ajrccade.org/
81.17.18.196200 OK 468 B IP 81.17.18.196:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (468), with no line terminators
Hash cad4176e02987be1fce94baa95a7cce0
fdcced6645c4df80989d3b30977d579e3b5349d3
88c71c506e4d51add4dfe377075ed79c6ef1bc7c48212a3a244724e82f960232
GET / HTTP/1.1
Host: ajrccade.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 468
content-type: text/html; charset=utf-8
date: Tue, 06 Sep 2022 17:36:20 GMT
server: nginx
set-cookie: sid=6b9fd624-2e0a-11ed-aaad-b758c2c8985a; path=/; domain=.ajrccade.org; expires=Sun, 24 Sep 2090 20:50:27 GMT; max-age=2147483647; HttpOnly
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 17:04:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xfxCIVUritn-Y2ZJrBLgMnxcN9DmwZeUb6o-2xT0Q2jgZMZHWYByag==
Age: 1921
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15918
Expires: Tue, 06 Sep 2022 22:01:39 GMT
Date: Tue, 06 Sep 2022 17:36:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -ukPzSb74eKxP6zZcoyMNJHpGVxZ75r_qa6EXwwkywFo0QobTGiFGw==
age: 58864
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:36:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajrccade.org/favicon.ico
81.17.18.196404 Not Found 9 B IP 81.17.18.196:0
ASN #51852 Private Layer INC
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: ajrccade.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ajrccade.org/
Cookie: sid=6b9fd624-2e0a-11ed-aaad-b758c2c8985a
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Tue, 06 Sep 2022 17:36:21 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 16:38:18 GMT
Expires: Tue, 06 Sep 2022 17:35:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fTPeF5QGYdAgwmoCHy3S5wmJr0B6567v5GVi7UtmUQCC9BXmq6LJ2w==
Age: 3483
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5978
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:36:21 GMT
Last-Modified: Tue, 06 Sep 2022 15:56:43 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ajrccade.org/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjQ5Mjk4MCwiaWF0IjoxNjYyNDg1NzgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczk1YzBqYzlwdWZ1YjBkNWswbG5qMjIiLCJuYmYiOjE2NjI0ODU3ODAsInRzIjoxNjYyNDg1NzgwODYwMDgxfQ.QjkZOXxFNwp5OQ45-3GGQNl96wq9eN-751YDHpC9bro&sid=6b9fd624-2e0a-11ed-aaad-b758c2c8985a
81.17.18.196302 Found 11 B URL HTTP/1.1 ajrccade.org/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjQ5Mjk4MCwiaWF0IjoxNjYyNDg1NzgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczk1YzBqYzlwdWZ1YjBkNWswbG5qMjIiLCJuYmYiOjE2NjI0ODU3ODAsInRzIjoxNjYyNDg1NzgwODYwMDgxfQ.QjkZOXxFNwp5OQ45-3GGQNl96wq9eN-751YDHpC9bro&sid=6b9fd624-2e0a-11ed-aaad-b758c2c8985a
IP 81.17.18.196:0
ASN #51852 Private Layer INC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2MjQ5Mjk4MCwiaWF0IjoxNjYyNDg1NzgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyczk1YzBqYzlwdWZ1YjBkNWswbG5qMjIiLCJuYmYiOjE2NjI0ODU3ODAsInRzIjoxNjYyNDg1NzgwODYwMDgxfQ.QjkZOXxFNwp5OQ45-3GGQNl96wq9eN-751YDHpC9bro&sid=6b9fd624-2e0a-11ed-aaad-b758c2c8985a HTTP/1.1
Host: ajrccade.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ajrccade.org/
Cookie: sid=6b9fd624-2e0a-11ed-aaad-b758c2c8985a
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 06 Sep 2022 17:36:21 GMT
location: http://balor-ghn.com/zcvisitor/6bea9604-2e0a-11ed-a0a4-120392771977/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
