r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5205
Expires: Thu, 08 Dec 2022 07:14:12 GMT
Date: Thu, 08 Dec 2022 05:47:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7773
Expires: Thu, 08 Dec 2022 07:57:00 GMT
Date: Thu, 08 Dec 2022 05:47:27 GMT
Connection: keep-alive
mkkuei4kdsz.com/971/492.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/971/492.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /971/492.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 08 Dec 2022 05:47:27 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 05:08:09 GMT
content-type: application/json
age: 2358
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16334
Expires: Thu, 08 Dec 2022 10:19:41 GMT
Date: Thu, 08 Dec 2022 05:47:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hRWEnwtYtoIUAkZiR1AAwveTGtakJkZZ/BwH6PMiZ5aFR5k/Xh11kZBNeffWRcseRbhp5QAfifk=
x-amz-request-id: KJB8BXS701MQBQ11
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 04:47:47 GMT
age: 3580
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:47:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15922152
expires: Tue, 28 Nov 2023 05:47:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aumsvsDCQob8AK40HqGvihZwE4StGB4i%2BEGbFvmzirmAObIVs%2B10Mi5hfEUuuvZicMvDg5uHmfHDwBCqQKmn9p64LorTrIPwxAxNzjujDXAzQggd%2FvjVjBMuDBp9TM%2BZcwW0DHqz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776334dc5c27b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 814abe752aa0a8c5f21a50a04a14fdb3
0b5db09b5ac30948dac5e0dd2dc8b171e6a8851b
d820c9fe909a20b7b11a28c26508cb8a536aae64c6c7094a0d8f9b0e3e705c56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D820C9FE909A20B7B11A28C26508CB8A536AAE64C6C7094A0D8F9B0E3E705C56"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Thu, 08 Dec 2022 07:11:36 GMT
Date: Thu, 08 Dec 2022 05:47:28 GMT
Connection: keep-alive
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/971/492.html
104.26.11.61200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/971/492.html
IP 104.26.11.61:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/971/492.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:47:28 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEquncj0XmpALhH7l2dqLM1Sb5Fdk%2Bi8P2mTPjfX%2Bdlk2CMqaZQocB3rNBsda7HGq2eLqqxZp1gW3BVVGXYSVW8tK6eX11kFMpod%2FbL%2FrcvcB3AWyXzu5ns5zrVFQISlWzo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776334dcf8b4b509-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 05:07:55 GMT
age: 2373
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3308
Cache-Control: max-age=101670
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:28 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:01:58 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3Y+s1kHHfSoDN9f29xqFzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ynTuEWq5uvrsqXqJPyyGarGVy8M=
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Hash b0f1cb8f79834d38a2acd4e9d11c6bc7
6ebfdc0cbe3eab438b05f837753adc6a12810d8b
0dd0af1d9d52661156befd8997c06132d3f36edbd24ce5649c009e5857bac00d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 05:47:29 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Thu, 08 Dec 2022 05:47:28 GMT
x-cache-miss-from: parking-d7dbd8c4d-lpd8s
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:47:29 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Thu, 15 Dec 2022 05:47:29 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 0ef480f29d2aacf833bc87a5c75a29c5
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDQ3ODQ0OTYxMzNiODFkNTg5NzRlMmMzODA2MmYzZjhjMGIyZmJm&crc=12ec3e778a6139a1a0520fbf50e6ab7c44dbe15e&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDQ3ODQ0OTYxMzNiODFkNTg5NzRlMmMzODA2MmYzZjhjMGIyZmJm&crc=12ec3e778a6139a1a0520fbf50e6ab7c44dbe15e&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDQ3ODQ0OTYxMzNiODFkNTg5NzRlMmMzODA2MmYzZjhjMGIyZmJm&crc=12ec3e778a6139a1a0520fbf50e6ab7c44dbe15e&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Thu, 08 Dec 2022 05:47:29 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-lpd8s
server: NginX
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Db-34-RJ6e5w_0&v=YWE0NjY3MWViZjk4NWM2MTQ2NGZmN2UyOTFjODVmYzkJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MTdhNzA0OWM0YjIuMjQ5NzM5ODMJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTE3YTcwNDljOTc5LjA3MTI4MDkxCTE2NzA0Nzg0NDkJYWRfNjNfMA==&l=OAljOWFjZTE2M2FhODg2Y2Y5ZmY1MWNjZjgzMmI0MDNjNwkwCTM1CTAJMjVmZGY5NWViOTJiYmMwM2NjYmIwYWUxZjFjOTFjMTIJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0Nzg0NDkJMC4wMDAyNjcJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Db-34-RJ6e5w_0&v=YWE0NjY3MWViZjk4NWM2MTQ2NGZmN2UyOTFjODVmYzkJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MTdhNzA0OWM0YjIuMjQ5NzM5ODMJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTE3YTcwNDljOTc5LjA3MTI4MDkxCTE2NzA0Nzg0NDkJYWRfNjNfMA==&l=OAljOWFjZTE2M2FhODg2Y2Y5ZmY1MWNjZjgzMmI0MDNjNwkwCTM1CTAJMjVmZGY5NWViOTJiYmMwM2NjYmIwYWUxZjFjOTFjMTIJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0Nzg0NDkJMC4wMDAyNjcJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Db-34-RJ6e5w_0&v=YWE0NjY3MWViZjk4NWM2MTQ2NGZmN2UyOTFjODVmYzkJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MTdhNzA0OWM0YjIuMjQ5NzM5ODMJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTE3YTcwNDljOTc5LjA3MTI4MDkxCTE2NzA0Nzg0NDkJYWRfNjNfMA==&l=OAljOWFjZTE2M2FhODg2Y2Y5ZmY1MWNjZjgzMmI0MDNjNwkwCTM1CTAJMjVmZGY5NWViOTJiYmMwM2NjYmIwYWUxZjFjOTFjMTIJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0Nzg0NDkJMC4wMDAyNjcJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 08 Dec 2022 05:47:29 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 08 Dec 2022 05:47:29 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Db-34-RJ6e5w_0&v=YWE0NjY3MWViZjk4NWM2MTQ2NGZmN2UyOTFjODVmYzkJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MTdhNzA0OWM0YjIuMjQ5NzM5ODMJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTE3YTcwNDljOTc5LjA3MTI4MDkxCTE2NzA0Nzg0NDkJYWRfNjNfMA==&l=OAljOWFjZTE2M2FhODg2Y2Y5ZmY1MWNjZjgzMmI0MDNjNwkwCTM1CTAJMjVmZGY5NWViOTJiYmMwM2NjYmIwYWUxZjFjOTFjMTIJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0Nzg0NDkJMC4wMDAyNjcJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-d7dbd8c4d-565j6
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Db-34-RJ6e5w_0&v=YWE0NjY3MWViZjk4NWM2MTQ2NGZmN2UyOTFjODVmYzkJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MTdhNzA0OWM0YjIuMjQ5NzM5ODMJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTE3YTcwNDljOTc5LjA3MTI4MDkxCTE2NzA0Nzg0NDkJYWRfNjNfMA==&l=OAljOWFjZTE2M2FhODg2Y2Y5ZmY1MWNjZjgzMmI0MDNjNwkwCTM1CTAJMjVmZGY5NWViOTJiYmMwM2NjYmIwYWUxZjFjOTFjMTIJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0Nzg0NDkJMC4wMDAyNjcJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Db-34-RJ6e5w_0&v=YWE0NjY3MWViZjk4NWM2MTQ2NGZmN2UyOTFjODVmYzkJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MTdhNzA0OWM0YjIuMjQ5NzM5ODMJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTE3YTcwNDljOTc5LjA3MTI4MDkxCTE2NzA0Nzg0NDkJYWRfNjNfMA==&l=OAljOWFjZTE2M2FhODg2Y2Y5ZmY1MWNjZjgzMmI0MDNjNwkwCTM1CTAJMjVmZGY5NWViOTJiYmMwM2NjYmIwYWUxZjFjOTFjMTIJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0Nzg0NDkJMC4wMDAyNjcJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52e71e2e8a7fb67b1da1090412f1c2d3
e102d5ecf9c27f9bb1097d721bb0f59436569ffe
052c2eaebf97d8c60bdb70dae4600b7a5c7393ca80fab38e8e85cc93dbc16843
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Db-34-RJ6e5w_0&v=YWE0NjY3MWViZjk4NWM2MTQ2NGZmN2UyOTFjODVmYzkJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MTdhNzA0OWM0YjIuMjQ5NzM5ODMJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTE3YTcwNDljOTc5LjA3MTI4MDkxCTE2NzA0Nzg0NDkJYWRfNjNfMA==&l=OAljOWFjZTE2M2FhODg2Y2Y5ZmY1MWNjZjgzMmI0MDNjNwkwCTM1CTAJMjVmZGY5NWViOTJiYmMwM2NjYmIwYWUxZjFjOTFjMTIJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0Nzg0NDkJMC4wMDAyNjcJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 08 Dec 2022 05:47:29 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 08 Dec 2022 05:47:29 GMT
location: http://xml.sedodna.com/click?i=b-34-RJ6e5w_0
x-cache-miss-from: parking-d7dbd8c4d-4r7pb
server: NginX
