiditySun, 13 Aug 2023 21:01:50 GMT - Sat, 11 Nov 2023 21:55:44 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ef-stream.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 838
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
set-cookie: _sp_cookie=7f137525-4407-47cf-92c4-68e394dd30a2; Expires=Sun, 22 Sep 2024 22:05:36 GMT; Path=/
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.euroflorist.no
access-control-allow-credentials: true
server: akka-http/10.1.12
date: Sat, 23 Sep 2023 22:05:36 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssgtm.euroflorist.no/g/collect?v=2&tid=G-JCYN5YS23G>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695506734112&_s=2&sid=1695506736&sct=1&seg=1&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=page_view&epn.custom_timestamp=1695506735700&ep.user_data._tag_mode=MANUAL&tfd=3890&richsstsse
65 B URL ssgtm.euroflorist.no/g/collect?v=2&tid=G-JCYN5YS23G>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695506734112&_s=2&sid=1695506736&sct=1&seg=1&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=page_view&epn.custom_timestamp=1695506735700&ep.user_data._tag_mode=MANUAL&tfd=3890&richsstsse
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerGoDaddy.com, Inc.
Subjectssgtm.euroflorist.no
Fingerprint46:0D:73:DE:9F:D6:F4:7A:F9:B7:96:69:5C:B2:47:37:DB:D5:7F:BA
ValidityFri, 25 Nov 2022 14:06:30 GMT - Wed, 27 Dec 2023 14:06:30 GMT
Hash 83a02fe42f8c2198e7c608aff363aa49
7b20ae1014450492cc708e3c9dc7522b05c2effd
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
GET /g/collect?v=2&tid=G-JCYN5YS23G>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_fplc=0&ur=NO-03&sst.uc=NO&sst.gse=1&sst.etld=google.no&sst.gcsub=region1&sst.tft=1695506734112&_s=2&sid=1695506736&sct=1&seg=1&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=page_view&epn.custom_timestamp=1695506735700&ep.user_data._tag_mode=MANUAL&tfd=3890&richsstsse HTTP/1.1
Host: ssgtm.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.170544925.1695506735; _ga_X3PETQRWQE=GS1.1.1695506735.1.0.1695506735.60.0.0; _ga=GA1.1.1377842983.1695506736; _ga_JCYN5YS23G=GS1.1.1695506736.1.1.1695506736.0.0.0; _uetsid=52c518d05a5d11ee92ff7fe69706ad01; _uetvid=52c54e005a5d11ee88f23f2924268c31; FPLC=eMRqboNVQXbLYbcv6jVB5EmQPbq9zj52U7NgKgVheINUGk%2Bc0zVNAU2DA3DkwuZ6UICWVoEXh%2BHrdswhXXhw7v8cLoPtyagHw1bCvebrPZBmcdmFuVKC2bFcw5dmgw%3D%3D; FPID=FPID2.2.92vvsXbWNFfmKxKTaAnVdWKh7s%2BHqUSbbkDgEtVD4Hc%3D.1695506736
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/plain
Date: Sat, 23 Sep 2023 22:05:36 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.euroflorist.no
Cache-Control: no-cache
Set-Cookie: FPLC=WxY5Mvh8ZuDkbveNKJn2wHHoU8y1lzoUL8pLSg8irUoORe5RG68bKtMQooOjJDm2sL0iBfjbQJFpcAg%2F7A%2BUMUU4cO0YBLtSeYy92NRX9%2BpTs6IMuW0eo%2BwCRWe%2FuQ%3D%3D; Max-Age=72000; Domain=euroflorist.no; Path=/; Secure
FPID=FPID2.2.92vvsXbWNFfmKxKTaAnVdWKh7s%2BHqUSbbkDgEtVD4Hc%3D.1695506736; Max-Age=63072000; Domain=euroflorist.no; Path=/; Secure; HttpOnly
FPAU=1.1.170544925.1695506735; Max-Age=7775999; Domain=euroflorist.no; Path=/; Secure
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
x-accel-buffering: no
ocsp.pki.goog/s/gts1d4/Fl3tWAjy28s
472 B URL ocsp.pki.goog/s/gts1d4/Fl3tWAjy28s
IP
Hash c10d7c692e537f6d01baf64c511e4185
43ec48f3467614825a391eb26d83f31b025c6b0e
fdf0da4b48cf484bc0caacb732b5a8d772764ec47659bdddc35d367e9eb36efc
POST /s/gts1d4/Fl3tWAjy28s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:05:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=187012377&tm=gtm002&Ver=2&mid=8e2d7684-4966-423a-9392-03cac6f88f83&sid=52c518d05a5d11ee92ff7fe69706ad01&vid=52c54e005a5d11ee88f23f2924268c31&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&p=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&r=https%3A%2F%2Fclk.tradedoubler.com%2F<=2763&evt=pageLoad&sv=1&rn=146177
204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=187012377&tm=gtm002&Ver=2&mid=8e2d7684-4966-423a-9392-03cac6f88f83&sid=52c518d05a5d11ee92ff7fe69706ad01&vid=52c54e005a5d11ee88f23f2924268c31&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&p=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&r=https%3A%2F%2Fclk.tradedoubler.com%2F<=2763&evt=pageLoad&sv=1&rn=146177