server: nginx
set-cookie: sid=6b9fd624-2e0a-11ed-aaad-b758c2c8985a; path=/; domain=.ajrccade.org; expires=Sun, 24 Sep 2090 20:50:28 GMT; max-age=2147483647; HttpOnly
balor-ghn.com/zcvisitor/6bea9604-2e0a-11ed-a0a4-120392771977/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
34.194.66.161200 996 B URL HTTP/1.1 balor-ghn.com/zcvisitor/6bea9604-2e0a-11ed-a0a4-120392771977/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
IP 34.194.66.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 307c2ed13f5e52b53ec364d16960da27
1369d61e6515b110a375200c9db5fb24a329b787
7a5e31fe0c60abbcb1c5e5a44ddc53cb74670c4065b1bf6d9473d6b98f7222c2
Analyzer Verdict Alert fortinet Phishing
GET /zcvisitor/6bea9604-2e0a-11ed-a0a4-120392771977/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97 HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ajrccade.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 06 Sep 2022 17:36:22 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: uWxtlizA
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G2tpAcVMeZUkkOLPxfyVpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: k/2XsaLnTbcPrMrwTchTFn3XxdQ=
balor-ghn.com/zcredirect?visitid=6bea9604-2e0a-11ed-a0a4-120392771977&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
34.194.66.161200 516 B URL HTTP/1.1 balor-ghn.com/zcredirect?visitid=6bea9604-2e0a-11ed-a0a4-120392771977&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 34.194.66.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a9f6bfdd98ac34e70580fb152969d343
7874c1529951fb461083696fd6cc0ba87aa94fad
1f2e88da883b8f968888ca19456d7d6497271059424bb420bc9347481f8c8aff
GET /zcredirect?visitid=6bea9604-2e0a-11ed-a0a4-120392771977&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balor-ghn.com/zcvisitor/6bea9604-2e0a-11ed-a0a4-120392771977/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 06 Sep 2022 17:36:22 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: pumQWJvp
track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr6bea96042e0a11eda0a41203927719773cdab9e9205f4a46badbfe8905abcd1d067337ec655667ab81
35.180.17.130200 OK 310 B URL HTTP/2 track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr6bea96042e0a11eda0a41203927719773cdab9e9205f4a46badbfe8905abcd1d067337ec655667ab81
IP 35.180.17.130:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2adbc1386385e3efd3a50e77dfa12eab
7ca26ecf813082408297870a637766923253be44
13a3ba3a50f6cef10e2c842e304d867c348a2deb15c7a2ef134cd03ef3148b99
GET /tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr6bea96042e0a11eda0a41203927719773cdab9e9205f4a46badbfe8905abcd1d067337ec655667ab81 HTTP/1.1
Host: track.domainparkingmanager.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balor-ghn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 06 Sep 2022 17:36:22 GMT
content-length: 310
X-Firefox-Spdy: h2
track.domainparkingmanager.it/favicon.ico
35.180.17.130404 Not Found 1.2 kB URL HTTP/2 track.domainparkingmanager.it/favicon.ico
IP 35.180.17.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
GET /favicon.ico HTTP/1.1
Host: track.domainparkingmanager.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr6bea96042e0a11eda0a41203927719773cdab9e9205f4a46badbfe8905abcd1d067337ec655667ab81
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 06 Sep 2022 17:36:22 GMT
content-length: 1245