xml.sedodna.com/click?i=b-34-RJ6e5w_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=b-34-RJ6e5w_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=b-34-RJ6e5w_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3iaM8vcO7TGGn8XZNssXrAzkb-KNEq1_DUD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkgMSB3n-pE1pMB7PikiKp4IfeAmylp93fwrquaeKfq1d_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GYTCsgxUB8finSjL1a15r1QA3V5wECdKcc9LLTSPDtl1mLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_T4dbkE2gZnKXFqGCqPm8wMwuNP4Ajm5k3O0BUk3NSxCtG0MGFAOYka2xKXeYPKUdD9AcBCqFUHomTBENSMYjcUQ0bB2K52XJyVIWtW7gRSA5ZyHSD3frrXtMsmvoBtXiKn40A_mlPaSuzDjHeRMnCaZcIg7rqrWsSVixSw9VgWKY1L9DnkcdcWnIKar7SqDm3VyuW33b5-nGExxJeZX2mAZUhWw_80SI7_8ROHzkZaDNRLIa9pCIkWd6ZTJk1fseIedozOvh8r9KlsereocjznpE44DY7LZQawDi-Dmm-PmxVXhhO7BTQV4jm677_ZX-Os5XGYrwKSvS5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEF7lvgOr3qBPxLVtKHwT29XyG96y3w1nN_2_xqZNQ46nMLiGuSuVqhPO53HpcEDf1dVwyZHuj1fkQpriNLUhJP3E7DteiWSvZGiNYnRjuN49YeJkPoB-EMl9Bf5MSlmZ-rkTMjACB2qLOHbSfanezMqv8t-CR7SEJkIuGefHPnmAP5G2oPQOEn7uOpHSdFC2cyREUDXw63o3wsG0FCPpuh5a8IM-uXwwbQff73Sp7GQg9Kfngrve5yPKFFPdWytt09s8JEhLEQ3Rn1G_1MAS9Cax70Zcim0sg5bSTdWcYVZECtIe9BmV44lgd9nsM6YSj4aw70247WFtX5464EfUFmc81ilIzjn4z4SfHbi0RDkNyZWkkqHJjkEBFdWvLV8bJeOKALeLI7Jr_xuySUD8SPlua8KcUM0qAZbYz551kewMTxZlzE3DR1yJ52SsCoH3bB_5VceLdIX7AIyiLGumliRCmuI0tSEk_mxwxSNkqhtuP4YzkjMRWG1aofU65Q9qgfWMp2KO2d4JCg9T-mfi_SOTGcrR9fSiBZncoWwO3HW9xhUOAB8OmLedozOvh8r9J-MaopP9ZP5X75CBh9evoe
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 05:47:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 05:47:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 05:47:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 05:47:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Thu, 08 Dec 2022 06:49:57 GMT
Date: Thu, 08 Dec 2022 05:47:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:15:11 GMT
age: 77539
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 23455
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 23685
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cbac0c7e45d3f33c38dbf3af4de05ba
e9106fec14ddda290951c61eda64a69ada9a244a
98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 17:39:05 GMT
age: 43705
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2d14fc1b5d2e6d6f4751a2fe741b990
86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef
bfe88cb97ccec5af627853d0bbc02f4799c4b8a25a995c8578365cb5a2914d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: c5f3e36b-87f1-4938-819c-7b1a6ec6bfeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BXHJ0oAMFaKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d5-15635f9a10d25d8c1d702bbd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQXtGXxwwTmn7gMQQj5wM69mPzAmYXRyfTbYfgUovTGsS0y048GZDg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 28558
etag: "86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00cdac5a7f801c10e53b8651ceb94c46
d83d7a30038bbf534c531c3786c3458c66d6504a
4d767e2c8aee11a230ecbb4c5c2339a65ca380e87b713f2ad6c1efc02df07238
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: 153e9d72-d9e1-498e-b74b-f4fad27f4efd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pHs4oAMFYYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-44aa3006114060145bd0b16d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZsZPiQ026zur9XITdqX8eyH813-2rXyG6RrSLF4pZ4Wtk4mQJZd1SA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 28558
etag: "d83d7a30038bbf534c531c3786c3458c66d6504a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8cff693ee9c762244ede97dd8fcd747a
502f6f4bf0484b95b1a1339077d6fd9df5aced9e
99e344ff76e45b61c748a61cd60c67aff303ffc62e6e5a1e679f59d66c0a15da
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 05:47:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 19:25:46 GMT
Expires: Sun, 11 Dec 2022 19:25:45 GMT
Etag: "502f6f4bf0484b95b1a1339077d6fd9df5aced9e"
Cache-Control: max-age=307694,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776334e9bad8b51d-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3iaM8vcO7TGGn8XZNssXrAzkb-KNEq1_DUD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkgMSB3n-pE1pMB7PikiKp4IfeAmylp93fwrquaeKfq1d_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GYTCsgxUB8finSjL1a15r1QA3V5wECdKcc9LLTSPDtl1mLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_T4dbkE2gZnKXFqGCqPm8wMwuNP4Ajm5k3O0BUk3NSxCtG0MGFAOYka2xKXeYPKUdD9AcBCqFUHomTBENSMYjcUQ0bB2K52XJyVIWtW7gRSA5ZyHSD3frrXtMsmvoBtXiKn40A_mlPaSuzDjHeRMnCaZcIg7rqrWsSVixSw9VgWKY1L9DnkcdcWnIKar7SqDm3VyuW33b5-nGExxJeZX2mAZUhWw_80SI7_8ROHzkZaDNRLIa9pCIkWd6ZTJk1fseIedozOvh8r9KlsereocjznpE44DY7LZQawDi-Dmm-PmxVXhhO7BTQV4jm677_ZX-Os5XGYrwKSvS5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEF7lvgOr3qBPxLVtKHwT29XyG96y3w1nN_2_xqZNQ46nMLiGuSuVqhPO53HpcEDf1dVwyZHuj1fkQpriNLUhJP3E7DteiWSvZGiNYnRjuN49YeJkPoB-EMl9Bf5MSlmZ-rkTMjACB2qLOHbSfanezMqv8t-CR7SEJkIuGefHPnmAP5G2oPQOEn7uOpHSdFC2cyREUDXw63o3wsG0FCPpuh5a8IM-uXwwbQff73Sp7GQg9Kfngrve5yPKFFPdWytt09s8JEhLEQ3Rn1G_1MAS9Cax70Zcim0sg5bSTdWcYVZECtIe9BmV44lgd9nsM6YSj4aw70247WFtX5464EfUFmc81ilIzjn4z4SfHbi0RDkNyZWkkqHJjkEBFdWvLV8bJeOKALeLI7Jr_xuySUD8SPlua8KcUM0qAZbYz551kewMTxZlzE3DR1yJ52SsCoH3bB_5VceLdIX7AIyiLGumliRCmuI0tSEk_mxwxSNkqhtuP4YzkjMRWG1aofU65Q9qgfWMp2KO2d4JCg9T-mfi_SOTGcrR9fSiBZncoWwO3HW9xhUOAB8OmLedozOvh8r9J-MaopP9ZP5X75CBh9evoe
108.168.193.189302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3iaM8vcO7TGGn8XZNssXrAzkb-KNEq1_DUD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkgMSB3n-pE1pMB7PikiKp4IfeAmylp93fwrquaeKfq1d_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GYTCsgxUB8finSjL1a15r1QA3V5wECdKcc9LLTSPDtl1mLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_T4dbkE2gZnKXFqGCqPm8wMwuNP4Ajm5k3O0BUk3NSxCtG0MGFAOYka2xKXeYPKUdD9AcBCqFUHomTBENSMYjcUQ0bB2K52XJyVIWtW7gRSA5ZyHSD3frrXtMsmvoBtXiKn40A_mlPaSuzDjHeRMnCaZcIg7rqrWsSVixSw9VgWKY1L9DnkcdcWnIKar7SqDm3VyuW33b5-nGExxJeZX2mAZUhWw_80SI7_8ROHzkZaDNRLIa9pCIkWd6ZTJk1fseIedozOvh8r9KlsereocjznpE44DY7LZQawDi-Dmm-PmxVXhhO7BTQV4jm677_ZX-Os5XGYrwKSvS5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEF7lvgOr3qBPxLVtKHwT29XyG96y3w1nN_2_xqZNQ46nMLiGuSuVqhPO53HpcEDf1dVwyZHuj1fkQpriNLUhJP3E7DteiWSvZGiNYnRjuN49YeJkPoB-EMl9Bf5MSlmZ-rkTMjACB2qLOHbSfanezMqv8t-CR7SEJkIuGefHPnmAP5G2oPQOEn7uOpHSdFC2cyREUDXw63o3wsG0FCPpuh5a8IM-uXwwbQff73Sp7GQg9Kfngrve5yPKFFPdWytt09s8JEhLEQ3Rn1G_1MAS9Cax70Zcim0sg5bSTdWcYVZECtIe9BmV44lgd9nsM6YSj4aw70247WFtX5464EfUFmc81ilIzjn4z4SfHbi0RDkNyZWkkqHJjkEBFdWvLV8bJeOKALeLI7Jr_xuySUD8SPlua8KcUM0qAZbYz551kewMTxZlzE3DR1yJ52SsCoH3bB_5VceLdIX7AIyiLGumliRCmuI0tSEk_mxwxSNkqhtuP4YzkjMRWG1aofU65Q9qgfWMp2KO2d4JCg9T-mfi_SOTGcrR9fSiBZncoWwO3HW9xhUOAB8OmLedozOvh8r9J-MaopP9ZP5X75CBh9evoe
IP 108.168.193.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3iaM8vcO7TGGn8XZNssXrAzkb-KNEq1_DUD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkgMSB3n-pE1pMB7PikiKp4IfeAmylp93fwrquaeKfq1d_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GYTCsgxUB8finSjL1a15r1QA3V5wECdKcc9LLTSPDtl1mLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_T4dbkE2gZnKXFqGCqPm8wMwuNP4Ajm5k3O0BUk3NSxCtG0MGFAOYka2xKXeYPKUdD9AcBCqFUHomTBENSMYjcUQ0bB2K52XJyVIWtW7gRSA5ZyHSD3frrXtMsmvoBtXiKn40A_mlPaSuzDjHeRMnCaZcIg7rqrWsSVixSw9VgWKY1L9DnkcdcWnIKar7SqDm3VyuW33b5-nGExxJeZX2mAZUhWw_80SI7_8ROHzkZaDNRLIa9pCIkWd6ZTJk1fseIedozOvh8r9KlsereocjznpE44DY7LZQawDi-Dmm-PmxVXhhO7BTQV4jm677_ZX-Os5XGYrwKSvS5-xlGe0EOpU80L84loquu401UL1S-EnCWMKhHKi5ajUWvFb9cvSH1gt0PJ8CmbhEF7lvgOr3qBPxLVtKHwT29XyG96y3w1nN_2_xqZNQ46nMLiGuSuVqhPO53HpcEDf1dVwyZHuj1fkQpriNLUhJP3E7DteiWSvZGiNYnRjuN49YeJkPoB-EMl9Bf5MSlmZ-rkTMjACB2qLOHbSfanezMqv8t-CR7SEJkIuGefHPnmAP5G2oPQOEn7uOpHSdFC2cyREUDXw63o3wsG0FCPpuh5a8IM-uXwwbQff73Sp7GQg9Kfngrve5yPKFFPdWytt09s8JEhLEQ3Rn1G_1MAS9Cax70Zcim0sg5bSTdWcYVZECtIe9BmV44lgd9nsM6YSj4aw70247WFtX5464EfUFmc81ilIzjn4z4SfHbi0RDkNyZWkkqHJjkEBFdWvLV8bJeOKALeLI7Jr_xuySUD8SPlua8KcUM0qAZbYz551kewMTxZlzE3DR1yJ52SsCoH3bB_5VceLdIX7AIyiLGumliRCmuI0tSEk_mxwxSNkqhtuP4YzkjMRWG1aofU65Q9qgfWMp2KO2d4JCg9T-mfi_SOTGcrR9fSiBZncoWwO3HW9xhUOAB8OmLedozOvh8r9J-MaopP9ZP5X75CBh9evoe HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 05:47:30 GMT
content-length: 0
set-cookie: rhid=82510227998; Max-Age=15552000; Expires=Tue, 06-Jun-2023 05:47:30 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p201298.mybettermb.com/adServe/domainClick?ai=GNWsBy0vmeWNIRD1OGzon2SZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF6ciSN7CaQexuqZ_HrRuXqwbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-SbvFnKLkrsn4iLRBjWVZn5s2OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-LKm9jbl9T85jWrYzhVCXppWMt11ucqtjA&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukPxZyi5K7J-ImFDHVMpq5qMUg6Ebh3rOaTfx-1CQx6Va7z6eZJs39IRQdYBSGvjOAJIpRolbwhPuw&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29564, version 1.0\012- data
Hash 1b66ccb164151a6cf698667c8b570cc6
f5617a0f087645703c874453960be6382c8a7427
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
GET /s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poroshop.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:31:43 GMT
expires: Fri, 01 Dec 2023 12:31:43 GMT
cache-control: public, max-age=31536000
age: 580550
last-modified: Tue, 19 Apr 2022 17:55:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r.srvtrck.com/v1/redirect?type=linkId&id=e6ac30da9827432d8f47df074fd82b0b&api_key=aed6cc324ad47c90a20724d0bfad2ff7&site_id=a06e6a1e26d442e1a38a549f69ef4fcd&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-438203600