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintCD:30:E8:F8:D2:A7:C2:85:A1:F7:A2:2E:B6:B3:FD:F9:08:FA:31:D1
ValidityWed, 26 Jul 2023 23:57:23 GMT - Mon, 22 Jan 2024 23:57:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=187012377&tm=gtm002&Ver=2&mid=8e2d7684-4966-423a-9392-03cac6f88f83&sid=52c518d05a5d11ee92ff7fe69706ad01&vid=52c54e005a5d11ee88f23f2924268c31&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&p=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&r=https%3A%2F%2Fclk.tradedoubler.com%2F<=2763&evt=pageLoad&sv=1&rn=146177 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=14BEBF17A0F461602180AC82A1A36011; domain=.bing.com; expires=Thu, 17-Oct-2024 22:05:36 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89689116C3054E0FA3AC113DD16FB9D7 Ref B: OSL30EDGE0312 Ref C: 2023-09-23T22:05:36Z
date: Sat, 23 Sep 2023 22:05:36 GMT
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=nb-NO&reviewLanguages=nb&stars=4%2C5&styleHeight=140px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&referrer=https%3A%2F%2Fclk.tradedoubler.com%2F&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4ecf4fda000064000511a347&widgetId=53aa8912dec7e10d38f59f36
204 No Content 0 B URL GET HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=nb-NO&reviewLanguages=nb&stars=4%2C5&styleHeight=140px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&referrer=https%3A%2F%2Fclk.tradedoubler.com%2F&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4ecf4fda000064000511a347&widgetId=53aa8912dec7e10d38f59f36
IP
Requested by https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36#locale=nb-NO&reviewLanguages=nb&stars=4%2C5&styleHeight=140px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=nb-NO&reviewLanguages=nb&stars=4%2C5&styleHeight=140px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&referrer=https%3A%2F%2Fclk.tradedoubler.com%2F&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=4ecf4fda000064000511a347&widgetId=53aa8912dec7e10d38f59f36 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Sat, 23 Sep 2023 22:05:35 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rE1gsU8O5rjz7bgh2Zaqlwqj7U-x6QlRDk3RWumwhxyFsRlISb__ZA==
X-Firefox-Spdy: h2
bat.bing.com/p/action/187012377.js
1.9 kB URL bat.bing.com/p/action/187012377.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 8ae3a71110e51bb98e8877bdd4e20291
672f3016978bebefd7e1bda62aa175a1450ea266
05916337902b4b609fa99d2808e97a969b21c5a1f8aee52bf47c14e40d5576a3
GET /p/action/187012377.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-type: application/javascript; charset=utf-8
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC6C54886414451D860DF3B0978BE760 Ref B: OSL30EDGE0312 Ref C: 2023-09-23T22:05:36Z
date: Sat, 23 Sep 2023 22:05:36 GMT
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-X3PETQRWQE>m=45je39k2&_p=189195194&_gaz=1&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_s=1&sid=1695506735&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=page_view&_fv=1&_nsi=1&_ss=1&epn.custom_timestamp=1695506735197
204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-X3PETQRWQE>m=45je39k2&_p=189195194&_gaz=1&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_s=1&sid=1695506735&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=page_view&_fv=1&_nsi=1&_ss=1&epn.custom_timestamp=1695506735197
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-X3PETQRWQE>m=45je39k2&_p=189195194&_gaz=1&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&_s=1&sid=1695506735&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&en=page_view&_fv=1&_nsi=1&_ss=1&epn.custom_timestamp=1695506735197 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.euroflorist.no
date: Sat, 23 Sep 2023 22:05:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X3PETQRWQE&cid=1377842983.1695506736>m=45je39k2&aip=1&z=612873286
200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X3PETQRWQE&cid=1377842983.1695506736>m=45je39k2&aip=1&z=612873286