X-Firefox-Spdy: h2
track.domainparkingmanager.it/tm2.ashx?&source=zp-1-1891178&pubid=zr6bea96042e0a11eda0a41203927719773cdab9e9205f4a46&cost=0.010000
35.180.17.130302 Found 158 B URL HTTP/2 track.domainparkingmanager.it/tm2.ashx?&source=zp-1-1891178&pubid=zr6bea96042e0a11eda0a41203927719773cdab9e9205f4a46&cost=0.010000
IP 35.180.17.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c184564c5f290572d03b0323eea4a55c
69da0e3bf633ce90de367906bec08827b7bf6bc4
12c579efcf0764649601111907e6c63bb7e31b074bc3c4fa78da027c7f1ef362
GET /tm2.ashx?&source=zp-1-1891178&pubid=zr6bea96042e0a11eda0a41203927719773cdab9e9205f4a46&cost=0.010000 HTTP/1.1
Host: track.domainparkingmanager.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr6bea96042e0a11eda0a41203927719773cdab9e9205f4a46badbfe8905abcd1d067337ec655667ab81
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
cache-control: private
content-type: text/html; charset=utf-8
location: https://service.no.like.it/in.ashx?c=1171
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 06 Sep 2022 17:36:22 GMT
content-length: 158
X-Firefox-Spdy: h2
service.no.like.it/in.ashx?c=1171
35.180.205.178302 Found 191 B URL HTTP/2 service.no.like.it/in.ashx?c=1171
IP 35.180.205.178:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2438a98eb6150cb98a2160822bdda077
ad5440181c3a41769fd3dd44cfa7bd6fec6a4931
04050b4b187c90a8fb3f3d4ab28eb9972e3265cc2ae8baf0448718df16fce292
GET /in.ashx?c=1171 HTTP/1.1
Host: service.no.like.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track.domainparkingmanager.it/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
location: https://no.like.it/Search?q=billig bredband&country=no&language=no
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-aspnet-version: 4.0.30319
set-cookie: clkmrctrvsprx=http://domainparking.io/out.aspx?keyword=billig+bredband&c=1171&logcookie=23941240; domain=no.like.it; expires=Tue, 06-Sep-2022 17:37:23 GMT; path=/; secure; SameSite=None
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 06 Sep 2022 17:36:23 GMT
content-length: 191
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60a6d5441f63dcb1ccbac7c9a481c690
bbea0e6911cc556151c4f37b08faa07c5f055284
6386f792c653d742e1508ba2fc74a9be70defefad773d57334ca85841e41961b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6386F792C653D742E1508BA2FC74A9BE70DEFEFAD773D57334CA85841E41961B"
Last-Modified: Sun, 04 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19025
Expires: Tue, 06 Sep 2022 22:53:28 GMT
Date: Tue, 06 Sep 2022 17:36:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7775
Expires: Tue, 06 Sep 2022 19:45:58 GMT
Date: Tue, 06 Sep 2022 17:36:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7775
Expires: Tue, 06 Sep 2022 19:45:58 GMT
Date: Tue, 06 Sep 2022 17:36:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7775
Expires: Tue, 06 Sep 2022 19:45:58 GMT
Date: Tue, 06 Sep 2022 17:36:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8OlwFzmUfQEPeP7pT-g5wRMq0I1jllBnRU0Nxk4kNkcVD_evLZYc7g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:17:51 GMT
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
age: 69512
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb4b1d74f1443bc3328301ab3ae6464
2768253dacaaad6cb498c6b2eb7694208b0ce0a6