104.19.169.96302 Found 0 B URL HTTP/2 r.srvtrck.com/v1/redirect?type=linkId&id=e6ac30da9827432d8f47df074fd82b0b&api_key=aed6cc324ad47c90a20724d0bfad2ff7&site_id=a06e6a1e26d442e1a38a549f69ef4fcd&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-438203600
IP 104.19.169.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect?type=linkId&id=e6ac30da9827432d8f47df074fd82b0b&api_key=aed6cc324ad47c90a20724d0bfad2ff7&site_id=a06e6a1e26d442e1a38a549f69ef4fcd&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-438203600 HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 05:47:33 GMT
content-length: 0
p3p: CP="CAO PSA OUR"
set-cookie: ykuid=86e35b092249409a9c9441003d42ea25; Domain=.srvtrck.com; Expires=Fri, 08-Dec-2023 05:47:33 GMT; Path=/
location: /v2/go?t=ot.pr%3Al%2Frwt.inwewf2oFa%25n3%2Fpdtr%3Dc%26e6s7%3Fft52b5d980a2f7463_d0f0c03084157110b4c3dv84e4403_4_f9283%3Dcte%2F5rbkrahtta%25oA.2r%25lFrwt.inwewf%2Fosatnh&e=1&ai=a83c685be6564514bb611c42e9d15e1a&sct=0&ct=1670478453329&cu=813bccfdd83e44f3a48fd2b35cfe756b&ykuid=86e35b092249409a9c9441003d42ea25&sc=1&cs=234ec9a5f00145125826f69ff0e85632
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776334fc09cd1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.interflora.no/adtrackers/?tt=28599_0_207464_v030400014517813bccfdd83e44f3a48fd2b35cfe756b&r=http%3A%2F%2Fwww.interflora.no
195.159.124.17301 Moved Permanently 0 B URL HTTP/2 www.interflora.no/adtrackers/?tt=28599_0_207464_v030400014517813bccfdd83e44f3a48fd2b35cfe756b&r=http%3A%2F%2Fwww.interflora.no
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adtrackers/?tt=28599_0_207464_v030400014517813bccfdd83e44f3a48fd2b35cfe756b&r=http%3A%2F%2Fwww.interflora.no HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.srvtrck.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: text/html; charset=UTF-8
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; expires=Fri, 08-Dec-2023 05:47:33 GMT; Max-Age=31536000; path=/; domain=.interflora.no
TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; path=/; domain=.interflora.no
location: https://tc.tradetracker.net/?c=28599&m=0&a=207464&r=v030400014517813bccfdd83e44f3a48fd2b35cfe756b&u=http%3A%2F%2Fwww.interflora.no
cache-control: max-age=60
expires: Thu, 08 Dec 2022 05:48:33 GMT
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 027885c5d6e0ceb479674a6cc869712a
497f84f9aff02caa814c502da6d408849b27f098
efbd7dddbeeb6ca34393411f26bbba079dcbd4b4410680626309ebdc23e9a523
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165539
Date: Thu, 08 Dec 2022 05:47:33 GMT
Etag: "63915bc8-1d7"
Expires: Sat, 10 Dec 2022 03:46:32 GMT
Last-Modified: Thu, 08 Dec 2022 03:36:40 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9Lh5wlyfXk8BCK2jUWdOZta-QRDxztog1hYeojktQkjiKfx17babDA==
Age: 592
www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
195.159.124.17200 OK 19 kB URL HTTP/2 www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6312), with CRLF, LF line terminators
Hash da68406df89cc355ca349f8fbe9661ca
37786a7d07ca962e2f635ca759299aca0f2f286a
7e91a06f8bb1c7f162745d6d9a0abb0c11ada447d425080cfe91528f13213734
GET /?utm_source=tradetracker&utm_medium=&utm_content=custom HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: text/html; charset=utf-8
content-length: 18580
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Thu, 08 Dec 2022 05:47:34 GMT
set-cookie: PHPSESSID=661b145806cb19ef739e2c234c727e6a; path=/; secure; HttpOnly
last-modified: Sun, 04 Dec 2022 19:13:39 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/css/animate/animate.css
195.159.124.17200 OK 5.1 kB URL HTTP/2 www.interflora.no/cpclass/css/animate/animate.css
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (460)
Hash ac0a469c50c8af410f96bc1b0c6b5668
c32952361367d4a6f2e55ce8ddb386e720bd3922
99eeb835846def4536b31cdc39f44d67b08b2ba3e80ddf78b4be65f10c8c1e4b
GET /cpclass/css/animate/animate.css HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: text/css
content-length: 5072
last-modified: Mon, 04 Apr 2016 07:04:59 GMT
etag: "11073-52fa358c47cc0-gzip"
accept-ranges: bytes
cache-control: max-age=1296000
expires: Fri, 23 Dec 2022 05:47:33 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/run/cookieinfo/cookieinfo-interflora.css
195.159.124.17200 OK 463 B URL HTTP/2 www.interflora.no/cpclass/run/cookieinfo/cookieinfo-interflora.css
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash f88e7d4132367e47f98c5ac58c31fab9
19fccf2aa823bc63d37e7fa20cf7ba00785b37fa
7be8e220a90abf89ef8050e7c2f7c7946dc3da6a86f1b4d962c59db7dd6ccdd9
GET /cpclass/run/cookieinfo/cookieinfo-interflora.css HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: text/css
content-length: 463
last-modified: Thu, 09 Jul 2015 03:19:19 GMT
etag: "460-51a68b8913bc0-gzip"
accept-ranges: bytes
cache-control: max-age=1296000
expires: Fri, 23 Dec 2022 05:47:33 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/lightgallery/css/lightgallery.min.css
195.159.124.17200 OK 3.1 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/lightgallery/css/lightgallery.min.css
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (16162), with no line terminators
Hash 6a9172c830c2604357365e6b8df997a3
226dd566a8a103c4f2cfa6937a319a0cbe4bd665
b859a5a6feb982f49f61e2294c4cb5bb2efd4125027f037c9cb017cf79a47c83
GET /cpclass/js/jquery/lightgallery/css/lightgallery.min.css HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: text/css
content-length: 3099
last-modified: Wed, 11 Nov 2015 17:13:29 GMT
etag: "3f22-52446f1f18040-gzip"
accept-ranges: bytes
cache-control: max-age=1296000
expires: Fri, 23 Dec 2022 05:47:33 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/jquery.js
195.159.124.17200 OK 33 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/jquery.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (65482), with CRLF line terminators
Hash 06bec48da84a14c446fff639be270b56
440572585700563da7f818af270a269dda9bad2c
112bad560f9a62eb92060e45a4090de18ba9b9d690b982da8f1a718dbccec346
GET /cpclass/js/jquery/jquery.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: application/javascript
content-length: 33433
last-modified: Tue, 13 Nov 2012 13:21:03 GMT
etag: "16dc5-4ce604a258dc0-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/run/cpshop4/js/shop4jq.js
195.159.124.17200 OK 1.8 kB URL HTTP/2 www.interflora.no/cpclass/run/cpshop4/js/shop4jq.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash fef46d6e2496dfc9b0350a9b9bc9ae56
798da7801ee76acbbbccd9ecfe0d8b9c62749c93
4e8ee5eef3030362d0180cc05ae547c95296a804bd67489944b8df14c415d4c2
GET /cpclass/run/cpshop4/js/shop4jq.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: application/javascript
content-length: 1763
last-modified: Tue, 27 Apr 2021 08:52:55 GMT
etag: "1890-5c0f06365bd89-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/fullpage/jquery.fullpage.min.js
195.159.124.17200 OK 10 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/fullpage/jquery.fullpage.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (29479), with CRLF, LF line terminators
Hash 7509edc94d0d0ff24e8b7c6439e42eab
64b29206173c9c2d75d29afcf61041d756a862bd
92e53ba9628e5e326de2fd3a526e22267abba66e44f8b14d6ecb55ab1a304716
GET /cpclass/js/jquery/fullpage/jquery.fullpage.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: application/javascript
content-length: 10043
last-modified: Thu, 08 Dec 2016 10:58:56 GMT
etag: "7404-5432386151c00-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/lazysizes/lazysizes.min.js
195.159.124.17200 OK 3.1 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/lazysizes/lazysizes.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (6632)
Hash 04dede077870260b7596e01dd094dea0
d8af329fbea8f7c63be882753c4abbcfb0a8f162
5b56cc3a2b190aee59a17bcde4f27e6d0191ae0fa5599d652f49d29677508396
GET /cpclass/js/jquery/lazysizes/lazysizes.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 3131
last-modified: Tue, 24 Oct 2017 09:40:07 GMT
etag: "1a08-55c47b96e4bc0-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/cpcommon.js.php?v=20221208xx
195.159.124.17200 OK 11 kB URL HTTP/2 www.interflora.no/cpclass/js/cpcommon.js.php?v=20221208xx
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type HTML document, ASCII text
Hash 3dc91051ba838a45a786a7443ce20c81
ee9d52711314fc8662fe0b3c71a53e7718eec64f
f18e87e7624211388ed0541996b0eaa14ccd4d709297fb70778abf7e6c643d1a
GET /cpclass/js/cpcommon.js.php?v=20221208xx HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/javascript;charset=UTF-8
content-length: 10803
cache-control: max-age=60
expires: Thu, 08 Dec 2022 05:47:36 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.interflora.no/cpclass/js/jquery/customization.js