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintF8:21:85:85:E7:A3:F0:03:9E:50:77:60:8D:CB:66:7C:41:ED:3D:28
ValidityMon, 04 Sep 2023 08:25:22 GMT - Mon, 27 Nov 2023 08:25:21 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X3PETQRWQE&cid=1377842983.1695506736>m=45je39k2&aip=1&z=612873286 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 22:05:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash d82f304bb3184a26ae49e14ad4d87091
2caa05bdfd03064e8f336795d17b8f0070b24fe4
b51043325f565bc1b55e5c5baf171a375b07ce61dccb39b7ba273da508d0f328
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 22:05:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL POST HTTP/3 ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectef-stream.bubbi.ai
FingerprintF7:E3:B3:D5:F1:56:96:54:EB:AB:BF:4E:64:90:5D:6B:BB:6D:FA:66
ValiditySun, 13 Aug 2023 21:01:50 GMT - Sat, 11 Nov 2023 21:55:44 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ef-stream.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2406
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 200 OK
set-cookie: _sp_cookie=7c5a8fd1-7942-4c39-9c94-8fd803521236; Expires=Sun, 22 Sep 2024 22:05:36 GMT; Path=/
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.euroflorist.no
access-control-allow-credentials: true
server: akka-http/10.1.12
date: Sat, 23 Sep 2023 22:05:36 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.euroflorist.com/Products/600x600/BOU19_95M_1.webp
200 OK 54 kB URL GET HTTP/2 cdn.euroflorist.com/Products/600x600/BOU19_95M_1.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf1233d2ecf8599b7e11e92484ac6efc
57ed0ca1cbbfcf5bfdeb09ea81daa7e08e358bd2
1914a3f580c841be662df9bcdf479b9c57f2f3f1752613e5f5812bef61f3a670
GET /Products/600x600/BOU19_95M_1.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 53678
content-type: image/webp
last-modified: Mon, 03 Oct 2022 11:28:47 GMT
accept-ranges: bytes
etag: "bd579d4d1bd7d81:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 01FMPZQAAAADADHcD3bs0TZF2dlgeO2+oQU1TMDRFREdFMTgxNgBlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0MGEPZQAAAABzUEiIEN8xTqSlqyEgCmIcU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:36 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/Products/600x600/BOU20_112M_1.webp
200 OK 108 kB URL GET HTTP/2 cdn.euroflorist.com/Products/600x600/BOU20_112M_1.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 108 kB (108450 bytes)
Hash 72d1d5425e91eda23070b3e7f5b074a0
ed69a3b5795e9b8d625a3dd73b574b2ace50ffe4
8758170239ea0f605e7057df8fb6c38e707564541b9e4dbc76460c625c23772d
GET /Products/600x600/BOU20_112M_1.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 108450
content-type: image/webp
last-modified: Mon, 21 Aug 2023 11:46:52 GMT
accept-ranges: bytes
etag: "13d15a2d25d4d91:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 01FMPZQAAAADzleJlW6JDRJfhv4/8shfHQU1TMDRFREdFMTgwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0MGEPZQAAAABLxY7wNqktRraEWYs+C32lU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:36 GMT
X-Firefox-Spdy: h2
cdn.euroflorist.com/Products/600x600/BOU23_56EFM_1.webp
200 OK 74 kB URL GET HTTP/2 cdn.euroflorist.com/Products/600x600/BOU23_56EFM_1.webp
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerDigiCert Inc
Subjectcdn.euroflorist.com
FingerprintB0:81:18:CB:17:C0:6C:90:C0:EC:1C:5B:3F:1C:37:2B:8D:76:B0:88
ValiditySat, 02 Sep 2023 00:00:00 GMT - Mon, 02 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6ab6ff746bd8fee339de797542f5548c
326657bb747d19910536116fd8f7b47ee9205243
b575449ef597906b8f5b5808e224ce1dd8d6f95a89ddf119e53f6b146135bdbd
GET /Products/600x600/BOU23_56EFM_1.webp HTTP/1.1
Host: cdn.euroflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000
content-length: 74282
content-type: image/webp
last-modified: Tue, 02 May 2023 13:56:45 GMT
accept-ranges: bytes
etag: "446077eefd7cd91:0"
x-cache: TCP_HIT
x-powered-by: ASP.NET
strict-transport-security: max-age=16070400; includeSubDomains
x-azure-ref-originshield: 01FMPZQAAAACBBkhiC1FoQaHOgKRRnKq5QU1TMDRFREdFMTkxOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