07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wifFJYoAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wd9SF3txQNTVUaSPcKQ_nQfPt1pBjFbuHzSZiQjfbGBSb-i7J8Rgjg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 20:12:25 GMT
age: 77038
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 71441
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:41:25 GMT
age: 35698
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 46771
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 70583
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
no.like.it/Search?q=billig%20bredband&country=no&language=no
185.25.205.112200 OK 9.9 kB URL HTTP/2 no.like.it/Search?q=billig%20bredband&country=no&language=no
IP 185.25.205.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8392), with CRLF, LF line terminators
Hash 620e9a96cb2767b6077d45bb6ef120a3
9d06c4b5e1d37edbd79c692203fddfc44781902f
528dd52b05322f3223d056e7442bf669a45b571e35c1919b50e9d8b1e5384a9d
GET /Search?q=billig%20bredband&country=no&language=no HTTP/1.1
Host: no.like.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://track.domainparkingmanager.it/
Connection: keep-alive
Cookie: clkmrctrvsprx=http://domainparking.io/out.aspx?keyword=billig+bredband&c=1171&logcookie=23941240
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Sep 2022 17:33:42 GMT
content-length: 9942
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:36:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 40317fe01a5abddf1b98f053294b7d62
78e0b1e9ff8c80ac2de3de493d35251ef59f3b63
2a043b429bb56fdc9c12f6f1468d3c047e7749e39d5b0ff86780320432338822
GET /recaptcha/api.js?render=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.like.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 17:36:23 GMT
date: Tue, 06 Sep 2022 17:36:23 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:36:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 1c2942db0eaf08ace5cfb1d1dcf96d5a
e20d1c0dab0c43a6d082d25a0c4b62c2a8c4c2ea
dbde445075493a8618566d787cde6e3ac22006d31b4424e9b1257e00f101f7b5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 17:36:24 GMT
Etag: "6316f446-1d7"
Last-Modified: Tue, 06 Sep 2022 15:47:40 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: a_ocuWU5NABaExupf_BncqOC9wzzCAb_OcKvoCdJ7E65A16hk6zbVw==
Age: 6524
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 1c2942db0eaf08ace5cfb1d1dcf96d5a
e20d1c0dab0c43a6d082d25a0c4b62c2a8c4c2ea
dbde445075493a8618566d787cde6e3ac22006d31b4424e9b1257e00f101f7b5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 17:36:24 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: etHnDsOxaaSh8RfPlXu4lz0owgfpwUr6_pqRnGqUFbSDAF7ksmJ1Fg==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:36:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
IP 142.250.74.163:0
File type HTML document, ASCII text, with very long lines (579)
Size 158 kB (158056 bytes)
Hash d63a69f898e1d00cfc7c871744ded8c4
e166540eccb571c95c8c1135c2168cf5df306991
ed7892ca1498d6dfc0ff8b354ab8c409eed81b1fa77b427467815d0c7f45021c
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://no.like.it
Connection: keep-alive
Referer: https://no.like.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 21:31:14 GMT
expires: Sat, 02 Sep 2023 21:31:14 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