195.159.124.17200 OK 767 B URL HTTP/2 www.interflora.no/cpclass/js/jquery/customization.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with CRLF line terminators
Hash 18e0076e6cacfe14df727d5259864e08
bb79dfcf06fc954e32447dd8b0e629c1383e33e4
a4680c5f52db3f67d030b0a3517d2cd2ea8ab1237a0e1b8f76de0640f334cc1a
GET /cpclass/js/jquery/customization.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 767
last-modified: Mon, 28 Oct 2013 13:48:12 GMT
etag: "713-4e9cd59dbff00-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/fullpage/scrolloverflow.min.js
195.159.124.17200 OK 8.7 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/fullpage/scrolloverflow.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (615)
Hash 57dbede20a6cf4e6d68a325f717d41e5
f6eb723bf773434b0907b4bda58437e67ba25a64
b90a327b4db345f388a634d51c2c1109cf83a038b7ed73c28f2b44983149db7c
GET /cpclass/js/jquery/fullpage/scrolloverflow.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 8744
last-modified: Thu, 08 Dec 2016 11:00:06 GMT
etag: "80f3-543238a413980-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:48 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/lightslider/js/lightslider.min.js
195.159.124.17200 OK 4.9 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/lightslider/js/lightslider.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (15886)
Hash 768cb591d886877115cd2e7d4e688c19
77f9050071824428c3bedd86c27232b7c5a5fb23
7d58c1a3b81a9d502391a9aa55e757350c0b710bea78b2664345b839ba9feb42
GET /cpclass/js/jquery/lightslider/js/lightslider.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 4942
last-modified: Mon, 01 Feb 2016 16:40:42 GMT
etag: "3e92-52ab80bb03680-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/lazysizes-respimg/ls.respimg.min.js
195.159.124.17200 OK 1.8 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/lazysizes-respimg/ls.respimg.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (3763)
Hash 95aa0cf8e4aa32911bde4e84b46687a3
c865cacbad951595b25c3cabd8a05603842acfab
5eab370b33d606ef4d8ccd3d4ce0c00a278fb5381df6e0b7a846b49cdef96111
GET /cpclass/js/jquery/lazysizes-respimg/ls.respimg.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 1751
last-modified: Tue, 24 Oct 2017 09:12:47 GMT
etag: "ed3-55c4757ade1c0-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/lightgallery/js/lightgallery.min.js
195.159.124.17200 OK 5.0 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/lightgallery/js/lightgallery.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (16689)
Hash 02a17fe7441025472976d40a64b72382
1dbc7603b2026d8f6195586e4e8cffaf0e5c9ea0
056d9935b22646769aca4778462e9f6e021a8b8ea2e52f810b15e3e0b5f5c864
GET /cpclass/js/jquery/lightgallery/js/lightgallery.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 5036
last-modified: Wed, 11 Nov 2015 17:13:29 GMT
etag: "41bd-52446f1f18040-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/css/scss-imports/v6.4.3/js/what-input.min.js
195.159.124.17200 OK 1.4 kB URL HTTP/2 www.interflora.no/cpclass/css/scss-imports/v6.4.3/js/what-input.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (2917)
Hash f6cf26d672e367b63d1e38b4c6630ec4
bf37ab35cd5e80f32b16d428394073c6c89632ef
2c760e7aa9b5f0887b889d8a14db89817ac46e1317e2d3d910881f3bc36fa25b
GET /cpclass/css/scss-imports/v6.4.3/js/what-input.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 1381
last-modified: Mon, 30 Oct 2017 12:55:30 GMT
etag: "c24-55cc327395480-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/imagesloaded/jquery.imagesloaded.min.js
195.159.124.17200 OK 2.2 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/imagesloaded/jquery.imagesloaded.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (6309)
Hash d2ed4d019084a6efda1f4e6509c169a7
4490c43570b7d8528ea236578083f8ef554ba2ab
45514f458aeabfbf19a92ab8e5bb5a2f60353db1fbad34486ab98f2b40b98c54
GET /cpclass/js/jquery/imagesloaded/jquery.imagesloaded.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 2202
last-modified: Mon, 02 Feb 2015 09:42:29 GMT
etag: "190b-50e17c5caeb40-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
r.srvtrck.com/v2/go?t=ot.pr%3Al%2Frwt.inwewf2oFa%25n3%2Fpdtr%3Dc%26e6s7%3Fft52b5d980a2f7463_d0f0c03084157110b4c3dv84e4403_4_f9283%3Dcte%2F5rbkrahtta%25oA.2r%25lFrwt.inwewf%2Fosatnh&e=1&ai=a83c685be6564514bb611c42e9d15e1a&sct=0&ct=1670478453329&cu=813bccfdd83e44f3a48fd2b35cfe756b&ykuid=86e35b092249409a9c9441003d42ea25&sc=1&cs=234ec9a5f00145125826f69ff0e85632
104.19.169.96200 OK 1.2 kB URL HTTP/2 r.srvtrck.com/v2/go?t=ot.pr%3Al%2Frwt.inwewf2oFa%25n3%2Fpdtr%3Dc%26e6s7%3Fft52b5d980a2f7463_d0f0c03084157110b4c3dv84e4403_4_f9283%3Dcte%2F5rbkrahtta%25oA.2r%25lFrwt.inwewf%2Fosatnh&e=1&ai=a83c685be6564514bb611c42e9d15e1a&sct=0&ct=1670478453329&cu=813bccfdd83e44f3a48fd2b35cfe756b&ykuid=86e35b092249409a9c9441003d42ea25&sc=1&cs=234ec9a5f00145125826f69ff0e85632
IP 104.19.169.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 891d682d630ef6d0a0a4f6500b446691
43ceb992219330478e6f4e39db70c96ee3c1fc98
61b1970d794bbfdfb9f917120021e27887ecbb9cba9235a482e109c4cd8a9916
GET /v2/go?t=ot.pr%3Al%2Frwt.inwewf2oFa%25n3%2Fpdtr%3Dc%26e6s7%3Fft52b5d980a2f7463_d0f0c03084157110b4c3dv84e4403_4_f9283%3Dcte%2F5rbkrahtta%25oA.2r%25lFrwt.inwewf%2Fosatnh&e=1&ai=a83c685be6564514bb611c42e9d15e1a&sct=0&ct=1670478453329&cu=813bccfdd83e44f3a48fd2b35cfe756b&ykuid=86e35b092249409a9c9441003d42ea25&sc=1&cs=234ec9a5f00145125826f69ff0e85632 HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ykuid=86e35b092249409a9c9441003d42ea25
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: text/html;charset=UTF-8
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776334fd6a3a1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.interflora.no/cpclass/css/scss-imports/v6.4.3/js/foundation.min.js
195.159.124.17200 OK 33 kB URL HTTP/2 www.interflora.no/cpclass/css/scss-imports/v6.4.3/js/foundation.min.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (31941)
Hash 294179f79f4cfde30bc7133ba16727e1
b46990708161c627aa265adbd8e6bd23ccd15c45
e689a36d05816c37237465f3ef74b5e4ab7eb0f3a2b9d2841ee7b97fe8706855
GET /cpclass/css/scss-imports/v6.4.3/js/foundation.min.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 32759
last-modified: Sat, 11 Nov 2017 00:08:32 GMT
etag: "24c70-55da9d66f707c-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/class/shop4/customers/interflora/js/custom2017v2.js?v=107
19 kB URL www.interflora.no/cpclass/class/shop4/customers/interflora/js/custom2017v2.js?v=107
IP :0
File type gzip compressed data, from Unix\012- data
Hash aa818f1414c16b31df156e80a8451c27
5b6f30e7bd76dac5014dfa1017bf6044b70cbabf
e17c1915513c86678b0fcb8cddba67a71869e5a33d6de62ff367a4f0d7083d7c
GET /cpclass/class/shop4/customers/interflora/js/custom2017v2.js?v=107 HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
img5.custompublish.com/getfile.php/3820767.1285.xfcdqucudp/butikk.svg
195.159.124.10200 OK 418 B URL HTTP/2 img5.custompublish.com/getfile.php/3820767.1285.xfcdqucudp/butikk.svg
IP 195.159.124.10:0
ASN #2116 Globalconnect As
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (703)
Hash 9bd2da05de47755736ed7b364a625f19
b7b9aaafeb4aa2f7b4c09831c2e93e4ea23657af
ad050cd2c9fa371423ea132fae3bdab7f1f772b44e5e28c087bffdf2d40d4e62
GET /getfile.php/3820767.1285.xfcdqucudp/butikk.svg HTTP/1.1
Host: img5.custompublish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:48:59 GMT
content-type: image/svg+xml
content-length: 418
expires: Fri, 23 Dec 2022 00:00:00 +0100
cache-control: cache
pragma: cache
last-modified: Sat, 03 Dec 2022 00:00:00 +0100
accept-ranges: bytes
content-disposition: inline; filename="butikk.svg"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery3/ui/jquery-ui.css
195.159.124.17200 OK 8.7 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery3/ui/jquery-ui.css
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (2515)
Hash 2a86fa318f08dd383db730b088628eb7
33e834b84d1798ffd3c31afec09b54a2a01bb6e7
a6d31d4a503c9fd56961b1a4391150e1a0054ffe82ad0a8fddef904ddf5e5183
GET /cpclass/js/jquery3/ui/jquery-ui.css HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/css
content-length: 8692
last-modified: Thu, 22 Jun 2017 14:04:41 GMT
etag: "91f9-5528cf74fe3f3-gzip"
accept-ranges: bytes
cache-control: max-age=1296000
expires: Fri, 23 Dec 2022 05:47:34 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
img5.custompublish.com/getfile.php/3820768.1285.bubtbuswwr/handlekurv.svg
195.159.124.10200 OK 655 B URL HTTP/2 img5.custompublish.com/getfile.php/3820768.1285.bubtbuswwr/handlekurv.svg
IP 195.159.124.10:0
ASN #2116 Globalconnect As
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (345)
Hash beaff84278dbb289fbd74d14ac0daa2d
b0c7d6b34b5cdb6820f9803aa28118614b4f3cbd
d3c03746c2794bf517f34f0df8126eb3c58d47409533eaa05addf7a8c5281022
GET /getfile.php/3820768.1285.bubtbuswwr/handlekurv.svg HTTP/1.1