x-azure-ref: 0MGEPZQAAAAB92JFD+DSVTKYRgtBFrb9kU1ZHMjBFREdFMDUwOABlZjA1ODhjMi04NjdlLTQxZDktODJlMS0yMTcyZTA5MzU3OTg=
date: Sat, 23 Sep 2023 22:05:36 GMT
X-Firefox-Spdy: h2
ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL POST HTTP/3 ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectef-stream.bubbi.ai
FingerprintF7:E3:B3:D5:F1:56:96:54:EB:AB:BF:4E:64:90:5D:6B:BB:6D:FA:66
ValiditySun, 13 Aug 2023 21:01:50 GMT - Sat, 11 Nov 2023 21:55:44 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ef-stream.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 873
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 200 OK
set-cookie: _sp_cookie=6967bb59-854e-4e38-abcf-01b8a52f6b90; Expires=Sun, 22 Sep 2024 22:05:37 GMT; Path=/
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.euroflorist.no
access-control-allow-credentials: true
server: akka-http/10.1.12
date: Sat, 23 Sep 2023 22:05:37 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.r2m01.amazontrust.com/
471 B URL ocsp.r2m01.amazontrust.com/
IP
Hash a568705e9202f18167717f1035ec2971
7eb4329cf5c90a3ef71f23a60ee42fecb3558e02
f5030ae41b678e9bc9d41e486a73c86f5d19ce9d19837ba3ca9379f4cc160648
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 23 Sep 2023 22:05:37 GMT
Last-Modified: Sat, 23 Sep 2023 21:43:55 GMT
Server: ECAcc (ska/F7B4)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rM4QR5Icz_3lhTL9kuxP65rXCMi2XTE_NqPyijUvYsLkIFfMvUaOqg==
Age: 1302
widget-mediator.zopim.com/s/W/ws/0ILz5y3sidkmgslh/c/1695506737503
0 B URL widget-mediator.zopim.com/s/W/ws/0ILz5y3sidkmgslh/c/1695506737503
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/0ILz5y3sidkmgslh/c/1695506737503 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.euroflorist.no
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DPop+rOnrjm6sTob0CZpHw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 23 Sep 2023 22:05:37 GMT
Connection: upgrade
Set-Cookie: AWSALB=FAML6qM39baGvFicvams14HZgcfpoQtjcbtxZe/l0pie0lzGkB7qSdlj3dyHCqL4j1k7tH/r3sOODtg19pMTyZ9y2jXEqGP4Fc0vDd5vsnEI+Rwirf8jzybPcSJv; Expires=Sat, 30 Sep 2023 22:05:37 GMT; Path=/
AWSALBCORS=FAML6qM39baGvFicvams14HZgcfpoQtjcbtxZe/l0pie0lzGkB7qSdlj3dyHCqL4j1k7tH/r3sOODtg19pMTyZ9y2jXEqGP4Fc0vDd5vsnEI+Rwirf8jzybPcSJv; Expires=Sat, 30 Sep 2023 22:05:37 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: 9nLYvgo1LWmUsGbYoXOJGCHR6wg=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js
200 OK 77 kB URL GET HTTP/2 static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (25842), with no line terminators
Hash fd692493810d22ae0ff5aca283a7a202
ec9cb2fdf31a2c18c1fbd6ace761cd1ccb1e214a
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
GET /web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:37 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: xPN4p0SCUPGXKregEUQnpKEDpsTJuP5jc1Fzfm7M0eI6Ek6sEigILcZVdbgX8yXKqKG690OWL10=
x-amz-request-id: DMG634E6JEX0QWAZ
x-amz-replication-status: COMPLETED
last-modified: Thu, 24 Aug 2023 03:39:38 GMT
etag: W/"fd692493810d22ae0ff5aca283a7a202"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Fri, 23 Aug 2024 03:39:37 GMT
x-amz-version-id: hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
cf-cache-status: HIT
age: 317778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AW25GpMQ3RrNM%2FeqlzFwO9xO%2FdSyu0HUaXiz4hPc4J2X6voSj27sc5Nxp8Ic2IzKuBRmDn3R%2BUmzIjlEnQITRu4cCuNnckimtQ2R7ETqAxcvOPUD87%2BcsTEzibCd7ajwVwdH1yg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 80b617124dd05699-OSL
content-encoding: br
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-X3PETQRWQE>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&sid=1695506735&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&_s=2