age: 331510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:36:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yu.imageadvantage.net/1/AA/83/196218290CEEC7103EEC7AA2647.jpg?pid=9653.100&qs=yvFfpmqoj%29fyfihdwh-bi%7C%40%C2%80%7B%7E%2Fgxg%C2%822up%2BzwuAYbxqw%29sn%21xzdkmsu%25hunhi%C3%A6sj%236%24Rbrvdwnl%21u%C3%AB%23%7Bezly%26lwxlsskw%7D%2AkfxCV%7Dv%C3%BFnrk%2F%29wwjqrh5%24zvwlh5%24vh%25LUR%24iszq%23osy%21mkon%24mbrooriu%2F%25Tr%7Bklt%25hh%7Cxl%21iov%7Dvplyygnoujsm%24%29%C3%89wfsz%23tn%C3%BFq%25o%23%3C4%27efmh%7B0%27jsmhw%24ijsjlwkzunj%2F%29sn%21lugn%24wsnyh%7B%25%27Otxjnw%27cjywn%24kjxzuro%7Btiknwmuh%26&d=www.brdy.no
54.230.111.91302 Moved Temporarily 1.0 kB URL HTTP/1.1 yu.imageadvantage.net/1/AA/83/196218290CEEC7103EEC7AA2647.jpg?pid=9653.100&qs=yvFfpmqoj%29fyfihdwh-bi%7C%40%C2%80%7B%7E%2Fgxg%C2%822up%2BzwuAYbxqw%29sn%21xzdkmsu%25hunhi%C3%A6sj%236%24Rbrvdwnl%21u%C3%AB%23%7Bezly%26lwxlsskw%7D%2AkfxCV%7Dv%C3%BFnrk%2F%29wwjqrh5%24zvwlh5%24vh%25LUR%24iszq%23osy%21mkon%24mbrooriu%2F%25Tr%7Bklt%25hh%7Cxl%21iov%7Dvplyygnoujsm%24%29%C3%89wfsz%23tn%C3%BFq%25o%23%3C4%27efmh%7B0%27jsmhw%24ijsjlwkzunj%2F%29sn%21lugn%24wsnyh%7B%25%27Otxjnw%27cjywn%24kjxzuro%7Btiknwmuh%26&d=www.brdy.no
IP 54.230.111.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (756)
Hash 4b82ad813923d820befb04e82df2298f
ce2932b9c3da1a81be24f59512409ed28392193a
e8523f7d5facc01248fdf2b5f173460a490c5dd126d4186c1a06a43c000a4132
GET /1/AA/83/196218290CEEC7103EEC7AA2647.jpg?pid=9653.100&qs=yvFfpmqoj%29fyfihdwh-bi%7C%40%C2%80%7B%7E%2Fgxg%C2%822up%2BzwuAYbxqw%29sn%21xzdkmsu%25hunhi%C3%A6sj%236%24Rbrvdwnl%21u%C3%AB%23%7Bezly%26lwxlsskw%7D%2AkfxCV%7Dv%C3%BFnrk%2F%29wwjqrh5%24zvwlh5%24vh%25LUR%24iszq%23osy%21mkon%24mbrooriu%2F%25Tr%7Bklt%25hh%7Cxl%21iov%7Dvplyygnoujsm%24%29%C3%89wfsz%23tn%C3%BFq%25o%23%3C4%27efmh%7B0%27jsmhw%24ijsjlwkzunj%2F%29sn%21lugn%24wsnyh%7B%25%27Otxjnw%27cjywn%24kjxzuro%7Btiknwmuh%26&d=www.brdy.no HTTP/1.1
Host: yu.imageadvantage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.like.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=iso-8859-1
Content-Length: 1023
Connection: keep-alive
Date: Tue, 06 Sep 2022 17:36:24 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/1/AA/83/196218290CEEC7103EEC7AA2647&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fgxg%25C2%25822up%252BzwuAYbxqw%2529sn%2521xzdkmsu%2525hunhi%25C3%25A6sj%25236%2524Rbrvdwnl%2521u%25C3%25AB%2523%257Bezly%2526lwxlsskw%257D%252AkfxCV%257Dv%25C3%25BFnrk%252F%2529wwjqrh5%2524zvwlh5%2524vh%2525LUR%2524iszq%2523osy%2521mkon%2524mbrooriu%252F%2525Tr%257Bklt%2525hh%257Cxl%2521iov%257Dvplyygnoujsm%2524%2529%25C3%2589wfsz%2523tn%25C3%25BFq%2525o%2523%253C4%2527efmh%257B0%2527jsmhw%2524ijsjlwkzunj%252F%2529sn%2521lugn%2524wsnyh%257B%2525%2527Otxjnw%2527cjywn%2524kjxzuro%257Btiknwmuh%2526&d=www.brdy.no
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: E6OsAG6nAnP48OE4lP2XzcNN3w7-O3NtZP2A7M8RTtP_LhWpaJWFsQ==
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 277466
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 00:48:31 GMT
expires: Sat, 02 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 406073
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
no.like.it/favicon.ico
185.25.205.112200 OK 9.9 kB IP 185.25.205.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8405), with CRLF, LF line terminators
Hash ea61b542d3aa9bd81cf4469dfe2bff63
2f116ac30ba081cf13c0efb670572bd46f72af3f