Host: img5.custompublish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:48:59 GMT
content-type: image/svg+xml
content-length: 655
expires: Fri, 23 Dec 2022 00:00:00 +0100
cache-control: cache
pragma: cache
last-modified: Sat, 03 Dec 2022 00:00:00 +0100
accept-ranges: bytes
content-disposition: inline; filename="handlekurv.svg"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 34fe12d2042b00db7312c5221ad9e23d
ea357e76da9cd9d01a4b0a0910b4d6e22fca6f04
2ab18de4877863d758feaa8187c8db6f792740be8e78d2291b6d8cf770ed97d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3821
Cache-Control: max-age=160474
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:34 GMT
Etag: "63913b63-117"
Expires: Sat, 10 Dec 2022 02:22:08 GMT
Last-Modified: Thu, 08 Dec 2022 01:18:27 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
www.interflora.no/cpclass/css/scss-imports/motionui/motion-ui.min.css
195.159.124.17200 OK 1.5 kB URL HTTP/2 www.interflora.no/cpclass/css/scss-imports/motionui/motion-ui.min.css
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (16273), with no line terminators
Hash b9172b9ba38b18c247ecc3f8bc4597de
cc4277dac97d97844b7c855623ec236e9c93d4d3
32b5aa15af922ff110476d84a83cedd8e46170c071bf638cc552bed73edae630
GET /cpclass/css/scss-imports/motionui/motion-ui.min.css HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/css
content-length: 1456
last-modified: Wed, 16 Feb 2022 09:51:58 GMT
etag: "3f91-5d81f99bd4b14-gzip"
accept-ranges: bytes
cache-control: max-age=1296000
expires: Fri, 23 Dec 2022 05:47:34 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
img5.custompublish.com/getfile.php/3820770.1285.syywavstde/levering.svg
195.159.124.10200 OK 273 B URL HTTP/2 img5.custompublish.com/getfile.php/3820770.1285.syywavstde/levering.svg
IP 195.159.124.10:0
ASN #2116 Globalconnect As
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (436)
Hash 2b23f6789a874a202dcf059097a0bd51
1f6edc89719a77632962b92c19319260e23d5c31
dd47f2b3fd69ed04bff3616479fc1697cf130e0a3d65d7ad74c8b0836d73ed68
GET /getfile.php/3820770.1285.syywavstde/levering.svg HTTP/1.1
Host: img5.custompublish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:48:59 GMT
content-type: image/svg+xml
content-length: 273
expires: Fri, 23 Dec 2022 00:00:00 +0100
cache-control: cache
pragma: cache
last-modified: Sat, 03 Dec 2022 00:00:00 +0100
accept-ranges: bytes
content-disposition: inline; filename="levering.svg"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/css/cpcommon.css?v=20221208
195.159.124.17200 OK 7.2 kB URL HTTP/2 www.interflora.no/css/cpcommon.css?v=20221208
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash 4e1cd5beca975cd42de4876411422949
9b95ee0e4edfec9babc43a80912b5f487f8fb3c3
74f166c124aa34d7f4060546bd257876b47a9c5299fe85b185b4f5643e52857b
GET /css/cpcommon.css?v=20221208 HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/css
content-length: 7233
last-modified: Mon, 05 Dec 2022 21:14:25 GMT
etag: "8b1f-5ef1b2c099288-gzip"
accept-ranges: bytes
cache-control: max-age=1296000
expires: Fri, 23 Dec 2022 05:47:34 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
img5.custompublish.com/getfile.php/3820775.1285.dfpfbcffqs/verden.svg
195.159.124.10200 OK 816 B URL HTTP/2 img5.custompublish.com/getfile.php/3820775.1285.dfpfbcffqs/verden.svg
IP 195.159.124.10:0
ASN #2116 Globalconnect As
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 95a566471d8564fc34813b9934e1d95f
8ff33ed6d7a80ead1a449a74532a1e57bae5bf24
36c9313b595f25ce2e985251d598a67853b475bbf8be61ac622f7adf772b7d4d
GET /getfile.php/3820775.1285.dfpfbcffqs/verden.svg HTTP/1.1
Host: img5.custompublish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:48:59 GMT
content-type: image/svg+xml
content-length: 816
expires: Fri, 23 Dec 2022 00:00:00 +0100
cache-control: cache
pragma: cache
last-modified: Sat, 03 Dec 2022 00:00:00 +0100
accept-ranges: bytes
content-disposition: inline; filename="verden.svg"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery3/ui/jquery-ui.js
195.159.124.17200 OK 68 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery3/ui/jquery-ui.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (32074)
Hash c10ed8605cd3a62d30d6bfd0fe981487
6854be66391ce424bee775d8eabbd134053f2e98
1bca88e4a548c9976a5deb5a87843dd55274e361a0ebb966e1dcf0df271d0876
GET /cpclass/js/jquery3/ui/jquery-ui.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 68029
last-modified: Wed, 14 Sep 2016 15:34:06 GMT
etag: "3dee5-53c7975a4d780-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:48 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/js/jquery/fullpage/jquery.fullpage.min.css
195.159.124.17200 OK 1.2 kB URL HTTP/2 www.interflora.no/cpclass/js/jquery/fullpage/jquery.fullpage.min.css
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type ASCII text, with very long lines (3564), with CRLF, LF line terminators
Hash d2dadcc0cecbe7300c65ed3c20ce1a71
0fd2a78996d09b395937dd41c0ffffbb40e13aa5
2b11dc15aea5fce8bccfd7ac11758cd595961e23c7f6ba88f7287b3a19701c28
GET /cpclass/js/jquery/fullpage/jquery.fullpage.min.css HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/css
content-length: 1203
last-modified: Thu, 08 Dec 2016 10:58:56 GMT
etag: "ec0-5432386151c00-gzip"
accept-ranges: bytes
cache-control: max-age=1296000
expires: Fri, 23 Dec 2022 05:47:34 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
img5.custompublish.com/getfile.php/3820773.1285.dasxvypevy/profil.svg
195.159.124.10200 OK 528 B URL HTTP/2 img5.custompublish.com/getfile.php/3820773.1285.dasxvypevy/profil.svg
IP 195.159.124.10:0
ASN #2116 Globalconnect As
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3735fa04ec521c0614682b8181c733cc
44fedd4e3299690c8382176e438a320c8c8bc5d6
5351a2b6c62a22634ff059600abf3791ea3cf1feded14d29c2da1cb4798e9c8a
GET /getfile.php/3820773.1285.dasxvypevy/profil.svg HTTP/1.1
Host: img5.custompublish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:48:59 GMT
content-type: image/svg+xml
content-length: 528
expires: Fri, 23 Dec 2022 00:00:00 +0100
cache-control: cache
pragma: cache
last-modified: Sat, 03 Dec 2022 00:00:00 +0100
accept-ranges: bytes
content-disposition: inline; filename="profil.svg"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/cpclass/run/cookieinfo/cookieinfo-interflora.js
195.159.124.17200 OK 1.2 kB URL HTTP/2 www.interflora.no/cpclass/run/cookieinfo/cookieinfo-interflora.js
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type HTML document, Unicode text, UTF-8 text, with very long lines (461)
Hash a8b2d27adc7a7c5a64f16cab1eccc745
237200473f071e5467c476713777f29eec344b08
50e2d04e4175c2c80c917087d7107bf714df92d1f415fc6b54be503fd77fdb25
GET /cpclass/run/cookieinfo/cookieinfo-interflora.js HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: application/javascript
content-length: 1205
last-modified: Wed, 25 May 2022 12:47:11 GMT
etag: "12ce-5dfd578c8dcad-gzip"
cache-control: max-age=1296000
expires: Thu, 15 Dec 2022 05:03:49 GMT
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
img5.custompublish.com/getfile.php/3820774.1285.pdueterepr/sok.svg
195.159.124.10200 OK 650 B URL HTTP/2 img5.custompublish.com/getfile.php/3820774.1285.pdueterepr/sok.svg
IP 195.159.124.10:0
ASN #2116 Globalconnect As
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (351)
Hash bf893227879cf502bae13355e2e2cb91
561e3454805bb6f149518aa4beeb042fc27fb988
5db77a55e77657e30b5de0b34a6ccbaa791605c032b77df1590eb90236515645
GET /getfile.php/3820774.1285.pdueterepr/sok.svg HTTP/1.1
Host: img5.custompublish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:48:59 GMT
content-type: image/svg+xml
content-length: 650
expires: Fri, 23 Dec 2022 00:00:00 +0100
cache-control: cache
pragma: cache
last-modified: Sat, 03 Dec 2022 00:00:00 +0100
accept-ranges: bytes
content-disposition: inline; filename="sok.svg"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
tc.tradetracker.net/?c=28599&m=0&a=207464&r=v030400014517813bccfdd83e44f3a48fd2b35cfe756b&u=http%3A%2F%2Fwww.interflora.no
108.128.89.49301 Moved Permanently 51 kB URL HTTP/2 tc.tradetracker.net/?c=28599&m=0&a=207464&r=v030400014517813bccfdd83e44f3a48fd2b35cfe756b&u=http%3A%2F%2Fwww.interflora.no
IP 108.128.89.49:0
File type gzip compressed data, from Unix\012- data
Hash da391703ee878e7d3091d69ca129bdf4
d22534792c5806b2ee7f1de971857a40d843d612
a6d8a879be4cd56930092f59617d70a2ed46fae76c0581d0a28b81ff2955033e
GET /?c=28599&m=0&a=207464&r=v030400014517813bccfdd83e44f3a48fd2b35cfe756b&u=http%3A%2F%2Fwww.interflora.no HTTP/1.1
Host: tc.tradetracker.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.srvtrck.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 05:47:33 GMT
content-type: text/html; charset=UTF-8
location: http://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
server: nginx