0 B URL region1.analytics.google.com/g/collect?v=2&tid=G-X3PETQRWQE>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&sid=1695506735&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&_s=2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-X3PETQRWQE>m=45je39k2&_p=189195194&cid=1377842983.1695506736&ul=en-us&sr=1280x1024&sid=1695506735&sct=1&seg=0&dl=https%3A%2F%2Fwww.euroflorist.no%2F%3Futm_source%3Dtradedoubler%26utm_medium%3Daffiliate%26affiliate_id%3D3299469%26utm_campaign%3Dfinnblomster.no%26tduid%3De781c089bbcbb4fe70a94f0d8606b188&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Send%20blomster%20med%20Euroflorist%20%7C%20Levering%20i%20dag%20%7C%20Euroflorist.no&_s=2 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1689
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://www.euroflorist.no
date: Sat, 23 Sep 2023 22:05:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL POST HTTP/3 ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectef-stream.bubbi.ai
FingerprintF7:E3:B3:D5:F1:56:96:54:EB:AB:BF:4E:64:90:5D:6B:BB:6D:FA:66
ValiditySun, 13 Aug 2023 21:01:50 GMT - Sat, 11 Nov 2023 21:55:44 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ef-stream.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 843
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 200 OK
set-cookie: _sp_cookie=9f886e1f-df80-4acb-ae3e-0c7e1b13a7a3; Expires=Sun, 22 Sep 2024 22:05:45 GMT; Path=/
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.euroflorist.no
access-control-allow-credentials: true
server: akka-http/10.1.12
date: Sat, 23 Sep 2023 22:05:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL POST HTTP/3 ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectef-stream.bubbi.ai
FingerprintF7:E3:B3:D5:F1:56:96:54:EB:AB:BF:4E:64:90:5D:6B:BB:6D:FA:66
ValiditySun, 13 Aug 2023 21:01:50 GMT - Sat, 11 Nov 2023 21:55:44 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ef-stream.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 845
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 200 OK
set-cookie: _sp_cookie=b9504096-e6e1-4f52-a6b2-a6053f51ead0; Expires=Sun, 22 Sep 2024 22:05:45 GMT; Path=/
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.euroflorist.no
access-control-allow-credentials: true
server: akka-http/10.1.12
date: Sat, 23 Sep 2023 22:05:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL POST HTTP/3 ef-stream.bubbi.ai/com.snowplowanalytics.snowplow/tp2
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subjectef-stream.bubbi.ai
FingerprintF7:E3:B3:D5:F1:56:96:54:EB:AB:BF:4E:64:90:5D:6B:BB:6D:FA:66
ValiditySun, 13 Aug 2023 21:01:50 GMT - Sat, 11 Nov 2023 21:55:44 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ef-stream.bubbi.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 843
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 200 OK
set-cookie: _sp_cookie=b60405c1-800b-4f9d-81d2-2e2b3d4bc6ce; Expires=Sun, 22 Sep 2024 22:05:45 GMT; Path=/
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.euroflorist.no
access-control-allow-credentials: true
server: akka-http/10.1.12
date: Sat, 23 Sep 2023 22:05:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4b22769.js
200 OK 236 B URL GET HTTP/2 static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4b22769.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 22a5acf27bb842f36bad907e5eab9d27
834424a0805a056b46506d5e2dd1013cc46c6ec5
4115d64c5d796d81a67b09af1ee3e5427a1e4f67419850a8292fe0f77072502b
GET /web_widget/classic/latest/web-widget-chat-incoming-message-notification-4b22769.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:37 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: r3F1X23AuTDCm4YrAcPRgkuWiphrmAyKvbnbheAZW7jy9wduw5HIEtpuONSSisFBsTrtucU+jbE=
x-amz-request-id: DMG3W7CGN4RYSCZ6
x-amz-replication-status: COMPLETED
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Fri, 23 Aug 2024 03:39:35 GMT
x-amz-version-id: 46qKELeTBWCwzvVGXozLgYao3Jv6zCoR
cf-cache-status: HIT
age: 317779
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uls2Jo%2FK5284WoJOuuS662lBXL21LY3C81Mx9UGnHNLHsl7Wddf38TlYQI37JX89n4ycCmAWShVh3Wf%2Be1hHVlN6rgga28IlTKQmSKUVfsR%2FU5FSx4dxjWkgyx2cEio2IS3yWJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 80b6171859fd5699-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget-mediator.zopim.com/s/W/ws/0ILz5y3sidkmgslh/c/1695506737503