7453cea63e4df846a8ea66e657330dd45afca14383e0b1c4d824b2441c75a714
GET /favicon.ico HTTP/1.1
Host: no.like.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no.like.it/Search?q=billig%20bredband&country=no&language=no
Cookie: clkmrctrvsprx=http://domainparking.io/out.aspx?keyword=billig+bredband&c=1171&logcookie=23941240
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Sep 2022 17:33:42 GMT
content-length: 9935
X-Firefox-Spdy: h2
mr0.imageadvantage.net/MRH/MediaHandler.php?path=/E/80/05/859E2634573D69A0B9CADF764B8&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fg%257Fw%257D2up%252BzwuAIjqrlpw%257Bf%2525hunhi%25C3%25A6sj%2523%253B493%25253%2523%255Cetnjtorku%2521uxl%257C%2524vh%2525nd%257Cxphmkw%252FhltBYdvqloqojw%2524wsny%2523xk%2527ifywrkofy%2526s%25C3%25AE%2524isjje%25C3%25AErk%2521iku%2529h%257C%2521guu%2529jyb%2525lonvl%2521f%257C%2523mi%2527ty%25C3%25BEu%257Cxl%2521qkynvhoi%25C3%25BEunrl%252F%2525H%257C%257Dx5ot%2526h%257B%2524Upwmh%257C%2524zu%25C3%25BDxv%257Di%2527tfspnrsjltlwkzuokqnw%257Bf%2525lr%257B%2524%257Bkjth%257Cxls%2525oqwiu%2521uku%257Csumnm%2523%25C4%2581ovotsl&d=www.bytt.no
54.230.111.45200 OK 0 B URL HTTP/2 mr0.imageadvantage.net/MRH/MediaHandler.php?path=/E/80/05/859E2634573D69A0B9CADF764B8&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fg%257Fw%257D2up%252BzwuAIjqrlpw%257Bf%2525hunhi%25C3%25A6sj%2523%253B493%25253%2523%255Cetnjtorku%2521uxl%257C%2524vh%2525nd%257Cxphmkw%252FhltBYdvqloqojw%2524wsny%2523xk%2527ifywrkofy%2526s%25C3%25AE%2524isjje%25C3%25AErk%2521iku%2529h%257C%2521guu%2529jyb%2525lonvl%2521f%257C%2523mi%2527ty%25C3%25BEu%257Cxl%2521qkynvhoi%25C3%25BEunrl%252F%2525H%257C%257Dx5ot%2526h%257B%2524Upwmh%257C%2524zu%25C3%25BDxv%257Di%2527tfspnrsjltlwkzuokqnw%257Bf%2525lr%257B%2524%257Bkjth%257Cxls%2525oqwiu%2521uku%257Csumnm%2523%25C4%2581ovotsl&d=www.bytt.no
IP 54.230.111.45:0
GET /MRH/MediaHandler.php?path=/E/80/05/859E2634573D69A0B9CADF764B8&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fg%257Fw%257D2up%252BzwuAIjqrlpw%257Bf%2525hunhi%25C3%25A6sj%2523%253B493%25253%2523%255Cetnjtorku%2521uxl%257C%2524vh%2525nd%257Cxphmkw%252FhltBYdvqloqojw%2524wsny%2523xk%2527ifywrkofy%2526s%25C3%25AE%2524isjje%25C3%25AErk%2521iku%2529h%257C%2521guu%2529jyb%2525lonvl%2521f%257C%2523mi%2527ty%25C3%25BEu%257Cxl%2521qkynvhoi%25C3%25BEunrl%252F%2525H%257C%257Dx5ot%2526h%257B%2524Upwmh%257C%2524zu%25C3%25BDxv%257Di%2527tfspnrsjltlwkzuokqnw%257Bf%2525lr%257B%2524%257Bkjth%257Cxls%2525oqwiu%2521uku%257Csumnm%2523%25C4%2581ovotsl&d=www.bytt.no HTTP/1.1
Host: mr0.imageadvantage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.like.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Tue, 06 Sep 2022 17:36:24 GMT
server: Apache/2.4.18 (Ubuntu)
cache-control: no-cache, no-store
mrhdebug: initialize START w:/MRH/MediaHandler.php?path=/E/80/05/859E2634573D69A0B9CADF764B8&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fg%257Fw%257D2up%252BzwuAIjqrlpw%257Bf%2525hunhi%25C3%25A6sj%2523%253B493%25253%2523%255Cetnjtorku%2521uxl%257C%2524vh%2525nd%257Cxphmkw%252FhltBYdvqloqojw%2524wsny%2523xk%2527ifywrkofy%2526s%25C3%25AE%2524isjje%25C3%25AErk%2521iku%2529h%257C%2521guu%2529jyb%2525lonvl%2521f%257C%2523mi%2527ty%25C3%25BEu%257Cxl%2521qkynvhoi%25C3%25BEunrl%252F%2525H%257C%257Dx5ot%2526h%257B%2524Upwmh%257C%2524zu%25C3%25BDxv%257Di%2527tfspnrsjltlwkzuokqnw%257Bf%2525lr%257B%2524%257Bkjth%257Cxls%2525oqwiu%2521uku%257Csumnm%2523%25C4%2581ovotsl&d=www.bytt.no|| @ 1662485784.403||