cache-control: no-cache, must-revalidate
set-cookie: uf=4lI%2Blw%2F4fjW3cLyGr7RwZ0lrckczcUZRR0drT3p1eHhmYU9UYWQ0ZXdyYUFSV1VucXlDNEtUdWwwNFo5R3FwL2p2OUJCdENXRUNmd1IxZXZLTldKdTFlU1ZqTTVBUDcvb1VsMUxnPT0%3D; expires=Fri, 08-Dec-2023 05:47:33 GMT; Max-Age=31536000; path=/; domain=.tradetracker.net; secure; SameSite=None
__tdat28599=MTY3MDQ3ODQ1Mzo6MDo6MjA3NDY0Ojp2MDMwNDAwMDE0NTE3ODEzYmNjZmRkODNlNDRmM2E0OGZkMmIzNWNmZTc1NmI6OmY6OjZlZjk5YTgzNGY3ZTMxY2QwMzUzZjg4ODE1MDJjNDlk; expires=Sat, 07-Jan-2023 05:47:33 GMT; Max-Age=2592000; path=/; domain=.tradetracker.net; secure; SameSite=None
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/uc.js
152.199.21.175200 OK 11 kB URL HTTP/2 policy.app.cookieinformation.com/uc.js
IP 152.199.21.175:0
File type Unicode text, UTF-8 text, with very long lines (33315), with no line terminators
Hash 1daa6fac288f313bd8259a15620e93a2
6cc7b1244182d7d00d1464006aa5eb1817fd91df
3d214ddc2ebd7cd44d079361f3662697ead14836c05ae59afc3f51df5922b36f
GET /uc.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 178
cache-control: max-age=300
content-md5: MYYKq2p56pWUQuWDOioz6A==
content-type: application/javascript
date: Thu, 08 Dec 2022 05:47:34 GMT
etag: 0x8DAC63B0E0D8AF8
expires: Thu, 08 Dec 2022 05:52:34 GMT
last-modified: Mon, 14 Nov 2022 12:23:36 GMT
server: ECAcc (ska/F74D)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5380b6f7-601e-0066-5dc8-0a776d000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 10635
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/cookiesharingiframe.html
152.199.21.175200 OK 2.8 kB URL HTTP/2 policy.app.cookieinformation.com/cookiesharingiframe.html
IP 152.199.21.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8796), with no line terminators
Hash 464df94556dbd1a2739263fcab4816f1
97697bd4140c79cca4db296ec880986a93c850db
0a9398fe42c23368200c4a6b0daa74d62666f507b3792ea43e333cf117d22e53
GET /cookiesharingiframe.html HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 146
cache-control: max-age=300
content-md5: xqkKVmywb8mz//pJblCHTA==
content-type: text/html
date: Thu, 08 Dec 2022 05:47:34 GMT
etag: 0x8DAC63B0D415222
expires: Thu, 08 Dec 2022 05:52:34 GMT
last-modified: Mon, 14 Nov 2022 12:23:35 GMT
server: ECAcc (ska/F754)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e4eddaa3-201e-00ac-32c8-0a2be4000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 2809
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/cookie-data/interflora.no/cabl.json
152.199.21.175200 OK 517 B URL HTTP/2 policy.app.cookieinformation.com/cookie-data/interflora.no/cabl.json
IP 152.199.21.175:0
File type JSON data\012- , ASCII text, with very long lines (2580), with no line terminators
Hash ff9322cbe9de6d83afa10209d3eafb4b
2f063fc74e9d7a67e408906bd10defb50ab2c950
3f8334765706d040b18c8bc94a00db025769632ec579c8c713adbb4cef022288
GET /cookie-data/interflora.no/cabl.json HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 135
cache-control: max-age=300
content-md5: ok/LH/8mmlIynA7Zs2+EFA==
content-type: application/json
date: Thu, 08 Dec 2022 05:47:34 GMT
etag: 0x8DAD58B88D5EFF5
expires: Thu, 08 Dec 2022 05:52:34 GMT
last-modified: Sun, 04 Dec 2022 00:07:29 GMT
server: ECAcc (ska/F733)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5d5154fc-701e-00b1-2fc8-0a2658000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 517
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W2PK6T
142.250.74.168200 OK 71 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W2PK6T
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (10201)
Hash 4bc1ec52c174852a3329ee30029781da
e869ee16a19343feefc601a472503cc401fdc906
8910d409f2366a585949397783bee7c24db95ca62be0eab3c21b5892a84497df
GET /gtm.js?id=GTM-W2PK6T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 05:47:34 GMT
expires: Thu, 08 Dec 2022 05:47:34 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71082
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.interflora.no/getfile.php/5099057.1285.jqklqsji7mjsa7/forside+jul_2022_03.jpg
195.159.124.17302 Found 0 B URL HTTP/2 www.interflora.no/getfile.php/5099057.1285.jqklqsji7mjsa7/forside+jul_2022_03.jpg
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getfile.php/5099057.1285.jqklqsji7mjsa7/forside+jul_2022_03.jpg HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: https://img5.custompublish.com/getfile.php/5099057.1285.jqklqsji7mjsa7/forside+jul_2022_03.jpg?return=www.interflora.no
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 36820
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 05:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 36799
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
216.58.207.227200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:53:43 GMT
expires: Sat, 02 Dec 2023 06:53:43 GMT
cache-control: public, max-age=31536000
age: 514431
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 36818
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.lipscore.com/assets/no/lipscore-v1.js
54.230.111.53200 OK 69 kB URL HTTP/1.1 static.lipscore.com/assets/no/lipscore-v1.js
IP 54.230.111.53:0
File type ASCII text, with very long lines (589)
Hash 2eef628a60ff2ca41fadadb1c952f08a
fbb4c24885de13a06bacade9092b9c8b223297da
81f628633f17ee1e87666b9daaedf77ea6247c42fcaee60a8d6c9394c00d320c
GET /assets/no/lipscore-v1.js HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 69313
Connection: keep-alive
Date: Thu, 08 Dec 2022 05:32:14 GMT
Last-Modified: Thu, 08 Dec 2022 05:31:50 GMT
ETag: "2eef628a60ff2ca41fadadb1c952f08a"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oipHB4QJ9hzrWnFFZFCRcEg8YEqhkiS1gzoli60mAPErvvGV4oS0Yg==
Age: 921
img5.custompublish.com/getfile.php/5099057.1285.jqklqsji7mjsa7/forside+jul_2022_03.jpg?return=www.interflora.no
195.159.124.10200 OK 1.2 MB URL HTTP/2 img5.custompublish.com/getfile.php/5099057.1285.jqklqsji7mjsa7/forside+jul_2022_03.jpg?return=www.interflora.no
IP 195.159.124.10:0
ASN #2116 Globalconnect As
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2718x1300, components 3\012- data
Size 1.2 MB (1199309 bytes)
Hash b7da41fdb89ab316ed437873727774fd
2ea7aff46a675530b081728ac50564666bc9bebe
b250707efe857e693aa4914d1d1a36a78c8cd521dc30aba5bb924112bf237d64
GET /getfile.php/5099057.1285.jqklqsji7mjsa7/forside+jul_2022_03.jpg?return=www.interflora.no HTTP/1.1
Host: img5.custompublish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interflora.no/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:48:59 GMT
content-type: image/jpeg
content-length: 1199309
expires: Fri, 23 Dec 2022 00:00:00 +0100
cache-control: cache
pragma: cache
last-modified: Sat, 03 Dec 2022 00:00:00 +0100
accept-ranges: bytes
content-disposition: inline; filename="forside%2Bjul_2022_03.jpg"
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
instant.page/1.2.2
104.17.10.26200 OK 12 kB IP 104.17.10.26:0
Hash f96aa5eab2d041d1ab6179a6ce549eb5
95fe1e53dc71bcbc09e544e04586764569184338
23fd79c6abd2604e98c5d40fb9dd3c944da202b6ea771561076756f242bd6224
GET /1.2.2 HTTP/1.1
Host: instant.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77633502ab73b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
policy.app.cookieinformation.com/9e5f1e/interflora.no/nb.js
152.199.21.175200 OK 14 kB URL HTTP/2 policy.app.cookieinformation.com/9e5f1e/interflora.no/nb.js
IP 152.199.21.175:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (65340)
Hash 2522427d6938d0c8a1413b62a65baa28
63d715408db00c0144388268e1583c3f35a49d6d
d71ca141ee761d94f6c98115c7e78dc1020a1eacc9c0bb95eaea62a9c3e51a16
GET /9e5f1e/interflora.no/nb.js HTTP/1.1
Host: policy.app.cookieinformation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 20
cache-control: max-age=300
content-md5: qxZzHhFZbkknDnkjm2HtLA==
content-type: application/javascript
date: Thu, 08 Dec 2022 05:47:34 GMT
etag: 0x8DAD58B88E000E9
expires: Thu, 08 Dec 2022 05:52:34 GMT
last-modified: Sun, 04 Dec 2022 00:07:29 GMT
server: ECAcc (ska/F7AD)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e4a2f81f-e01e-00a3-4ec8-0a5d88000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet
content-length: 14251
X-Firefox-Spdy: h2
www.interflora.no/fmo/favicon/favicon-16x16.png
195.159.124.17200 OK 1.3 kB URL HTTP/2 www.interflora.no/fmo/favicon/favicon-16x16.png
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash df8bfede92b719e1dc38aad1b2d05439
a496de68fd1f31878326cac0ea7c8887c87c8fd0
194e64b3bee35700d793acf55aa2e7e487edcb4363958d165113cdc5fc398292
GET /fmo/favicon/favicon-16x16.png HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: image/png
content-length: 1268
access-control-allow-origin: *
expires: Fri, 23 Dec 2022 00:00:00 +0100
cache-control: cache
pragma: cache
accept-ranges: bytes
content-disposition: inline; filename="favicon-16x16.png"