101 Switching Protocols 0 B URL GET HTTP/1.1 widget-mediator.zopim.com/s/W/ws/0ILz5y3sidkmgslh/c/1695506737503
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerAmazon
Subject*.zopim.com
Fingerprint55:C6:1C:AA:9A:68:51:14:5A:4B:5E:00:FC:0A:DE:B7:31:32:17:E7
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 06 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/0ILz5y3sidkmgslh/c/1695506737503 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.euroflorist.no
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DPop+rOnrjm6sTob0CZpHw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 23 Sep 2023 22:05:37 GMT
Connection: upgrade
Set-Cookie: AWSALB=FAML6qM39baGvFicvams14HZgcfpoQtjcbtxZe/l0pie0lzGkB7qSdlj3dyHCqL4j1k7tH/r3sOODtg19pMTyZ9y2jXEqGP4Fc0vDd5vsnEI+Rwirf8jzybPcSJv; Expires=Sat, 30 Sep 2023 22:05:37 GMT; Path=/
AWSALBCORS=FAML6qM39baGvFicvams14HZgcfpoQtjcbtxZe/l0pie0lzGkB7qSdlj3dyHCqL4j1k7tH/r3sOODtg19pMTyZ9y2jXEqGP4Fc0vDd5vsnEI+Rwirf8jzybPcSJv; Expires=Sat, 30 Sep 2023 22:05:37 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: 9nLYvgo1LWmUsGbYoXOJGCHR6wg=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
js.hsleadflows.net/leadflows.js
200 OK 553 kB URL GET HTTP/2 js.hsleadflows.net/leadflows.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:A1:55:C6:3D:AC:5A:B1:4F:CD:CD:80:A6:AD:F1:B8:4E:0B:34:67
ValiditySat, 06 May 2023 00:00:00 GMT - Sun, 05 May 2024 23:59:59 GMT
Size 553 kB (553340 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /leadflows.js HTTP/1.1
Host: js.hsleadflows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.euroflorist.no
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:34 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 04 Sep 2023 12:55:59 UTC
etag: W/"b41828c438dcec976b93ddee1edebd6d"
x-amz-server-side-encryption: AES256
x-amz-version-id: w9qtR_oGTBab1H9Wt5L5qiHDqxRKIaLE
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 13f73562b215175ddd75c2902ae36650.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P1
x-amz-cf-id: 0skotN0cHE0p9WCopjlTfHn6ZavHraz9Se3SsbKHq6xwPFViZk97_A==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js&cfRay=801ea2154d9d2d95-ARN
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1250/bundle/main/lead-flows-release.js
x-content-type-options: nosniff
access-control-allow-origin: *
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-4skbg
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 5a3d5b39-c53b-4304-a3e4-d9e8c781b94c
x-request-id: 5a3d5b39-c53b-4304-a3e4-d9e8c781b94c
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 32464
server: cloudflare
cf-ray: 80b6170528d45693-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=878de286-58a6-4752-b7d2-0b72ea6a099f
200 OK 10 kB URL GET HTTP/2 static.zdassets.com/ekr/snippet.js?key=878de286-58a6-4752-b7d2-0b72ea6a099f
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (10187), with no line terminators
Hash 42d94c325a0b012e41f9c3907853625a
567dbe8e0b61115deb7c33947f706d4e51c3ab49
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
GET /ekr/snippet.js?key=878de286-58a6-4752-b7d2-0b72ea6a099f HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:33 GMT
content-type: application/javascript
x-amz-id-2: GoVnoy2qF9Dk8kQ+MdMhKfghn0mARE7l9EgbJdLnNNuU43oimKcqsqzdesH+K0MfnzCSaDN4yLTxUfwJSR/6zQ==
x-amz-request-id: DMG72W2QZVQMR1RD
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
etag: W/"42d94c325a0b012e41f9c3907853625a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
cf-cache-status: HIT
age: 35
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQE%2FSlaLo13uwKuiMOb6mWxuPxTMAXU5W%2BwLo%2BbzoWq0EBRZ1am6djVSGyinNGjqgByiekfqzQyJf4rAhymPCmh9njVga0mfNeQyYp80bFFomOcifsZ1Sxq7di%2BBRnTEvl1bffI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 80b616fc3a505699-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.euroflorist.no/bundles/layout-redesign-js?v=MUk8VNnXfkrExtyVolkJHiC_nvDyBHAxuP8gQ1IHvko1
200 OK 854 kB URL GET HTTP/2 www.euroflorist.no/bundles/layout-redesign-js?v=MUk8VNnXfkrExtyVolkJHiC_nvDyBHAxuP8gQ1IHvko1
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoDaddy.com, Inc.