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TA5wD9Hbl4pbM50w2gjzkTku61Kp5AuJHty-N-3jzEE6c3eXdheYWQ==
X-Firefox-Spdy: h2
mr0.imageadvantage.net/MRH/MediaHandler.php?path=/1/AA/83/196218290CEEC7103EEC7AA2647&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fgxg%25C2%25822up%252BzwuAYbxqw%2529sn%2521xzdkmsu%2525hunhi%25C3%25A6sj%25236%2524Rbrvdwnl%2521u%25C3%25AB%2523%257Bezly%2526lwxlsskw%257D%252AkfxCV%257Dv%25C3%25BFnrk%252F%2529wwjqrh5%2524zvwlh5%2524vh%2525LUR%2524iszq%2523osy%2521mkon%2524mbrooriu%252F%2525Tr%257Bklt%2525hh%257Cxl%2521iov%257Dvplyygnoujsm%2524%2529%25C3%2589wfsz%2523tn%25C3%25BFq%2525o%2523%253C4%2527efmh%257B0%2527jsmhw%2524ijsjlwkzunj%252F%2529sn%2521lugn%2524wsnyh%257B%2525%2527Otxjnw%2527cjywn%2524kjxzuro%257Btiknwmuh%2526&d=www.brdy.no
54.230.111.45200 OK 0 B URL HTTP/2 mr0.imageadvantage.net/MRH/MediaHandler.php?path=/1/AA/83/196218290CEEC7103EEC7AA2647&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fgxg%25C2%25822up%252BzwuAYbxqw%2529sn%2521xzdkmsu%2525hunhi%25C3%25A6sj%25236%2524Rbrvdwnl%2521u%25C3%25AB%2523%257Bezly%2526lwxlsskw%257D%252AkfxCV%257Dv%25C3%25BFnrk%252F%2529wwjqrh5%2524zvwlh5%2524vh%2525LUR%2524iszq%2523osy%2521mkon%2524mbrooriu%252F%2525Tr%257Bklt%2525hh%257Cxl%2521iov%257Dvplyygnoujsm%2524%2529%25C3%2589wfsz%2523tn%25C3%25BFq%2525o%2523%253C4%2527efmh%257B0%2527jsmhw%2524ijsjlwkzunj%252F%2529sn%2521lugn%2524wsnyh%257B%2525%2527Otxjnw%2527cjywn%2524kjxzuro%257Btiknwmuh%2526&d=www.brdy.no
IP 54.230.111.45:0
GET /MRH/MediaHandler.php?path=/1/AA/83/196218290CEEC7103EEC7AA2647&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fgxg%25C2%25822up%252BzwuAYbxqw%2529sn%2521xzdkmsu%2525hunhi%25C3%25A6sj%25236%2524Rbrvdwnl%2521u%25C3%25AB%2523%257Bezly%2526lwxlsskw%257D%252AkfxCV%257Dv%25C3%25BFnrk%252F%2529wwjqrh5%2524zvwlh5%2524vh%2525LUR%2524iszq%2523osy%2521mkon%2524mbrooriu%252F%2525Tr%257Bklt%2525hh%257Cxl%2521iov%257Dvplyygnoujsm%2524%2529%25C3%2589wfsz%2523tn%25C3%25BFq%2525o%2523%253C4%2527efmh%257B0%2527jsmhw%2524ijsjlwkzunj%252F%2529sn%2521lugn%2524wsnyh%257B%2525%2527Otxjnw%2527cjywn%2524kjxzuro%257Btiknwmuh%2526&d=www.brdy.no HTTP/1.1
Host: mr0.imageadvantage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no.like.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Tue, 06 Sep 2022 17:36:25 GMT
server: Apache/2.4.18 (Ubuntu)
cache-control: no-cache, no-store
mrhdebug: initialize START w:/MRH/MediaHandler.php?path=/1/AA/83/196218290CEEC7103EEC7AA2647&mt=04&pid=9653.100&qs=yvFfpmqoj%2529fyfihdwh-bi%257C%2540%25C2%2580%257B%257E%252Fgxg%25C2%25822up%252BzwuAYbxqw%2529sn%2521xzdkmsu%2525hunhi%25C3%25A6sj%25236%2524Rbrvdwnl%2521u%25C3%25AB%2523%257Bezly%2526lwxlsskw%257D%252AkfxCV%257Dv%25C3%25BFnrk%252F%2529wwjqrh5%2524zvwlh5%2524vh%2525LUR%2524iszq%2523osy%2521mkon%2524mbrooriu%252F%2525Tr%257Bklt%2525hh%257Cxl%2521iov%257Dvplyygnoujsm%2524%2529%25C3%2589wfsz%2523tn%25C3%25BFq%2525o%2523%253C4%2527efmh%257B0%2527jsmhw%2524ijsjlwkzunj%252F%2529sn%2521lugn%2524wsnyh%257B%2525%2527Otxjnw%2527cjywn%2524kjxzuro%257Btiknwmuh%2526&d=www.brdy.no|| @ 1662485784.7549||
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yeN6NrJvpTMkXZ5SANNiGUDgik6bzP2izCx84dYnz4N7U_TLJFL5AA==
X-Firefox-Spdy: h2