last-modified: Sat, 03 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/favicons/ifloralogo--svg.svg
195.159.124.17200 OK 4.7 kB URL HTTP/2 www.interflora.no/customers/interflora/favicons/ifloralogo--svg.svg
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (10925), with no line terminators
Hash 55a7816c21335876473e4b0790be1e83
26d0c8ca42f20d049691e18940f77524bd8bff5c
fbda35310d29d71f3546917b2d151e0c225b158af8f9c7c0d5914a88578ec1c2
GET /customers/interflora/favicons/ifloralogo--svg.svg HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: image/svg+xml
content-length: 4687
last-modified: Mon, 14 Jun 2021 18:41:27 GMT
etag: "2aad-5c4be34873003-gzip"
accept-ranges: bytes
cache-control: max-age=60
expires: Thu, 08 Dec 2022 05:48:34 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/prodimage.php?prodno=910221&aid=6569433&scale=350x350
195.159.124.17302 Found 0 B URL HTTP/2 www.interflora.no/customers/interflora/prodimage.php?prodno=910221&aid=6569433&scale=350x350
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /customers/interflora/prodimage.php?prodno=910221&aid=6569433&scale=350x350 HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /customers/interflora/imagedb/getfile.php/Nettbutikk/910221_blomster_bukett.jpg?scale=350x350&selectedprice=
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/prodimage.php?prodno=910222&aid=6569434&scale=350x350
195.159.124.17302 Found 0 B URL HTTP/2 www.interflora.no/customers/interflora/prodimage.php?prodno=910222&aid=6569434&scale=350x350
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /customers/interflora/prodimage.php?prodno=910222&aid=6569434&scale=350x350 HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /customers/interflora/imagedb/getfile.php/Nettbutikk/910222_blomst_julestjerne.jpg?scale=350x350&selectedprice=
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/prodimage.php?prodno=220714&aid=6569177&scale=350x350
195.159.124.17302 Found 0 B URL HTTP/2 www.interflora.no/customers/interflora/prodimage.php?prodno=220714&aid=6569177&scale=350x350
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /customers/interflora/prodimage.php?prodno=220714&aid=6569177&scale=350x350 HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /customers/interflora/imagedb/getfile.php/Nettbutikk/220714_blomst_julestjerne.jpg?scale=350x350&selectedprice=
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/prodimage.php?prodno=220708&aid=6567322&scale=350x350
195.159.124.17302 Found 0 B URL HTTP/2 www.interflora.no/customers/interflora/prodimage.php?prodno=220708&aid=6567322&scale=350x350
IP 195.159.124.17:0
ASN #2116 Globalconnect As
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /customers/interflora/prodimage.php?prodno=220708&aid=6567322&scale=350x350 HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /customers/interflora/imagedb/getfile.php/Nettbutikk/220708_blomster_bukett.jpg?scale=350x350&selectedprice=
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/imagedb/getfile.php/Nettbutikk/910221_blomster_bukett.jpg?scale=350x350&selectedprice=
195.159.124.17200 OK 40 kB URL HTTP/2 www.interflora.no/customers/interflora/imagedb/getfile.php/Nettbutikk/910221_blomster_bukett.jpg?scale=350x350&selectedprice=
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 7d71f51becfd34ed970dd8e63d60ab8a
db8ee85d39ac22023b0e5fa1f164e8e1c93df61f
80bf5b729a35249cba2800229cf34c9a912d271faf71276810c3ba23c99773d6
GET /customers/interflora/imagedb/getfile.php/Nettbutikk/910221_blomster_bukett.jpg?scale=350x350&selectedprice= HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Connection: keep-alive
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: image/jpeg
content-length: 40231
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/imagedb/getfile.php/Nettbutikk/220708_blomster_bukett.jpg?scale=350x350&selectedprice=
195.159.124.17200 OK 72 kB URL HTTP/2 www.interflora.no/customers/interflora/imagedb/getfile.php/Nettbutikk/220708_blomster_bukett.jpg?scale=350x350&selectedprice=
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash f306f4bc47beb9f039b846d31f0dfd85
db39c6598c57e9bf7b709ecfd046add005a52bf3
504432423d44c2723273bdac0157d65c33a3f078c42f2a540394f8430c0d29da
GET /customers/interflora/imagedb/getfile.php/Nettbutikk/220708_blomster_bukett.jpg?scale=350x350&selectedprice= HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Connection: keep-alive
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: image/jpeg
content-length: 71600
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/imagedb/getfile.php/Nettbutikk/910222_blomst_julestjerne.jpg?scale=350x350&selectedprice=
195.159.124.17200 OK 34 kB URL HTTP/2 www.interflora.no/customers/interflora/imagedb/getfile.php/Nettbutikk/910222_blomst_julestjerne.jpg?scale=350x350&selectedprice=
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 0084af546313630e5dd741a4d57cdfb0
b90a3d977f1324ecf5421089d1ffb1624b2fa7f2
579d604baa2dc198610b4fcb4889532d32ed5b8910c77a7865ce1e479197729b
GET /customers/interflora/imagedb/getfile.php/Nettbutikk/910222_blomst_julestjerne.jpg?scale=350x350&selectedprice= HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Connection: keep-alive
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: image/jpeg
content-length: 34046
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
www.interflora.no/customers/interflora/imagedb/getfile.php/Nettbutikk/220714_blomst_julestjerne.jpg?scale=350x350&selectedprice=
195.159.124.17200 OK 58 kB URL HTTP/2 www.interflora.no/customers/interflora/imagedb/getfile.php/Nettbutikk/220714_blomst_julestjerne.jpg?scale=350x350&selectedprice=
IP 195.159.124.17:0
ASN #2116 Globalconnect As
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 350x350, components 3\012- data
Hash 5b258d55a53e5746dec493bd8ab07aea
d8347c74abec8d64273a902eabef2222c7968750
773bf8722ab001c4a621c032c519f23a7c6deb42108e105571f7c037c1619c62
GET /customers/interflora/imagedb/getfile.php/Nettbutikk/220714_blomst_julestjerne.jpg?scale=350x350&selectedprice= HTTP/1.1
Host: www.interflora.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.interflora.no/?utm_source=tradetracker&utm_medium=&utm_content=custom
Connection: keep-alive
Cookie: TT2_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; TTS_28599=0%3A%3A207464%3A%3Av030400014517813bccfdd83e44f3a48fd2b35cfe756b%3A%3Adcff4ef5054ef2ca2ea0bc737712384c%3A%3A1670478453; PHPSESSID=661b145806cb19ef739e2c234c727e6a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:34 GMT
content-type: image/jpeg
content-length: 57938
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
accept-ranges: bytes
strict-transport-security: max-age=63072000
X-Firefox-Spdy: h2
wapi.lipscore.com/hit?api_key=eb11b2d8cc3916188950c42e
199.232.198.217200 OK 0 B URL HTTP/2 wapi.lipscore.com/hit?api_key=eb11b2d8cc3916188950c42e
IP 199.232.198.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?api_key=eb11b2d8cc3916188950c42e HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-credentials: true
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:47:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1670478455.943715,VS0,VE0
access-control-allow-origin: https://www.interflora.no
content-length: 0
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/settings/show?api_key=eb11b2d8cc3916188950c42e&invitation_template_id=&lang=
199.232.198.217200 OK 9.8 kB URL HTTP/2 wapi.lipscore.com/initial_data/settings/show?api_key=eb11b2d8cc3916188950c42e&invitation_template_id=&lang=
IP 199.232.198.217:0
File type JSON data\012- , ASCII text, with very long lines (9808), with no line terminators
Hash 9a71ce79e6878d15394f191297846245
25b8278f30a7624f2822a52885951fc1a388d744
495d89eaa9c077d1463effe5dfdb70b2f77cb6f2b214ed1e7451b0145d7215ad
GET /initial_data/settings/show?api_key=eb11b2d8cc3916188950c42e&invitation_template_id=&lang= HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 643796f9-17b7-4500-93c2-c09af647d892
x-runtime: 0.018365
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:47:34 GMT
age: 1169591
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670478455.948911,VS0,VE3
vary: Origin
access-control-allow-origin: https://www.interflora.no
content-length: 9808
X-Firefox-Spdy: h2
wapi.lipscore.com/initial_data/products/show?api_key=eb11b2d8cc3916188950c42e&internal_id=service_review&widgets=srw_t&translate_to_lang=no
199.232.198.217200 OK 1.7 kB URL HTTP/2 wapi.lipscore.com/initial_data/products/show?api_key=eb11b2d8cc3916188950c42e&internal_id=service_review&widgets=srw_t&translate_to_lang=no
IP 199.232.198.217:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1655), with no line terminators
Hash 52418fa84869decf5cb612410cf55818
51e4b4a373249c4d04294e9ac57d4a0fb704b681
bf8d74471d85492e5c1d386bf735316d9285f8a610564b70fa610cf447a36253