Subjecteuroflorist.se
Fingerprint64:5D:1A:A1:D2:56:02:6B:A6:57:58:8C:4A:E3:2B:12:5D:17:9A:B9
ValidityThu, 09 Mar 2023 08:21:55 GMT - Tue, 09 Apr 2024 08:21:55 GMT
Size 854 kB (854068 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bundles/layout-redesign-js?v=MUk8VNnXfkrExtyVolkJHiC_nvDyBHAxuP8gQ1IHvko1 HTTP/1.1
Host: www.euroflorist.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pin2wmrzx4xs2wxu2ootl04s; __RequestVerificationToken=fNvoq_Rz-mK5puO66zItzkhfxmOgx89F3-KqfsqmYKskwGwj_wPAlOJEGFEmrVA9qvmcA-4HMCNwZC7bCH3zHoT0J5UhrmyAImpYhTrBZ4I1; FunctionalAgreement=False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sun, 22 Sep 2024 22:05:33 GMT
last-modified: Sat, 23 Sep 2023 22:05:33 GMT
vary: User-Agent,Accept-Encoding
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: https://portal.euroflorist.intra
referrer-policy: no-referrer, origin, origin-when-cross-origin
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=16070400; includeSubDomains
date: Sat, 23 Sep 2023 22:05:33 GMT
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
200 OK 943 kB URL GET HTTP/2 static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT
Size 943 kB (942806 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web_widget/classic/latest/web-widget-main-4b22769.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:36 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: w4TxXbuKfsJtUaNYI21UQF3WwdyKVc0OvhjojDbcRlmcVg4D+m0Q+pJzOrBKqCsq6jwYIyHXPHU=
x-amz-request-id: DMGCDT70WXW0XTBG
x-amz-replication-status: COMPLETED
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
etag: W/"a3155ef9816fdf792d367e746086c583"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Fri, 23 Aug 2024 03:39:35 GMT
x-amz-version-id: Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
cf-cache-status: HIT
age: 317777
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUhFNXUy%2Fek7pYdAiP47QKFtelsFqhoaZpBn2gLOS5milbEvyKSi5F4RborJX%2FFFjYem6EvJaFZgmUzfEAy4rD7SrfmP%2Fm74k8W9lq3feBkDbKdbT%2BJZaIglCtmPvPFSEo4mDUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 80b6170f0b355699-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-JCYN5YS23G&l=dataLayer&cx=c
200 OK 242 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-JCYN5YS23G&l=dataLayer&cx=c
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (4179)
Size 242 kB (241933 bytes)
Hash f5862252423c38a5d6823f3f650ad392
3670326620c62271a510832c8ad92f7b73c379df
b6ffd64b8cb19bfbdd81ef69460c6f5010dbf926e67e3b57f4a20ed8845a8f97
GET /gtag/js?id=G-JCYN5YS23G&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 22:05:35 GMT
expires: Sat, 23 Sep 2023 22:05:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
200 OK 1.3 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.sync.bootstrap.min.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (1312), with no line terminators
Hash a7d804647e7bc60844b0ff2d4987d629
b47fd36e4b9d6fb70f908a01701c752068069325
bf0298ce3e4ed8e0f3c2e2cba85c3937f195c586dbbdb0027a59e9e3f32cf315
GET /bootstrap/v5/tp.widget.sync.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 712
last-modified: Wed, 03 May 2023 13:48:29 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 04:44:25 GMT
cache-control: max-age=86400
etag: "a148992a7b15dc7e6a9fa9d5e18e4368"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RI4vod36GsThWT72ILZOt1X3XtUpTdD9eyHZMZA8ffRWnuMyPRTR8A==
age: 62471
X-Firefox-Spdy: h2
js.hs-scripts.com/524589.js
200 OK 1.9 kB URL GET HTTP/2 js.hs-scripts.com/524589.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5A:DE:00:16:F4:3C:EB:0D:2A:0C:6E:27:59:94:38:E3:D9:B1:20:3E
ValidityWed, 03 May 2023 00:00:00 GMT - Thu, 02 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1975), with no line terminators
Hash ecee7d5ca5838049cc1173518744ff9f
d74f3c9fec18fc95b91b818ab68a2636b691b7d6
c6d0ae30529307215be78b0bd6964700cd255784f3bc81bc09af9fe9ea67d147
GET /524589.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:33 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.euroflorist.no
access-control-max-age: 3600
cache-control: public, max-age=60
cf-bgj: minify
cf-polished: origSize=1982
last-modified: Sat, 23 Sep 2023 22:03:36 GMT
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: fd6a0056-9f52-4be6-964c-11586e4775ee
x-trace: 2BE6CFF528184387F142FA53F6BAADC7CFA9DB629C000000000000000000
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c6c754784-zpmwq
x-evy-trace-virtual-host: all
x-request-id: fd6a0056-9f52-4be6-964c-11586e4775ee
cf-cache-status: HIT
age: 26
expires: Sat, 23 Sep 2023 22:06:33 GMT
server: cloudflare
cf-ray: 80b616fcccac56aa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
206 Partial Content 20 kB URL GET HTTP/2 static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Hash f11ce9e8f40a392830217253fe75d6de
89ba57fcc360da34756c127acba15a8b23267fc6
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
GET /web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Sat, 23 Sep 2023 22:05:38 GMT
content-type: audio/mpeg; charset=utf-8
content-length: 19698
x-amz-id-2: eQzEOFZMe/r9C0+OY6QUg3m41bK18eFYsBI7gacBvNYCmnNft6FcwhPvDybIFmPGRqFdE6rnABg=
x-amz-request-id: DMG8PXYYRESB9E4G
x-amz-replication-status: COMPLETED
last-modified: Wed, 20 Sep 2023 03:20:38 GMT
etag: "f11ce9e8f40a392830217253fe75d6de"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 19 Sep 2024 03:20:37 GMT
x-amz-version-id: 4ia8pwpPCBX0KpnOJLW8_qBKPEYvRo1z
cf-cache-status: HIT
age: 317780
content-range: bytes 0-19697/19698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlH%2FB2%2BN3PbH1xmbif6E5QboB7xpTqH32rXQxmbm5p58hVpsFHWwk4dq%2FOBYYQUMWFSCP88aUPVSXz5gbybRLuQvhbsjdJXYV7Y8uDPs%2FSuziTlvYYZBVPP2Vquj4R8T%2BPvJ2rU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 80b61718ea7c5699-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4b22769.js
200 OK 207 kB URL GET HTTP/2 static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4b22769.js
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (65307)
Size 207 kB (206924 bytes)
Hash a3208a9957c2dcf9612763d1d3138069
c0c72a5350358736c35a37eb1c76f2926369a9a0
24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6
GET /web_widget/classic/latest/web-widget-chat-sdk-4b22769.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 22:05:37 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: GiEEBCkOW1lsCk006xWhEFtaoVl0WRgcmAzyoJDlz7q9+s45PSblaHm1WWwQNBbF90Z9qXzPwXA=
x-amz-request-id: DMG7669N46G2MQWR
x-amz-replication-status: COMPLETED
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
etag: W/"a3208a9957c2dcf9612763d1d3138069"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Fri, 23 Aug 2024 03:39:35 GMT
x-amz-version-id: Gf4KFmmSRtALGQTFrJvpXz0Cxt2OhtK2
cf-cache-status: HIT
age: 317779
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxlLTW%2FsmxNKMLo14sw5cWoVsqwQgqn7sFa9WciySdsq0VDrE4sAmbAr7ugV%2FUljSQ5Tz%2FJJF1bF4Cf6CXI8Lw5mamvVRlnkYfBMKi%2F%2Fvpl2DKq%2FBXlv7NIuq3oCrUECBpY%2Bv94%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 80b61712ee505699-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-X3PETQRWQE&l=dataLayer&cx=c
200 OK 256 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-X3PETQRWQE&l=dataLayer&cx=c
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (4252)
Size 256 kB (255871 bytes)
Hash 8c842525a677963353b5d01dd8e52a59
8516cbf48c6c9b922051ccbb8d3d68dc596165e6
9f37ab4cea084549cd8281cf500acbb1736273189253c3c146690d950df71f79
GET /gtag/js?id=G-X3PETQRWQE&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 22:05:35 GMT
expires: Sat, 23 Sep 2023 22:05:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87861
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36
200 OK 15 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36
IP
Requested by https://www.euroflorist.no/?utm_source=tradedoubler&utm_medium=affiliate&affiliate_id=3299469&utm_campaign=finnblomster.no&tduid=e781c089bbcbb4fe70a94f0d8606b188
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12963)
Hash 7ff20b14c2f38f1c9eb93ce851770771
632fc705bbbb37fa7fdb71910c70583c9ee46bd7
6146aa599d7389810437d5ae488f919f8858d9744f31d501ec2d1e89824d8d60
GET /trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.euroflorist.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 3267
last-modified: Mon, 08 May 2023 11:42:00 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 21:56:43 GMT
cache-control: max-age=86400
etag: "2922a85ce6caf46f828c097bf7aa1036"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1fiXtGbvm-LvyLlGKRwxYCQo6Vq6FE8NkYxB6-qcUiAQ7HLjtfhtAg==
age: 533
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=4ecf4fda000064000511a347&locale=nb-NO&reviewLanguages=nb&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15
200 OK 7.7 kB URL GET HTTP/2 widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=4ecf4fda000064000511a347&locale=nb-NO&reviewLanguages=nb&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15
IP
Requested by https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36#locale=nb-NO&reviewLanguages=nb&stars=4%2C5&styleHeight=140px&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86
ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (8446), with no line terminators
Hash 5973e90dc9318521e1e34c31969352b9
dd4bad5132e7d90beaa904fbd35c7e298657fa21
d36b1a53fc9eb9defc92e946167ab60e56707e0e3be210125e4213ed022c9c19
GET /trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=4ecf4fda000064000511a347&locale=nb-NO&reviewLanguages=nb&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?businessunitId=4ecf4fda000064000511a347&templateId=53aa8912dec7e10d38f59f36
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
date: Sat, 23 Sep 2023 21:54:08 GMT
etag: "afc0a388621e2e17648c301cd8224d54"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zf7fXI9Pv2IiTKMeOZPCPuufkBMDkBE3PtviEawbeB14TJah0I4PPA==
age: 687
X-Firefox-Spdy: h2
88.208.45.26
13.107.213.53
104.18.126.12
91.198.193.111
54.171.182.174
185.162.85.19
52.29.233.253
0.0.0.0