GET /initial_data/products/show?api_key=eb11b2d8cc3916188950c42e&internal_id=service_review&widgets=srw_t&translate_to_lang=no HTTP/1.1
Host: wapi.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Cowboy
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE
access-control-expose-headers: X-Pagination
access-control-max-age: 86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-credentials: true
access-control-allow-headers: X-Http-Method-Override
cache-control: public, no-cache
content-type: application/json; charset=utf-8
x-request-id: 4e13e013-11ce-4066-a115-3ab338a897d5
x-runtime: 1.665166
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Thu, 08 Dec 2022 05:47:34 GMT
age: 3452
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670478455.974273,VS0,VE3
vary: Origin
access-control-allow-origin: https://www.interflora.no
content-length: 1662
X-Firefox-Spdy: h2
static.lipscore.com/assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2
54.230.111.53200 OK 17 kB URL HTTP/1.1 static.lipscore.com/assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2
IP 54.230.111.53:0
File type Web Open Font Format (Version 2), TrueType, length 16692, version 1.0\012- data
Hash d65113b6da7ba4bd0a59dbda5a7e24d4
929ecf3ad6ab03123a7bad0609b4b8ba1623d4e8
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
GET /assets/open-sans-v28-latin-regular-3a4008731c191705801f63ec14eafba4.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 16692
Connection: keep-alive
Date: Thu, 08 Dec 2022 05:34:52 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 08 Dec 2022 05:30:31 GMT
ETag: "d65113b6da7ba4bd0a59dbda5a7e24d4"
Cache-Control: public, max-age=31557600
Expires: Fri, 08 Dec 2023 11:30:30 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X_C79M_zLBIbY2MapVVBJtm7QTAHgshc2OkHCTdcYTyrMbhxMHx46w==
Age: 764
static.lipscore.com/assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2
54.230.111.53200 OK 16 kB URL HTTP/1.1 static.lipscore.com/assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2
IP 54.230.111.53:0
File type Web Open Font Format (Version 2), TrueType, length 16408, version 1.0\012- data
Hash 875ba54801f7cf83ea70abf613fab665
a747343db86c1ba5d10d6cb1814fd6ac6db42b65
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
GET /assets/open-sans-v28-latin-700-db19bea34e8fbdc91e7693895264876f.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 16408
Connection: keep-alive
Date: Thu, 08 Dec 2022 05:36:56 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 08 Dec 2022 05:28:24 GMT
ETag: "875ba54801f7cf83ea70abf613fab665"
Cache-Control: public, max-age=31557600
Expires: Fri, 08 Dec 2023 11:28:22 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tgC3fAkflP_SMTE6hin4A6CGM2J1EUJL6pjptNEl_c4xrbYGrLnzBA==
Age: 640
static.lipscore.com/assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2
54.230.111.53200 OK 18 kB URL HTTP/1.1 static.lipscore.com/assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2
IP 54.230.111.53:0
File type Web Open Font Format (Version 2), TrueType, length 17768, version 1.0\012- data
Hash b42f06e6ecc6ae551b010ba0ff4fa6a3
363c4ff155d5e82e88d9dfe31e129dcf62b4dced
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
GET /assets/open-sans-v28-latin-italic-e3f4a564cfb199cd0a07cf0104e8c84c.woff2 HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 17768
Connection: keep-alive
Date: Thu, 08 Dec 2022 05:37:08 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 08 Dec 2022 05:28:50 GMT
ETag: "b42f06e6ecc6ae551b010ba0ff4fa6a3"
Cache-Control: public, max-age=31557600
Expires: Fri, 08 Dec 2023 11:28:49 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1sbINoR24XETw3jcR9h_68mpT76M3gGfOJ32EOaUQTq-M75eFTPB9Q==
Age: 628
static.lipscore.com/assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff
54.230.111.53200 OK 1.2 kB URL HTTP/1.1 static.lipscore.com/assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff
IP 54.230.111.53:0
File type Web Open Font Format, CFF, length 1192, version 1.0\012- data
Hash c6d2fba8756c3e43a3dbd5c708550121
691694201280898a21a535ff904712c0c8da4545
3db7852ef1e0fa9f2bbf21800b7a600ceece16e69f5781b0c205984c1ac460ee
GET /assets/lipscore-plugin-icons-50b4b25eca9136b22bd93da92567e966.woff HTTP/1.1
Host: static.lipscore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://static.lipscore.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/font-woff
Content-Length: 1192
Connection: keep-alive
Date: Thu, 08 Dec 2022 05:47:36 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 08 Dec 2022 05:28:20 GMT
ETag: "c6d2fba8756c3e43a3dbd5c708550121"
Cache-Control: public, max-age=31557600
Expires: Fri, 08 Dec 2023 11:28:19 GMT
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: odoqqDUP5KCzBaLIHoqRXzc9Z3ZXUtxjkDzEglCmSRz86-T0nEIXTw==
p201298.mybettermb.com/adServe/domainClick?ai=GNWsBy0vmeWNIRD1OGzon2SZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF6ciSN7CaQexuqZ_HrRuXqwbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-SbvFnKLkrsn4iLRBjWVZn5s2OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-LKm9jbl9T85jWrYzhVCXppWMt11ucqtjA&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukPxZyi5K7J-ImFDHVMpq5qMUg6Ebh3rOaTfx-1CQx6Va7z6eZJs39IRQdYBSGvjOAJIpRolbwhPuw&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0
108.168.193.189200 OK 0 B URL HTTP/2 p201298.mybettermb.com/adServe/domainClick?ai=GNWsBy0vmeWNIRD1OGzon2SZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF6ciSN7CaQexuqZ_HrRuXqwbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-SbvFnKLkrsn4iLRBjWVZn5s2OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-LKm9jbl9T85jWrYzhVCXppWMt11ucqtjA&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukPxZyi5K7J-ImFDHVMpq5qMUg6Ebh3rOaTfx-1CQx6Va7z6eZJs39IRQdYBSGvjOAJIpRolbwhPuw&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0
IP 108.168.193.189:0
GET /adServe/domainClick?ai=GNWsBy0vmeWNIRD1OGzon2SZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF6ciSN7CaQexuqZ_HrRuXqwbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-SbvFnKLkrsn4iLRBjWVZn5s2OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-LKm9jbl9T85jWrYzhVCXppWMt11ucqtjA&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukPxZyi5K7J-ImFDHVMpq5qMUg6Ebh3rOaTfx-1CQx6Va7z6eZJs39IRQdYBSGvjOAJIpRolbwhPuw&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0 HTTP/1.1
Host: p201298.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Cookie: rhid=82510227998
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 05:47:30 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
set-cookie: rhid=82510227998; Max-Age=15552000; Expires=Tue, 06-Jun-2023 05:47:30 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_1336737_off_779865_aff_89990_cid_201298-MKKUEI4KDSZ.COM_ts_1670478450; Max-Age=3600; Expires=Thu, 08-Dec-2022 06:47:30 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2
poroshop.com/redirect-simple?ci=254&c=no&m_c_r=-1&c_p=s&c_s=438203600&c_k=electronics&c_geo=NO&c_d=Desktop
185.209.223.208200 OK 0 B URL HTTP/2 poroshop.com/redirect-simple?ci=254&c=no&m_c_r=-1&c_p=s&c_s=438203600&c_k=electronics&c_geo=NO&c_d=Desktop
IP 185.209.223.208:0
GET /redirect-simple?ci=254&c=no&m_c_r=-1&c_p=s&c_s=438203600&c_k=electronics&c_geo=NO&c_d=Desktop HTTP/1.1
Host: poroshop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 08 Dec 2022 05:47:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.29
x-frame-options: *
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Permanent+Marker&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Permanent+Marker&display=swap
IP 142.250.74.74:0
GET /css?family=Permanent+Marker&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poroshop.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 05:47:32 GMT
date: Thu, 08 Dec 2022 05:47:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
216.58.207.227200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 216.58.207.227:0
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.interflora.no
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 20:33:17 GMT
expires: Fri, 01 Dec 2023 20:33:17 GMT
cache-control: public, max-age=31536000
age: 551657
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.74:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 05:47:34 GMT
date: Thu, 08 Dec 2022 05:47:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500&family=Roboto:wght@300;400;500&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500&family=Roboto:wght@300;400;500&display=swap
IP 142.250.74.74:0
GET /css2?family=Playfair+Display:wght@400;500&family=Roboto:wght@300;400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.interflora.no/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 05:47:34 GMT
date: Thu, 08 Dec 2022 05:47:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2